last executing test programs:

4m19.012342927s ago: executing program 3 (id=721):
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000280)='hugetlbfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1230023, &(0x7f0000000080)=ANY=[@ANYBLOB])
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000700)={@ifindex, 0x32, 0x4bb11a8cf0efaf80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="3000000020000103000000000000000002000000000000001c80000014001100626f6e643000000000000000000000004f7046f9c0ce6c1f72e2a5c5ba6252ccabc6ab7031e59e90846876c96f8798c4a12cf0a7266c0642571a2bebf68f72df904730c670b3f597ba2f039eadc5f89b1624e7c1bab1c74d1258b82e55f440e64cd6585e02aec4d85e88ce9656df509401aeed237bea32aae6b2a5e2c54a5b34659dc80364edc18df12032a128e770b1d2b06836546336b3f914fbe057211c229cfc81f8b78f164e234443bc706845ef712ae3e33371e10e84847fa933e94e62d645de6827f1ddd1ccfca070f8989f8135ffe457807eadcc760ada978e92e99f5ec7e3df70a495c3ef498d4459ff6678269333f011ce077fe35894885c50"], 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000850)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/12], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xf, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8923, &(0x7f0000000040)={'bond0\x00', 0x1001})
socket$nl_generic(0x10, 0x3, 0x10)

4m18.111477969s ago: executing program 3 (id=726):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x40000000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$MAP_CREATE(0xb00000000000000, &(0x7f0000004080)=@base={0x8, 0x4, 0x4, 0xe02, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

4m17.182716222s ago: executing program 3 (id=732):
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x141040, 0xec)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_open_dev$sg(&(0x7f0000000240), 0x1, 0x204200)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.net/syz1\x00', 0x1ff)
socket$inet6(0xa, 0x3, 0x87)
socket$igmp(0x2, 0x3, 0x2)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x69c780})
io_uring_enter(r4, 0x3516, 0x4, 0x0, 0x0, 0x0)

4m16.123685702s ago: executing program 3 (id=736):
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
mount$9p_fd(0x0, &(0x7f0000000880)='./file1\x00', 0x0, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, 0x0)
sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x24044025}, 0x48844)
writev(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r3 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r3, 0xab00, r4)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000000080)={0x0, 0x7, {<r5=>0xffffffffffffffff}, {}, 0x8})
r6 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x0, r6, 0x0, &(0x7f00000000c0))
kcmp$KCMP_EPOLL_TFD(r5, r6, 0x7, r3, &(0x7f0000000100)={0xffffffffffffffff, r2, 0x1})
r7 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_SOCK(r7, 0xab00, r4)
ioctl$NBD_SET_FLAGS(r7, 0xab0a, 0x1000001000104)
ioctl$NBD_SET_SOCK(r7, 0xab00, r4)
ioctl$NBD_DO_IT(r3, 0xab03)
close_range(r2, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))

4m15.175354573s ago: executing program 3 (id=738):
socket$inet6(0xa, 0x3, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x70bd25, 0x25dfdbff, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_SOCKETS={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x44}}, 0x0)

4m14.8325662s ago: executing program 3 (id=741):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000180), 0x0)
r2 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
io_setup(0xff, &(0x7f0000000380)=<r3=>0x0)
io_submit(r3, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r2, &(0x7f0000000340), 0x41}])
sendmmsg$alg(r2, &(0x7f0000001600)=[{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000003a80)="a9d632c7d826e6953651d2747bf4fd4677", 0x11}], 0x1}], 0x1, 0x80)
r4 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000048000000030a01010000000000000000010000000900010073797a30000000000900030073797a3100000000080007006e617400140004800800014000000000080002400000000014000000020a0108000000000000000000000000140000001100010000000000000000000000000aa089acfedbc544c83528ebf0a4382bf1e4a9e78f12a80560d883fb28c25b29e55700f96cf349149284a59be8cd68897abcdca1ef528b5c13438389f6f89ffb2291154ce4ed3ab5271dab12a98ee4939a50c268de9118a5eba39f0bd23f50829e2efc"], 0xa4}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
capset(&(0x7f0000000880)={0x20080522}, &(0x7f00000008c0))
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$NBD_SET_SOCK(r4, 0xab00, r1)

4m14.817445619s ago: executing program 32 (id=741):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000180), 0x0)
r2 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
io_setup(0xff, &(0x7f0000000380)=<r3=>0x0)
io_submit(r3, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r2, &(0x7f0000000340), 0x41}])
sendmmsg$alg(r2, &(0x7f0000001600)=[{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000003a80)="a9d632c7d826e6953651d2747bf4fd4677", 0x11}], 0x1}], 0x1, 0x80)
r4 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000048000000030a01010000000000000000010000000900010073797a30000000000900030073797a3100000000080007006e617400140004800800014000000000080002400000000014000000020a0108000000000000000000000000140000001100010000000000000000000000000aa089acfedbc544c83528ebf0a4382bf1e4a9e78f12a80560d883fb28c25b29e55700f96cf349149284a59be8cd68897abcdca1ef528b5c13438389f6f89ffb2291154ce4ed3ab5271dab12a98ee4939a50c268de9118a5eba39f0bd23f50829e2efc"], 0xa4}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
capset(&(0x7f0000000880)={0x20080522}, &(0x7f00000008c0))
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$NBD_SET_SOCK(r4, 0xab00, r1)

4.659476881s ago: executing program 2 (id=2097):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = syz_open_dev$vbi(0x0, 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x6})
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x40000000}, 0x0, &(0x7f0000000240)=<r4=>0x0)
syz_io_uring_submit(0x0, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000300))
clock_nanosleep(0x8, 0x0, &(0x7f0000000000)={0x77359400}, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000180)={&(0x7f00000000c0)=[<r6=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r5, 0xc03064b7, &(0x7f0000000100)={r6, 0x0, 0x0, 0x1000000, 0x3, 0x0, 0x7fffffff})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc01c64b9, &(0x7f0000000280)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200), 0x4, r6})
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x418402, 0x1)
rmdir(0x0)

4.249902109s ago: executing program 4 (id=2099):
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) (async)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x2, 0x2, 0xf, 0x6}], 0x10, 0x37, @void, @value}, 0x94) (async, rerun: 32)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (rerun: 32)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 64)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000004c0)={r0}, 0xc)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) (async)
memfd_secret(0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x46, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 32)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/sysvipc/shm\x00', 0x0, 0x0) (rerun: 32)
preadv2(r4, &(0x7f0000000540)=[{&(0x7f0000000340)=""/134, 0x86}], 0x1, 0x8, 0x7, 0x1)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB])
ioctl$VIDIOC_ENUMINPUT(0xffffffffffffffff, 0xc04c561a, &(0x7f0000000380)={0x1, "497aa4ec7afa5ae757b46c4184492f8c3de6b2624e208c9905349b9adfc31671", 0x1, 0x9, 0x2, 0x320000, 0x20800, 0x4}) (async)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
syz_io_uring_setup(0x7934, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000080), &(0x7f0000000000)=<r5=>0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}}) (async)
write$tun(r6, &(0x7f0000000e40)={@val={0x1c, 0x800}, @val={0x2, 0x0, 0x2, 0x7, 0x1, 0x404}, @mpls={[], @ipv4=@udp={{0x5, 0x4, 0x3, 0x27, 0xfc0, 0x65, 0x0, 0xc, 0x11, 0x0, @private=0xa010102, @broadcast}, {0x4e20, 0x4e21, 0xfac, 0x0, @wg=@data={0x4, 0x6, 0x1, "5002ba413428cfd0622da30a5611ec085a11aa7cc3300ff9191fe9b4d713e82240143a07998ce1163cba62fec251629bccf9765a5cf2ea5d4f69ee51217f95d229b36b55f46bf1b368c75e9a8891e4e71925dae83f15732de2e8c2057ddffbc2b89c8186bd0f7dd2ed21184b63dcb752b7f49dc0181788d1f5167538edc6320205183627b3a409961ec56cf9cb8293a27524183052e36a6f6f926e69fe4f251ca94720f61800c668dc91292f0dde3b73a1afc269cb155c0f6c3a3bc5808946c6b00b596a4183b49568964e7ca1517a4a91a548b8f9db749e477b3221205332b8b3a3734e41e0c78d3879f084bdfd045fd2eaf54954bd09ea4a3048c6afb9ac5fd629c9c99fd6dd49ff189cb07a8364a31a3f5646f8ab38f68ebe613f32825b17a1cf8f8de394f3a8a91cfe41eaa44b07033fe44cfc35d2d8c318361159c314f5255e39e507cb15e916dd514f7444a9f0c4caf7f5aa7512b6e1a8671c3aa99d0638fce2b8df3b529716426fd557cef07e4670e1a2a8bb1b7e923656d4a0a402217fac73c6e7a15798e2285ee8145f2e900f12b07905b730507cf3c8f5255c78fa2be7985deb3d4abb6a87d4bcfde52a676f3661feb5d66694ea1ddc35efcaac9bac4af1664717fa23312d1db1637097816f3dfe44733a7c4944e3ca05bb6d9b2cc9debe572788b428392755464221a81490d21bf5c46c549616fb93554adc6e6c8efe44d439c0ec30adee06ddcb779297b19ff1e62d32b77392bfdf07ce9ecbdf96d32aab84daedf7893732b2d6bcb792b6e3e9b17e607200dd163db27e7b9c8b23092f1abc00ff322fbb6d3e322f4b2ad94324e85ed61475709de907eb802dfaf27f0c2b1d794574e485b2be2d27b1f817e279a5e8ee356cb7fff746e940f1319281777a2f89d25738f4351826033fcf1bf607cfb8d1ffa601d17a7f68a93157447a67a4e4f76b9917db8d51860a43921f05d0d8735e6b2ca32d8d529cf9a8e203f1bc1f0d32a954b603693f11a71d64904a0a097ed0e9f039a7660a7796739c99a664b2e87cd09a0eb0dd95874f101151e20e103a92f724baa7905496683d525cb1c834f58ad53128402aa133864f101b51680fe996d0596ae8b38667113e42a30b0a326ae2c71f09e03b815849e85c85de8b2487f8793473bc58530608746a352a322b9246edaa79ce9afab083da6f76195284d7c5ea4a6377821cf8de8e2153a30cc4bf3c1f138e0c4e648b5023473949c504d65670d43346c4e440893e53c7a7705c3adc97de88b541e2eb3447f47176ce74af016196706e068fdc3af9652d54db0e9bcebb16835320eec41199f6213b6f1119f6ad4c417ff8c8fa24107b8f02beb014c6f5816f1302e5218d78ee52e59464da29b03b8b0cd70ae313c99d110311f1abd568cc1997907a69a62682af491f6a6a19cd4d8dd7a503f100493bf8e93ffa4e854d62ab8f648e39c0cfad88beaf7d0a5c1ec04e04761a6ce021fc5b0cb8af27e4b90286879a17f6fe92ad7fa2507d6de62b0c02d4e5f7eff375b23a4336b3ac3c21b25cc8039b74af1d053c5120f698e7dd04a60d23e4d71fef696ebaed8c44c4f5983869554d948b7640c1458a39f676afb1d26d131c03562fba1a64f44adfc44dfa0b65f99aa1f71cf536b159efbdacdc74f5c668bf5d87c06bfea0908a74af349151dead38be2765d2a8513d3ae5b0442cb46d5a0c6ff10c8b752d668d8b5e6b91d2f43d26efac1c285d08a7a79e4932ac806759ec2513be0a6fca60c3eead80e830c024fe0d23e3e49318d3cac3ab7c6a9e9317f8249bfd6bfc17ee0461d6b2e5291b292c0d35926941c9c2b258b9b2f18f39e20188e1a3d39e45ddbdb0b3b0d5c3b74387c18944b1476516367f11d5f3a9ed9212ad699b2c54e45438fa3e803abcdf6a6d46ff05c79549547145a460dc5aed1c9903b2017ab6058516806d180545d0ae576a262f0abbd6cad622151d6081ecf0bd5fd2ce194ccb78f41cbe95b9920eef6c65ecb3b499a6887c4358f9c0b663b8ffa31561522069dcec35aa57564390c0184238f736845024684f5ff99709d4faa5164d49b975b515fc7704c3d33902d2e55d933946d43b323de4fc339ed796d97daf2e00e3d0ce64e1833528bb62c14a44216d082f813d3e0fc55043f15736500139078810396e276e997fc1ffbdbf82dc0abd911fa66c2907fb0f23f46421e324501eb0216b0079d6794e3b2204921e038e00cff6b832aab8e660ef3be19bc1279b8b2656b55857c10ce8deee8a3a68fbb8d4ec4a75744fbe52c88c0e1262e25b6e903bfeb0d543a2f692060c6cbf7b565ad3608938668290729f2e670abbeb1a378c238a167485f2badc17a4e81b04e7bcf2804ebb9c49e5da47cb978e7705de60db9fedf7cf5934b9640a5589baff2daec11b9ea3415f74d313affd636774983831a265f171dc692d45f732015e228e308c8e0afe00ee0c7227b696414d1fd53c8c4d54aac985120131f63e04d1317b74cb2436942abd218e60aa1d81ca81a7cce1d806d012c7b3bff9e195cf046e0f289eda316176a80c1eddac756d18ccf2cd1649074d0cf9b46666a1f5e9a248d3d06d460e2a12a7181fabfabc895e7e43174d0b3fc118f6986567491ffc069acf4b7e6fba6e88221a6c88527c82a2328c97b63fe8616378b19404adb52a3b8ef09101f97cc773889c5ca88396454ec00437fda6ffce162333442374f11e4e43ada47c3e6af02daa050490cfc1927a2eb151571ed4320fd543235b828777f8e54cdd65a234374c409fd919416442a55302e0af3cd1a32857dfe2ec19f4ce12bedfbe673c5d3bbc48ff7e4ba6781ff11b8261ffa6dad577f40acb08e048a430b985c1ef40e6fb3346c86afaf2ada2bcd0d490d51d45a07016f3cce5b6eead42e3c3dfc3185c57f57b1712b990ea69caa9855c715750e677732011e2b0e5783ffd2985075d1e427f4adeb19905798bc31ff802d05117dc8ef42a4d48665d7dd3a29fb11f7d8c7dff28bbe9a858a0554c07d3d6d48fa82896f7bb9a2e88103c057e3c4928d5e5558a6b74c0b7f912d70d5fdf0e4123647d404901ea98cb882963524f0507f45f3178cf0993335e568de075de38cbd2f4c347eeb7ede27f5afbfa75e6863da2944882ce270baf6a94ea5a5453dc186353097bee3631df26ad24befcadd64038743826b8ca7f105323afba2cf56ce2f253d1c1af03dc96ef8e9423d9d874e14d61761e5ccf52969f6fc0aa0e1a6060dc38b65468ff2d754f7b67a1ea7e96ac74c186ffe5ea067be31a5522da1bf581280ace345fa85d0aeb91498c59da11ea7c5650d583e547c879f132971539b5d35b07e7c7914b0fa8d8094abc3e94c42607e54199af828bf866e827fe7b6f8189254d9f45b3e7b4cb3d27a4c45c3072b005f01fd1a3169946a4f52908f84c53923022f24f3fd2da61ace2b41fe02f4c55504d77245869ace55455e6a8a7699d1046b57728113470dd525b5c27afc15da785417ce5625b3f405f02fc2e860d9dc52604f8c133632cb96594cf794ae554d6952bc691184bdfb5766bfbe4c233ab7c3f078b5b59fcedf4027271f367d071ab4ce3807cc6b393ab578208c3d42a2f93b580714c62802ad41e1767a6f7ec8003941484f6f341196eda9221bba4ca2ed27e17e9dedfc7d62070b22c1302998331df64c61633ddf303830a83650ebad9b7c551cd44e04eed27101d22ec1dd629f6ba563a2e90fc4502567ac51a91cf69e26ca756588d7c6842e7142a0bc25b339ae67c431a5dc5a145b5a7f14e49b8a2ca00ec6892f1b5f94a2c1d3526327d53b0b072a23c2df16cdfda38a6d417e3009d6d2cdb6b4fa6b11343d128894858881a9dc4b5a0e3fbddc97ea8a864fb8695ec50aed774a1fd8ac7519b077a6bd03572ab7b8f6435f31a25cc3ca22e585927773b126c109302e3aa3d9fce4e34c73aa0dc71805a65ed304c4a8f53e7d19f9b439f0f2b6e33b3961206537c7eaa5a68d127fe023f746e3095690871bbf9d404e4579e90732c25213f1cfe501d697a0a6747b63da2a95ed72a44206c59086f7b7584b12576190f74e391182d5c3d839b26193c702a1333e58d97d1c830077e36062f70aba22ebd71957dbd1cb099277bdea3f2a73b4293f84c5c3c360426b7dd5ca4b5b0a2c2bad08cd6ff344a295ba31e2050c1ec78387d723c5eb54a60e751afb8983a34883d9a45e824f4e468db090883aec68beeda9f18fb6bd0a4f8c9e2ae673c09688898c61bf0226d04956d369bdd6f807b8b3b432ebd7aa400c6bf6365959ecacf371055c708815c825ea5ae77c4b237c5793fe838ff234776b7d1d881555499928fd6ca82a8a7b702a82f4721851cf58dca73f4f6140282038b47208fd520bf35a2a028962a3881bba14eab9a0f1e30a8bf0cda97ab17e3135115f7496ed211979e9752d99db513d32a7a1ac859042eeb2aadbbcb659adb02876d1651a68a88d2aa3e0703a5fe77c01d8781cb1ab3669fe3482c4b279f79c17ac7faf9f58cd1860318b468fe894f399da9e9bcc06bcbe47fb6be53975a64430402136870ed95a13b66608e905e4bd22189de0b05f3c7ca30ce3ff0c0ae3f86b4d2be75b0da065307561c862c257693ff2c63c92aaa56662e29dd7cc3e271b6bc373737874502713085856f4bf3a1d67e1a6f13d837dbf8c0a3f02f00ae5574655f431ba4a01e866c2b522b0a28ac90cf40ec75450bf47c8d6c9f482b500bb2893e1c98cf5d91978b543b45921c7dedd3c1b9cc0a6484f429bdc6f4d2cc67da15c8c6e6ad7b2ec3aba2b718377a6617db8cb5d3bbef2d7684cee49d69f09de573c6beb9d88473629fc0c0c21fe218855df03e3e4fa9cafc41dbd4710b16ba7195216bd969aa2793c50588484a78bde23c852f42af322e7ae5da43f8896be358a8191f6e6ee6e1e5f4f499506cc4b6a2c6a0292ca4e018a9d420f3f85f598f5350588f0d7cb195f688a263bdaedc5ed9ae2fb06168571649e7ffa379c3622a9c4add88077edb4d1820ffb5b37bf72c9a116056588849317aaaaef7c1ce003e02becfc928ac126c63355ae8d854f593bd506f67c7ca6b2b0c610b434e96dacda559b2ee53b14e737d155388906b9854a11fc0d9f9074fd81cd2cf83f9bf361c44ac36274f6ad534bb057e85cf762f4ec680c3408a98e440a80293dbb73c7ff01de9b30d0b275481bc4c4f518c4421f34515bae743d5ce123ed593b6d4c5a1e5a4cc7d7f145f0ede6d9d6971feaa8dd25cbf40bc7bf79a53e6a0a09c33602d8b0ef733cf9d14c1cacd1237b4e0ae9c3e0dd2c3e178729cd10b93b0bffeea47c63e0fddf1d0b72db3c3e8dc2398f6d619acdad123aac1e251793eb5ee8b5c279ed9a1a829a5ee3add19629c67a103139cc746349a49734ac0cdcedf534c0de03a319d25c8c6461deb6ce00b3c871f1ad25f8c9ddbcf1b73dc9c31744ba887947b47900ee517a1d1bf32627e926f730d6dcdd1bd7b19fe08b5a2a6f2cf4b72dc4f11d957f7613f0ac108a1583fcfed600d9a5e1c4aff8745cdf45ff5ae857ecba3b425c4dfe52bb66badd455bfe5e0e80fbf5ed52853161cd10f28ec977ddc50d37c843152b7a066659d9311d848f1428fb865864a8a79e303082b63"}}}}}, 0xfce)
syz_io_uring_setup(0xa91, &(0x7f00000002c0), &(0x7f0000000040)=<r8=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r8, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x6e6a9ace1e35a607})

3.960118674s ago: executing program 4 (id=2100):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = io_uring_setup(0x1de0, &(0x7f0000000000)={0x0, 0xfffffffe, 0x40, 0x1000})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000080), 0x0)
r2 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x141040, 0xec)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_mtu(r3, 0x0, 0xa, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000140)=[r3, r3], 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000240)=ANY=[@ANYRESDEC], &(0x7f0000000100)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x401, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$sg(&(0x7f0000000380), 0x4, 0x4200)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
quotactl_fd$Q_SETQUOTA(r7, 0xffffffff80000801, 0xee01, &(0x7f00000002c0)={0x8000000000000000, 0x5, 0xd38, 0x10000000, 0x199b7836, 0x1, 0x0, 0x1, 0xa})
write$6lowpan_enable(r0, &(0x7f0000000000)='0', 0xfffffffffffffe1f)
socket$inet(0x2, 0x2, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, 0x0, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0xd, 0xc0800)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYRES16, @ANYRESDEC=0x0, @ANYRESDEC, @ANYRES8, @ANYRES8=0x0, @ANYRESDEC=r5], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x9}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x10}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000766000/0x1000)=nil, 0x1000, 0x13)
mount(&(0x7f0000000000)=@sr0, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000280)='vfat\x00', 0x8007, 0x0)

3.550104384s ago: executing program 2 (id=2103):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000000100))
socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
ioctl$PAGEMAP_SCAN(r1, 0x40305828, &(0x7f0000000380)={0x60, 0x1, &(0x7f0000002000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x4, 0x44, 0x1e})
r4 = openat$audio1(0xffffff9c, &(0x7f0000000400), 0xa1c1, 0x0)
ioctl$SNDCTL_DSP_STEREO(r4, 0xc0045003, &(0x7f0000002900)=0x1)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003240)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000098000000060a010400000000000000000100000008000b400000000070000480340001800b000100657874686472000024000280080001400000000c0800034000000000000007400000000e0500020007000000380001800c0001006269747769736500294002800800034000000002080001400000001408000240000000120c00058008000640000000010900010073797a3000008000140000001100010000000000000000000000000a"], 0x10c}}, 0x0)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c000000080601020000000000000000030000070500010007000000050001000700000005000100070000007f538970b98626869fcb25b2b223e327"], 0x2c}, 0x1, 0x0, 0x0, 0x24000003}, 0x0)
r6 = timerfd_create(0x0, 0x0)
timerfd_settime(r6, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(r6, &(0x7f0000000180)={{}, {0x0, <r7=>0x0}})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000700)={0x98, 0x0, &(0x7f0000000600)=[@reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f00000002c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/213, 0xd5, 0x0, 0x29}, @flat=@weak_handle={0x77682a85, 0x1000}, @fda={0x66646185, 0xa, 0x1, 0x3b}}, &(0x7f00000000c0)={0x0, 0x28, 0x40}}}, @release={0x40046306, 0x3}, @reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000540)={@ptr={0x70742a85, 0x0, &(0x7f0000000480)=""/134, 0x86, 0x2, 0x12}, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/26, 0x1a, 0x0, 0x7}}, &(0x7f00000005c0)={0x0, 0x28, 0x40}}}], 0x24, 0x0, &(0x7f00000006c0)="a38011173fabfbe4382333526af1a78f8f86f6c3ab85bd5d592328b1a687b4d3c45fdcfb"})
r8 = openat$fuse(0xffffff9c, &(0x7f0000000740), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000780)={0x2020, 0x0, <r9=>0x0}, 0x2020)
write$FUSE_GETXATTR(r8, &(0x7f00000027c0)={0x18, 0xfffffffffffffff5, r9, {0xf}}, 0x18)
r10 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00')
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r10, 0x800455d1, &(0x7f00000000c0))
close_range(r10, 0xffffffffffffffff, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000002940)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32=r7, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff58, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r11, 0x0, 0xffffffff}, 0x18)

3.549747152s ago: executing program 0 (id=2104):
mlock2(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x50ff20)
syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00')
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x687f, &(0x7f0000000380)={0x0, 0x1ffffb, 0x1000, 0xffff7ffc, 0x0, 0x0, r1}, &(0x7f0000000180), &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
unshare(0xc000080)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044850}, 0xf942d3a5c2bc9c4f)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x181)
fcntl$setlease(r5, 0x400, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r6, 0x541b, &(0x7f0000000040)={<r7=>0xffffffffffffffff})
r8 = openat$apparmor_thread_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$apparmor_exec(r8, &(0x7f0000000080)=ANY=[], 0xb1)
close_range(r7, 0xffffffffffffffff, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="0f0000000203010200000000000000000000000008000340000000000800010001000000090002000000000000000000"], 0x30}}, 0x0)
socket(0x10, 0x3, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x4, 0x328402)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000001a00010000000000000000008180"], 0x30}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
socket$packet(0x11, 0x3, 0x300)

3.308338886s ago: executing program 2 (id=2105):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32], 0x48)
r0 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r0, 0x8b29, &(0x7f0000000000)={'wlan0\x00', @remote})

3.307782995s ago: executing program 1 (id=2106):
ioperm(0x1000b, 0x7fffffff, 0x6)
rmdir(0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f00000007c0)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e24, @loopback}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000040)='`', 0x1}], 0x1}}], 0x1, 0x2c000011)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs2/custom1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000200)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020)
sendto(r0, &(0x7f00000002c0)="b0bf", 0xfffffffffffffd0c, 0x4040814, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0x13}, 0xb}, 0x1c)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioperm(0x0, 0x6, 0x2da3b9f3)
syz_io_uring_setup(0x466c, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000001340), &(0x7f0000000140))
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r6, 0x0)
pipe(&(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000300)="ec195f364707df125f482a7ccb504f244ceef2e4087394f2b00d09f8f35061d3f513c7247aeb4e7e4337eb504e6b1d510b30df0f1c4a3777e42583d603e0d64c0ea82f8252b886b1579e3acdd64d000000000000", 0x54}], 0x1, 0x3)
close(r8)
socket$can_bcm(0x1d, 0x2, 0x2)
splice(r7, 0x0, r8, 0x0, 0x10500, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.307558333s ago: executing program 2 (id=2107):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x1ffffe, 0x1, 0x0, 0xd8, 0x0, r1}, &(0x7f0000000100), &(0x7f0000000240)=<r3=>0x0)
io_uring_setup(0x1de0, &(0x7f0000000440))
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
getsockopt$X25_QBITINCL(r1, 0x106, 0x1, 0x0, 0x0)
mkdir(&(0x7f0000000280)='./bus\x00', 0xe8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
rename(&(0x7f0000000180)='./file1\x00', &(0x7f0000000200)='./file0\x00')
r4 = mq_open(0x0, 0x40, 0x0, 0x0)
syncfs(r4)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r5, 0x0, 0x0)
write$USERIO_CMD_REGISTER(r5, 0x0, 0x0)
creat(&(0x7f0000001200)='./file0\x00', 0x41)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x7}}, './file0\x00'})
io_setup(0x202, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0)
r6 = io_uring_setup(0x4f93, &(0x7f0000000000)={0x0, 0x40f7ad, 0x2, 0x1000, 0x3b6})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r6, 0xb, &(0x7f0000000080), 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r6, 0xb, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)

2.845057412s ago: executing program 1 (id=2108):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
pipe(&(0x7f0000000140))
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000400)={0x1, &(0x7f0000000000)=[{}]})
r1 = socket(0x10, 0x80003, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1800000016000119"], 0x78}}, 0x0)
recvmmsg(r1, &(0x7f00000019c0)=[{{&(0x7f0000000300)=@caif, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000380)=""/133, 0x85}, {&(0x7f0000000440)=""/187, 0xbb}, {&(0x7f0000000500)=""/252, 0xfc}, {&(0x7f0000000180)=""/10, 0xa}, {&(0x7f0000001a00)=""/109, 0x6d}, {&(0x7f0000000680)=""/76, 0x4c}, {&(0x7f0000000600)=""/107, 0x6b}, {&(0x7f0000000780)=""/33, 0x21}], 0x8, &(0x7f0000000800)=""/107, 0x6b}, 0x9}, {{&(0x7f0000000880)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000001900)=[{&(0x7f0000000900)=""/4096, 0x1000}], 0x1, &(0x7f0000001940)=""/69, 0x45}, 0x66e8}], 0x2, 0x0, 0x0)
ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0xc})

2.84113555s ago: executing program 4 (id=2109):
r0 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000480)={0x6000000, 0x800, 0x8}, 0xc)
r1 = socket$kcm(0x11, 0x3, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x6a)
r7 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r7, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712", 0x15}, {&(0x7f0000000200)="c67f0d7df9", 0x5}], 0x2)
r9 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r9, 0x400, 0x0)
truncate(0x0, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x49)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r10, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

2.83287477s ago: executing program 1 (id=2110):
r0 = openat$incfs(0xffffffffffffffff, &(0x7f0000000780)='.log\x00', 0xc901, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x24, 0x2, 0x1, 0x5, 0x0, 0x0, {0x7, 0x0, 0x5}, [@CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x9}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0xe397}]}, 0x24}}, 0x20010041)
r1 = socket$kcm(0x2b, 0x1, 0x0)
migrate_pages(0x0, 0x9, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x3)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r1, {0x6}}, './file0\x00'})
sendmsg$inet(r2, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x4e20, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000080)}, {&(0x7f0000000100)="af8ecc5c96c15613da13b047875139f03539e66cf998513762cd699d56cec11719140292ee2a191821f7ae7688fdfdd596424a403787495474563a45296da6c08faa2f4b1dd7911c4fc196d24ad13a3043aefc4438e47e17bdb40d0a248c105fd4f889159cf2767f7a41f13fa7", 0x6d}, {&(0x7f0000000180)="b14fc226562d6b5db92c95eadfc9e3856d563fe86e9460c674eac852ec0f698dd8304e51745628fc8e3f256807c1d3556dfa9c774ee95dce8139fb048437ab8dbd68fa8e9e1ea913814bd57af61a3fb169c431fbfd6fccab17276f6238fa53ab6b42e906fd75427cfd100566b910", 0x6e}, {&(0x7f0000000280)="905cdd026072f40376c5171be4c7d020d2c8357da9654eea388bcb2855daf7952a8fa92e797efec408dc914a4459120eb977b116e14d98929c5f66c559f17bd03cbec3a59582f48d27bb2b7fd0aecda2e9c9424b02b6e3cba92aaac597e29e5c1a0eca511bec5d0a443df7e97cc629ab9b348b14cb3adef72b5e6e50f90a090700824b3801acc2d57a8c84f65e9dc692ba5a166c424020acc004629ca0077c54dbe1c42bc292e41b6d385b307fe1dc4355f3091e5fb3e6e042563f4f1a547a3c48ca185403f2bd0662572a7639061fb136f12d86561067", 0xd7}], 0x4}, 0x4000000)
sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
write$binfmt_misc(r2, &(0x7f0000000500)="14f1a772e5c089ea3f43ed6d7be389380f903e18e253b776b7da944c4941865b61175a368d609a769ebe9e1b184b7517073b56b262c9d640718772a110e0b07b03a87715a1118a4a9828388d02fcd21baf72136d7cb68798db183b4c8e20fdd58aa939fb56eaa560f842f688a05232fe712d1514fce061d0e24ff185111bd3f13b494a71bb7d00609515533b5687eb9893db071ce57f9e0a52e64b75ffe97b35d0dc0e683a80ae403d6bdb01a6d67d108528d5ac43567d73b843e98b64e6a2bfb9407b953a55647c6b2a3a475d4d13b87f6626bf8d360bd8ca022612e0fb", 0xde)
ioctl$BLKGETSIZE(r2, 0x1260, &(0x7f0000000740))
sendmsg$kcm(r1, &(0x7f0000002700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="0c00000001397d000a000040"], 0xc}, 0x4000001)
ioctl$SNDCTL_MIDI_PRETIME(r2, 0xc0046d00, &(0x7f00000008c0)=0xf)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), r2)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f00000004c0)={&(0x7f0000000080), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, r3, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="04ddff314c3b"}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x298}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000804}, 0x4024)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000600)={<r4=>0x0, @in={{0x2, 0x4e20, @local}}, 0x2cbc, 0xcf1c}, &(0x7f00000006c0)=0x88)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
msgget(0x3, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched_retired(r6, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x4004091)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x106}}, 0x20)
r7 = eventfd(0x0)
writev(r7, &(0x7f0000000080)=[{&(0x7f0000001100)="02965d1f5ec3de3d", 0x8}, {&(0x7f0000002180)="27a8104ce45cd4d5", 0x8}], 0x2)
readv(r7, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/50, 0x32}], 0x1)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x57, 0x0, 0x0, {0x0, 0x1}, {0x80, 0x2}, @ramp={0x3, 0x6, {0xb9, 0x18, 0x5, 0xfff8}}})
syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f00005f1000/0x6000)=nil, 0x6000, 0x15)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000700)=@sack_info={r4, 0x3, 0xfffffff2}, 0xc)

2.646526719s ago: executing program 1 (id=2111):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = syz_open_dev$vbi(0x0, 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x6})
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x40000000}, 0x0, &(0x7f0000000240)=<r4=>0x0)
syz_io_uring_submit(0x0, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000300))
clock_nanosleep(0x8, 0x0, &(0x7f0000000000)={0x77359400}, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000180)={&(0x7f00000000c0)=[<r6=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r5, 0xc03064b7, &(0x7f0000000100)={r6, 0x0, 0x0, 0x1000000, 0x3, 0x0, 0x7fffffff})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc01c64b9, &(0x7f0000000280)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200), 0x4, r6})
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x418402, 0x1)
rmdir(0x0)

2.596930305s ago: executing program 0 (id=2112):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sync()
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4000004)
syz_usb_control_io(r1, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0xc0145b0e, &(0x7f0000000040))
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x6, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0xfffffffa, 0xffff2d33, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x48000000, 0x3c5b, 0x1, 0x27, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x3, 0x3, 0x107fff, 0x4c74, 0x7fffffff, 0x0, 0xb, 0xa, 0x0, 0x71, 0x7, 0x2000007, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0x6, 0x3, 0x5, 0x4, 0x8, 0x0, 0x7f, 0x0, 0x5, 0x6, 0x8, 0x0, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x10, 0x8, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffe, 0x8, 0x0, 0x3, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x0, 0x8000, 0x9, 0x400, 0x1, 0x6, 0xfffffffd, 0xff, 0x1005, 0x801, 0x8, 0x4, 0x0, 0x106, 0x2, 0x8, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x83, 0x9, 0x5, 0x10003, 0x4, 0x1, 0x7, 0xd, 0x9, 0x48c93690, 0x3, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x387d, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0x7, 0x53cf697b, 0x5, 0x91, 0x54fe12d2, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120001, 0x3, 0x6, 0x9, 0x8, 0x5], [0xd, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x4, 0x6, 0x2, 0x5, 0xce5, 0x1fd, 0x6, 0x5, 0x5, 0x0, 0x101, 0x8, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0xfffffffc, 0x60a7, 0x6, 0x5, 0x1, 0x7ffffffb, 0x5, 0x8, 0xc6, 0x3, 0x3, 0x80ffff, 0x200003, 0x5, 0x80000000, 0x9602, 0xa, 0x2, 0x4, 0x10, 0x9, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x3, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket$rds(0x15, 0x5, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000100)={'syz1\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x4e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xfffffffe]}, 0x45c)
openat$ndctl0(0xffffff9c, 0x0, 0x80000, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$inet(0x2, 0x5, 0x9)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
mq_open(&(0x7f0000000000)='eth0\x00#\x13\xaeu\xe0\xfb\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\xd7\x8a\x8cn\x8c\xbeF\xdb.\x15\xdar,\xf0\x92\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'J\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00'/577, 0x40, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r6)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)

2.348775229s ago: executing program 2 (id=2113):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = openat$binderfs(0xffffff9c, &(0x7f0000000000)='./binderfs/custom0\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x190a, 0x1})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xffffffffffffff2f, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0x21}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="e4000000260001000000000000000000d40000800c000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b50464dad7f2a778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803"], 0xe4}], 0x1}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x8)
sendto$inet(r7, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r7, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0)
sendto$inet(r7, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
setsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, &(0x7f0000001380)=0x5, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000013c0), r0)

1.910053169s ago: executing program 4 (id=2114):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}], 0x0, 0x0, 0x0, 0x0, 0x2}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffe000/0x2000)=nil)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
shmctl$IPC_RMID(0x0, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8)
sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0xffd8)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
sendto$inet6(r5, &(0x7f00000000c0)="aa", 0x1, 0x20000000, &(0x7f0000000100)={0xa, 0x4e21, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7}, 0x1c)
eventfd(0x0)

1.340101382s ago: executing program 1 (id=2115):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockname(r0, 0x0, &(0x7f0000000240))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xffffffffffffff2f, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0x21}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x8)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendto$inet(r3, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r4)
sendmsg$NL80211_CMD_REQ_SET_REG(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x1c, r5, 0x81d, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x44000)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

920.130483ms ago: executing program 4 (id=2116):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x3}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, 0x0, 0x24008011)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000001c0)={{}, 'syz1\x00'})
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x3)
ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_create_resource$binfmt(&(0x7f00000001c0)='./file0\x00')
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r4, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
r5 = userfaultfd(0x801)
r6 = syz_io_uring_setup(0x4172, &(0x7f0000000400)={0x0, 0x0, 0x10100}, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000040)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000340)=@IORING_OP_FSYNC={0x3, 0x14, 0x0, @fd, 0x0, 0x0, 0x0, 0xdce5dbb6586d5d11, 0x1})
io_uring_enter(r6, 0x567, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r9 = userfaultfd(0x801)
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc4})
ioctl$UFFDIO_CONTINUE(r9, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
socket$kcm(0x10, 0x2, 0x0)

379.78228ms ago: executing program 0 (id=2117):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
open(&(0x7f0000000100)='./bus\x00', 0x121040, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./bus\x00', 0x0, 0x1000, 0x0)
unlink(&(0x7f0000000080)='./bus\x00')
listen(r0, 0x101)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x30, 0x0, 0x8, 0x30bd2d, 0x25dfdbfe, {{}, {}, {0x14, 0x19, {0x40000004, 0x0, 0x4, 0x3}}}}, 0xffc3}, 0x1, 0x0, 0x0, 0x48004}, 0x4000000)
socket$inet6(0xa, 0x6, 0x0) (async)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) (async)
open(&(0x7f0000000100)='./bus\x00', 0x121040, 0x0) (async)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./bus\x00', 0x0, 0x1000, 0x0) (async)
unlink(&(0x7f0000000080)='./bus\x00') (async)
listen(r0, 0x101) (async)
socket$inet_dccp(0x2, 0x6, 0x0) (async)
setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) (async)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) (async)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x30, 0x0, 0x8, 0x30bd2d, 0x25dfdbfe, {{}, {}, {0x14, 0x19, {0x40000004, 0x0, 0x4, 0x3}}}}, 0xffc3}, 0x1, 0x0, 0x0, 0x48004}, 0x4000000) (async)

379.20151ms ago: executing program 2 (id=2118):
socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000300))
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
getdents64(r0, &(0x7f0000000340)=""/79, 0x4f)
getdents(r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@deltaction={0x0, 0x31, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@TCA_ACT_TAB={0x0, 0x1, [{0x0, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x5}}, {0x0, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'bpf\x00'}}, {0x0, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x2}}, {0x0, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'tunnel_key\x00'}}, {0x0, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX}]}, @TCA_ACT_TAB={0x0, 0x1, [{0x0, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'bpf\x00'}}, {0x0, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'gact\x00'}}, {0x0, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x5}}, {0x0, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x338}}, {0x0, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'gact\x00'}}, {0x0, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'bpf\x00'}}, {0x0, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x3}}, {0x0, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x80}}]}, @TCA_ACT_TAB={0x0, 0x1, [{0x0, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'nat\x00'}}, {0x0, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'vlan\x00'}}]}, @TCA_ACT_TAB={0x0, 0x1, [{0x0, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'xt\x00'}}, {0x0, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'xt\x00'}}, {0x0, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x9}}]}, @TCA_ACT_TAB={0x0, 0x1, [{0x0, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'connmark\x00'}}, {0x0, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x6}}]}, @TCA_ACT_TAB={0x0, 0x1, [{0x0, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'connmark\x00'}}, {0x0, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'mirred\x00'}}, {0x0, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'skbmod\x00'}}, {0x0, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x800000}}, {0x0, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'vlan\x00'}}, {0x0, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'ife\x00'}}, {0x0, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x2}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_init_net_socket$ax25(0x3, 0x5, 0x6)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x0, 0x22, 0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ptype\x00')
read$msr(r4, &(0x7f0000000040)=""/59, 0xffb5)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @remote}, @IFLA_BR_AGEING_TIME={0x8, 0x9}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r5, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, 0x0, 0x800, 0x70bd2b, 0x25dfdbff, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)

378.900835ms ago: executing program 0 (id=2119):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
unshare(0x4000400)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000300)}, 0x20)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0604250c"], 0x9)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r4=>r0, {0x1}}, './file0\x00'})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000026c0)={0xffffffffffffffff, 0xe0, &(0x7f00000025c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000002380)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000023c0), &(0x7f0000002400)=[0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x4d, &(0x7f0000002440)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000002480), &(0x7f00000024c0), 0x8, 0xee, 0x8, 0x8, &(0x7f0000002500)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000002700)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x10, 0x10, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}, [@exit, @map_idx_val={0x18, 0x3, 0x6, 0x0, 0x10}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xc}, @alu={0x4, 0x1, 0x5, 0x3, 0x1, 0xc, 0x1}, @alu={0x0, 0x1, 0xa, 0xa, 0x3, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @ldst={0x3, 0x3, 0x2, 0x8, 0x8, 0xfffffffffffffff4, 0xffffffffffffffff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_val={0x18, 0x6, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0x1}]}, &(0x7f0000000480)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x13, r4, 0x8, &(0x7f0000000580)={0x7, 0x1}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x9, 0x18, 0x4}, 0x10, r5, r2, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="00000000000009000000000000000000e6ffff7f", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r6, 0x0, 0x0}, 0x20)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_TPROXY_FAMILY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r0}, 0x10)
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x28}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r11, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000008c0)=@newqdisc={0x4c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=@newqdisc={0x24, 0x25, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000940), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r12=>0xffffffffffffffff, {0x7}}, './file0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r12}, 0x18)

269.809588ms ago: executing program 0 (id=2120):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
pipe(&(0x7f0000000140))
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000400)={0x1, &(0x7f0000000000)=[{}]}) (fail_nth: 3)
r1 = socket(0x10, 0x80003, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1800000016000119"], 0x78}}, 0x0)
recvmmsg(r1, &(0x7f00000019c0)=[{{&(0x7f0000000300)=@caif, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000380)=""/133, 0x85}, {&(0x7f0000000440)=""/187, 0xbb}, {&(0x7f0000000500)=""/252, 0xfc}, {&(0x7f0000000180)=""/10, 0xa}, {&(0x7f0000001a00)=""/109, 0x6d}, {&(0x7f0000000680)=""/76, 0x4c}, {&(0x7f0000000600)=""/107, 0x6b}, {&(0x7f0000000780)=""/33, 0x21}], 0x8, &(0x7f0000000800)=""/107, 0x6b}, 0x9}, {{&(0x7f0000000880)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000001900)=[{&(0x7f0000000900)=""/4096, 0x1000}], 0x1, &(0x7f0000001940)=""/69, 0x45}, 0x66e8}], 0x2, 0x0, 0x0)
ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0xc})

189.796919ms ago: executing program 0 (id=2121):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x1a, 0x0, &(0x7f0000000040))
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x3b53, &(0x7f0000006180)={0x0, 0x1ffffc, 0x10100, 0x3, 0x40000000}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_READV=@pass_iovec={0x1, 0x44, 0x6000, @fd_index=0x8, 0x401, &(0x7f00000000c0), 0x0, 0x14, 0x0, {0x0, r6}})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x4380000, @remote}, 0x1c)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x8854)
fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_GET_EVENT(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r7, &(0x7f0000002140)={0x2020, 0x0, <r8=>0x0}, 0x2020)
syz_fuse_handle_req(r7, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x1, 0x0, 0x8, 0x100, 0x0, {0x0, 0x0, 0x0, 0xffff, 0x36c, 0x0, 0x4, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r7, &(0x7f0000000440)={0x50, 0x0, r8}, 0x50)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r9, 0x922, 0x0)

189.32488ms ago: executing program 1 (id=2122):
r0 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000480)={0x6000000, 0x800, 0x8}, 0xc)
r1 = socket$kcm(0x11, 0x3, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x6a)
r7 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r7, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712", 0x15}, {&(0x7f0000000200)="c67f0d7df9", 0x5}], 0x2)
r9 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r9, 0x400, 0x0)
truncate(0x0, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x49)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r10, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

0s ago: executing program 4 (id=2123):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = syz_open_dev$vbi(0x0, 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x6})
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x40000000}, 0x0, &(0x7f0000000240)=<r4=>0x0)
syz_io_uring_submit(0x0, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0), 0x4)
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000300))
clock_nanosleep(0x8, 0x0, &(0x7f0000000000)={0x77359400}, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000180)={&(0x7f00000000c0)=[<r6=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r5, 0xc03064b7, &(0x7f0000000100)={r6, 0x0, 0x0, 0x1000000, 0x3, 0x0, 0x7fffffff})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r5, 0xc01c64b9, &(0x7f0000000280)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200), 0x4, r6})
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x418402, 0x1)
rmdir(0x0)

kernel console output (not intermixed with test programs):

19.848051][T11600]  ? mark_reg_known_zero+0xda/0x670
[  319.849528][T11600]  ? tnum_const+0x11/0x20
[  319.850707][T11600]  ? mark_reg_known_zero+0xda/0x670
[  319.852123][T11600]  do_check_common+0x8983/0xd580
[  319.853567][T11600]  ? lockdep_hardirqs_on+0x7c/0x110
[  319.855042][T11600]  ? kfree+0x14f/0x4b0
[  319.856227][T11600]  ? __pfx_do_check_common+0x10/0x10
[  319.857739][T11600]  ? kvfree+0x47/0x50
[  319.858903][T11600]  ? check_cfg+0x403/0x8e0
[  319.860192][T11600]  bpf_check+0x83ed/0xc870
[  319.861514][T11600]  ? hlock_class+0x4e/0x130
[  319.862949][T11600]  ? __pfx_bpf_check+0x10/0x10
[  319.864341][T11600]  ? find_held_lock+0x2d/0x110
[  319.865742][T11600]  ? bpf_prog_load+0xd45/0x2670
[  319.867157][T11600]  ? __pfx_lock_release+0x10/0x10
[  319.868609][T11600]  ? trace_lock_acquire+0x14e/0x1f0
[  319.870107][T11600]  ? bpf_prog_load+0xd45/0x2670
[  319.871520][T11600]  ? lockdep_hardirqs_on+0x7c/0x110
[  319.873112][T11600]  ? read_tsc+0x9/0x20
[  319.874299][T11600]  ? ktime_get_with_offset+0x20f/0x3a0
[  319.875880][T11600]  ? bpf_obj_name_cpy+0x156/0x1b0
[  319.877336][T11600]  bpf_prog_load+0xe3f/0x2670
[  319.878710][T11600]  ? __pfx_bpf_prog_load+0x10/0x10
[  319.880176][T11600]  ? find_held_lock+0x2d/0x110
[  319.881475][T11600]  ? __might_fault+0x13b/0x190
[  319.883259][T11600]  ? __might_fault+0xe3/0x190
[  319.884773][T11600]  __sys_bpf+0x5677/0x57a0
[  319.886072][T11600]  ? __pfx_lock_release+0x10/0x10
[  319.887526][T11600]  ? __pfx___sys_bpf+0x10/0x10
[  319.888895][T11600]  ? vfs_write+0x306/0x1150
[  319.890158][T11600]  ? __mutex_unlock_slowpath+0x164/0x690
[  319.891667][T11600]  ? fput+0x67/0x440
[  319.892765][T11600]  ? ksys_write+0x1ba/0x250
[  319.894047][T11600]  ? __pfx_ksys_write+0x10/0x10
[  319.895409][T11600]  __ia32_sys_bpf+0x76/0xe0
[  319.896687][T11600]  __do_fast_syscall_32+0x73/0x120
[  319.898143][T11600]  do_fast_syscall_32+0x32/0x80
[  319.899577][T11600]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  319.901358][T11600] RIP: 0023:0xf7f78579
[  319.902529][T11600] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  319.907895][T11600] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  319.910142][T11600] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000300
[  319.912378][T11600] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  319.914643][T11600] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  319.916818][T11600] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  319.919013][T11600] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  319.921203][T11600]  </TASK>
[  319.949281][   T39] audit: type=1326 audit(1737176626.718:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  319.955496][   T39] audit: type=1326 audit(1737176626.718:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  319.961527][   T39] audit: type=1326 audit(1737176626.718:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  319.968031][   T39] audit: type=1326 audit(1737176626.718:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  319.974351][   T39] audit: type=1326 audit(1737176626.718:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  319.980357][   T39] audit: type=1326 audit(1737176626.718:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  319.986556][   T39] audit: type=1326 audit(1737176626.718:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  319.992861][   T39] audit: type=1326 audit(1737176626.718:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  319.999144][   T39] audit: type=1326 audit(1737176626.718:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  320.005632][   T39] audit: type=1326 audit(1737176626.718:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11603 comm="syz.4.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  320.071890][   T25] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  320.241872][   T25] usb 5-1: Using ep0 maxpacket: 8
[  320.244589][   T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  320.247552][   T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  320.250172][   T25] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  320.253591][   T25] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  320.256816][   T25] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  320.259416][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.264021][   T25] hub 5-1:1.0: bad descriptor, ignoring hub
[  320.266852][   T25] hub 5-1:1.0: probe with driver hub failed with error -5
[  320.269091][   T25] cdc_wdm 5-1:1.0: skipping garbage
[  320.270670][   T25] cdc_wdm 5-1:1.0: skipping garbage
[  320.274183][   T25] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  320.276657][   T25] cdc_wdm 5-1:1.0: Unknown control protocol
[  320.587654][   T25] usb 5-1: USB disconnect, device number 16
[  320.916317][   T25] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  321.102271][   T25] usb 5-1: Using ep0 maxpacket: 8
[  321.105008][   T25] usb 5-1: config 2 has an invalid interface number: 31 but max is 0
[  321.107364][   T25] usb 5-1: config 2 has no interface number 0
[  321.109139][   T25] usb 5-1: config 2 interface 31 has no altsetting 0
[  321.137074][   T25] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  321.139723][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.142011][   T25] usb 5-1: Product: syz
[  321.143304][   T25] usb 5-1: Manufacturer: syz
[  321.144640][   T25] usb 5-1: SerialNumber: syz
[  321.149046][   T25] ch9200 5-1:2.31: probe with driver ch9200 failed with error -22
[  321.265595][T11616] tmpfs: Bad value for 'mpol'
[  321.358144][   T25] usb 5-1: USB disconnect, device number 17
[  322.121963][   T25] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  322.282160][   T25] usb 9-1: Using ep0 maxpacket: 8
[  322.285765][   T25] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  322.289396][   T25] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  322.296394][   T25] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  322.300399][   T25] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  322.306538][   T25] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  322.309391][   T25] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.552294][   T25] usb 9-1: GET_CAPABILITIES returned 0
[  322.553918][   T25] usbtmc 9-1:16.0: can't read capabilities
[  323.102468][T11652] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  323.163893][T11657] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1613'.
[  323.274400][T11657] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1613'.
[  323.411672][T11660] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1614'.
[  323.414982][T11660] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1614'.
[  324.030398][ T6509] usb 9-1: USB disconnect, device number 9
[  324.297966][T11682] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  324.741900][T11667] ALSA: mixer_oss: invalid OSS volume '¢¢'
[  324.909454][T11701] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  324.913078][T11701] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  326.351980][   T25] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  326.501949][   T25] usb 9-1: Using ep0 maxpacket: 8
[  326.505570][   T25] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  326.509507][   T25] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  326.672895][   T25] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  326.675794][   T25] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  326.679439][   T25] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  326.704726][   T25] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.922200][   T25] usb 9-1: GET_CAPABILITIES returned 0
[  326.924312][   T25] usbtmc 9-1:16.0: can't read capabilities
[  327.563100][   T63] usb 9-1: USB disconnect, device number 10
[  328.433365][T11771] FAULT_INJECTION: forcing a failure.
[  328.433365][T11771] name failslab, interval 1, probability 0, space 0, times 0
[  328.437258][T11771] CPU: 2 UID: 0 PID: 11771 Comm: syz.1.1644 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  328.440266][T11771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  328.443370][T11771] Call Trace:
[  328.444302][T11771]  <TASK>
[  328.445216][T11771]  dump_stack_lvl+0x16c/0x1f0
[  328.446579][T11771]  should_fail_ex+0x497/0x5b0
[  328.447916][T11771]  should_failslab+0xc2/0x120
[  328.449236][T11771]  __kmalloc_noprof+0xce/0x4f0
[  328.450611][T11771]  ? io_cqring_event_overflow+0xcb/0x6f0
[  328.452268][T11771]  io_cqring_event_overflow+0xcb/0x6f0
[  328.454299][T11771]  __io_submit_flush_completions+0xf1a/0x1fd0
[  328.456506][T11771]  ? io_issue_sqe+0x1d3/0x1360
[  328.458241][T11771]  io_submit_sqes+0xa13/0x25f0
[  328.460070][T11771]  __do_sys_io_uring_enter+0xd43/0x1620
[  328.462169][T11771]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  328.464396][T11771]  ? ksys_write+0x1ba/0x250
[  328.466103][T11771]  ? __secure_computing+0x273/0x3f0
[  328.468043][T11771]  __do_fast_syscall_32+0x73/0x120
[  328.469901][T11771]  do_fast_syscall_32+0x32/0x80
[  328.471635][T11771]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  328.473916][T11771] RIP: 0023:0xf7f92579
[  328.475414][T11771] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  328.482194][T11771] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  328.485142][T11771] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000055
[  328.487938][T11771] RDX: 0000000000084a23 RSI: 000000000000000f RDI: 0000000000000000
[  328.490718][T11771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  328.493262][T11771] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  328.495550][T11771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  328.497856][T11771]  </TASK>
[  328.498864][    C2] vkms_vblank_simulate: vblank timer overrun
[  328.551935][ T6509] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  328.731838][ T6509] usb 5-1: Using ep0 maxpacket: 8
[  328.735734][ T6509] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  328.739338][ T6509] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  329.257466][ T6509] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  329.264735][ T6509] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  329.268581][ T6509] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  329.271232][ T6509] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.486561][ T6509] usb 5-1: GET_CAPABILITIES returned 0
[  329.488203][ T6509] usbtmc 5-1:16.0: can't read capabilities
[  330.378355][T11792] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  330.441662][ T1328] usb 5-1: USB disconnect, device number 18
[  331.152405][T11802] af_packet: tpacket_rcv: packet too big, clamped from 112 to 4294967272. macoff=96
[  331.888288][T11816] usb usb7: usbfs: process 11816 (syz.4.1657) did not claim interface 0 before use
[  331.891145][T11816] usb usb7: selecting invalid altsetting 6
[  331.941927][   T57] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  331.945571][   T39] kauditd_printk_skb: 20 callbacks suppressed
[  331.945584][   T39] audit: type=1326 audit(1737176638.718:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  331.962681][   T39] audit: type=1326 audit(1737176638.728:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=132 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  331.969917][   T39] audit: type=1326 audit(1737176638.728:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  331.976972][   T39] audit: type=1326 audit(1737176638.728:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  331.983356][   T39] audit: type=1326 audit(1737176638.728:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  331.995047][   T39] audit: type=1326 audit(1737176638.728:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  332.013967][   T39] audit: type=1326 audit(1737176638.728:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  332.021077][   T39] audit: type=1326 audit(1737176638.728:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  332.027458][   T39] audit: type=1326 audit(1737176638.778:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  332.033692][   T39] audit: type=1326 audit(1737176638.778:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11819 comm="syz.4.1659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  332.102033][   T57] usb 6-1: Using ep0 maxpacket: 32
[  332.319154][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  332.329137][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  332.331932][   T57] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  332.335584][   T57] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  332.338037][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.353979][   T57] usb 6-1: config 0 descriptor??
[  332.712213][T11171] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  332.767316][   T57] usbhid 6-1:0.0: can't add hid device: -71
[  332.769090][   T57] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  332.779837][   T57] usb 6-1: USB disconnect, device number 18
[  332.933767][T11171] usb 9-1: Using ep0 maxpacket: 8
[  332.938376][T11171] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  332.941077][T11171] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  332.945766][T11171] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  332.952762][T11171] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  332.962879][T11171] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  332.966921][T11171] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.224229][T11171] usb 9-1: GET_CAPABILITIES returned 0
[  333.225866][T11171] usbtmc 9-1:16.0: can't read capabilities
[  334.915479][ T1328] usb 9-1: USB disconnect, device number 11
[  335.600126][T11867] overlayfs: failed to resolve './file0': -2
[  335.906744][T11881] FAULT_INJECTION: forcing a failure.
[  335.906744][T11881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.910927][T11881] CPU: 0 UID: 0 PID: 11881 Comm: syz.0.1675 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  335.913997][T11881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  335.917661][T11881] Call Trace:
[  335.918914][T11881]  <TASK>
[  335.920024][T11881]  dump_stack_lvl+0x16c/0x1f0
[  335.921797][T11881]  should_fail_ex+0x497/0x5b0
[  335.923570][T11881]  _copy_to_user+0x32/0xd0
[  335.925265][T11881]  bpf_test_finish.isra.0+0x55f/0x680
[  335.927283][T11881]  ? find_held_lock+0x2d/0x110
[  335.929078][T11881]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  335.931260][T11881]  ? bpf_test_timer_leave+0xb3/0x170
[  335.933225][T11881]  ? read_tsc+0x9/0x20
[  335.934761][T11881]  bpf_prog_test_run_flow_dissector+0x526/0x700
[  335.937077][T11881]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[  335.939569][T11881]  ? __pfx_lock_release+0x10/0x10
[  335.941435][T11881]  ? trace_lock_acquire+0x14e/0x1f0
[  335.943384][T11881]  ? lock_acquire+0x2f/0xb0
[  335.945079][T11881]  ? __fget_files+0x40/0x3a0
[  335.946821][T11881]  ? __fget_files+0x206/0x3a0
[  335.948563][T11881]  ? fput+0x67/0x440
[  335.950033][T11881]  ? __bpf_prog_get+0xa0/0x290
[  335.951828][T11881]  ? __pfx_bpf_prog_test_run_flow_dissector+0x10/0x10
[  335.954301][T11881]  __sys_bpf+0x1921/0x57a0
[  335.955854][T11881]  ? __pfx_lock_release+0x10/0x10
[  335.957297][T11881]  ? __pfx___sys_bpf+0x10/0x10
[  335.958856][T11881]  ? vfs_write+0x306/0x1150
[  335.960193][T11881]  ? __mutex_unlock_slowpath+0x164/0x690
[  335.961856][T11881]  ? fput+0x67/0x440
[  335.963034][T11881]  ? ksys_write+0x1ba/0x250
[  335.964366][T11881]  ? __pfx_ksys_write+0x10/0x10
[  335.965891][T11881]  __ia32_sys_bpf+0x76/0xe0
[  335.967616][T11881]  __do_fast_syscall_32+0x73/0x120
[  335.969531][T11881]  do_fast_syscall_32+0x32/0x80
[  335.971360][T11881]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  335.973640][T11881] RIP: 0023:0xf708e579
[  335.975176][T11881] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  335.982282][T11881] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  335.985356][T11881] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240
[  335.988242][T11881] RDX: 000000000000004c RSI: 0000000000000000 RDI: 0000000000000000
[  335.991169][T11881] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  335.994066][T11881] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  335.996462][T11881] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  335.998738][T11881]  </TASK>
[  336.009042][T11879] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1674'.
[  336.755962][T11902] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1680'.
[  337.042061][T11904] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1681'.
[  339.850032][T11946] tap0: tun_chr_ioctl cmd 1074025675
[  339.851614][T11946] tap0: persist enabled
[  339.853279][T11946] tap0: tun_chr_ioctl cmd 1074025675
[  339.854850][T11946] tap0: persist disabled
[  340.050725][T11949] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1692'.
[  341.151905][   T25] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  341.213149][T11976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1700'.
[  341.218889][T11976] ipvlan2: entered promiscuous mode
[  341.221486][T11976] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  341.301949][   T25] usb 5-1: Using ep0 maxpacket: 8
[  341.305164][   T25] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  341.307926][   T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  341.310704][   T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  341.322529][   T25] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  341.326249][   T25] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  341.328852][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.441738][T11983] FAULT_INJECTION: forcing a failure.
[  341.441738][T11983] name failslab, interval 1, probability 0, space 0, times 0
[  341.445524][T11983] CPU: 3 UID: 0 PID: 11983 Comm: syz.1.1702 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  341.448662][T11983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  341.451858][T11983] Call Trace:
[  341.452811][T11983]  <TASK>
[  341.453652][T11983]  dump_stack_lvl+0x16c/0x1f0
[  341.455059][T11983]  should_fail_ex+0x497/0x5b0
[  341.456419][T11983]  ? fs_reclaim_acquire+0xae/0x150
[  341.457893][T11983]  should_failslab+0xc2/0x120
[  341.459268][T11983]  __kmalloc_cache_noprof+0x68/0x420
[  341.460816][T11983]  rtnl_newlink+0x108/0x1d70
[  341.462162][T11983]  ? hlock_class+0x4e/0x130
[  341.463482][T11983]  ? __lock_acquire+0xcc5/0x3c40
[  341.464954][T11983]  ? __pfx_rtnl_newlink+0x10/0x10
[  341.466410][T11983]  ? __pfx___lock_acquire+0x10/0x10
[  341.467886][T11983]  ? kmem_cache_free+0x152/0x4c0
[  341.469312][T11983]  ? aa_get_newest_label+0x376/0x680
[  341.470865][T11983]  ? find_held_lock+0x2d/0x110
[  341.472209][T11983]  ? find_held_lock+0x2d/0x110
[  341.473734][T11983]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  341.475255][T11983]  ? __pfx_lock_release+0x10/0x10
[  341.476679][T11983]  ? trace_lock_acquire+0x14e/0x1f0
[  341.478166][T11983]  ? __pfx_rtnl_newlink+0x10/0x10
[  341.479600][T11983]  rtnetlink_rcv_msg+0x95b/0xea0
[  341.481036][T11983]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  341.482586][T11983]  ? __pfx___dev_queue_xmit+0x10/0x10
[  341.484094][T11983]  netlink_rcv_skb+0x165/0x410
[  341.485489][T11983]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  341.487048][T11983]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  341.488534][T11983]  ? netlink_deliver_tap+0x1ae/0xca0
[  341.490022][T11983]  netlink_unicast+0x53c/0x7f0
[  341.491407][T11983]  ? __pfx_netlink_unicast+0x10/0x10
[  341.492915][T11983]  ? __phys_addr_symbol+0x30/0x80
[  341.494334][T11983]  ? __check_object_size+0x488/0x710
[  341.495901][T11983]  netlink_sendmsg+0x8b8/0xd70
[  341.497250][T11983]  ? __pfx_netlink_sendmsg+0x10/0x10
[  341.498765][T11983]  ____sys_sendmsg+0x9ae/0xb40
[  341.500120][T11983]  ? __pfx_____sys_sendmsg+0x10/0x10
[  341.501714][T11983]  ? get_compat_msghdr+0x11b/0x170
[  341.503181][T11983]  ___sys_sendmsg+0x135/0x1e0
[  341.504584][T11983]  ? __pfx____sys_sendmsg+0x10/0x10
[  341.506130][T11983]  ? __pfx_lock_release+0x10/0x10
[  341.507600][T11983]  ? trace_lock_acquire+0x14e/0x1f0
[  341.509104][T11983]  ? __fget_files+0x206/0x3a0
[  341.510463][T11983]  __sys_sendmsg+0x16e/0x220
[  341.511858][T11983]  ? __pfx___sys_sendmsg+0x10/0x10
[  341.513329][T11983]  __do_fast_syscall_32+0x73/0x120
[  341.514790][T11983]  do_fast_syscall_32+0x32/0x80
[  341.516170][T11983]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  341.517991][T11983] RIP: 0023:0xf7f92579
[  341.519168][T11983] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  341.525364][T11983] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  341.527765][T11983] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000020000000
[  341.529991][T11983] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  341.532266][T11983] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  341.534523][T11983] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  341.536828][T11983] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  341.539100][T11983]  </TASK>
[  341.545538][   T25] usb 5-1: GET_CAPABILITIES returned 0
[  341.547182][   T25] usbtmc 5-1:16.0: can't read capabilities
[  342.134405][T10101] usb 5-1: USB disconnect, device number 19
[  342.730099][T12026] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1715'.
[  342.738467][T12026] vlan0: entered promiscuous mode
[  342.740001][T12026] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  343.165413][T12051] lo speed is unknown, defaulting to 1000
[  343.168774][T12051] lo speed is unknown, defaulting to 1000
[  343.172506][T12051] lo speed is unknown, defaulting to 1000
[  343.177989][T12051] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  343.199859][T12051] lo speed is unknown, defaulting to 1000
[  343.214302][T12051] lo speed is unknown, defaulting to 1000
[  343.217834][T12051] lo speed is unknown, defaulting to 1000
[  343.221498][T12051] lo speed is unknown, defaulting to 1000
[  343.243846][T12051] lo speed is unknown, defaulting to 1000
[  343.492189][T12060] FAULT_INJECTION: forcing a failure.
[  343.492189][T12060] name failslab, interval 1, probability 0, space 0, times 0
[  343.495861][T12060] CPU: 3 UID: 0 PID: 12060 Comm: syz.4.1727 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  343.498889][T12060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  343.501868][T12060] Call Trace:
[  343.502873][T12060]  <TASK>
[  343.503733][T12060]  dump_stack_lvl+0x16c/0x1f0
[  343.505017][T12060]  should_fail_ex+0x497/0x5b0
[  343.506290][T12060]  ? fs_reclaim_acquire+0xae/0x150
[  343.507719][T12060]  should_failslab+0xc2/0x120
[  343.509063][T12060]  __kmalloc_cache_noprof+0x68/0x420
[  343.510558][T12060]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  343.511910][   T63] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  343.512243][T12060]  resv_map_alloc+0x46/0x400
[  343.516243][T12060]  hugetlbfs_get_inode+0x343/0x740
[  343.517699][T12060]  hugetlb_file_setup+0x15b/0x620
[  343.519138][T12060]  ksys_mmap_pgoff+0x189/0x5c0
[  343.520481][T12060]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  343.522056][T12060]  __do_fast_syscall_32+0x73/0x120
[  343.523832][T12060]  do_fast_syscall_32+0x32/0x80
[  343.525384][T12060]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  343.527337][T12060] RIP: 0023:0xf7f78579
[  343.528564][T12060] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  343.534369][T12060] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  343.536879][T12060] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000400000
[  343.539222][T12060] RDX: 0000000003000003 RSI: 000000000006c832 RDI: 00000000ffffffff
[  343.541541][T12060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  343.543852][T12060] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  343.546191][T12060] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  343.548456][T12060]  </TASK>
[  343.601148][T12066] netlink: 'syz.4.1729': attribute type 1 has an invalid length.
[  343.611584][T12066] 8021q: adding VLAN 0 to HW filter on device bond1
[  343.621255][T12066] bond1: (slave bridge1): making interface the new active one
[  343.624875][T12066] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  343.634777][T12066] vlan2: entered promiscuous mode
[  343.636301][T12066] bond1: entered promiscuous mode
[  343.637738][T12066] bridge1: entered promiscuous mode
[  343.639379][T12066] vlan2: entered allmulticast mode
[  343.640867][T12066] bond1: entered allmulticast mode
[  343.642540][T12066] bridge1: entered allmulticast mode
[  343.665478][   T63] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  343.668135][   T63] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.670419][   T63] usb 5-1: Product: syz
[  343.671677][   T63] usb 5-1: Manufacturer: syz
[  343.673259][   T63] usb 5-1: SerialNumber: syz
[  343.677064][   T63] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  343.692098][   T63] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  344.081960][T12056] overlayfs: failed to resolve './file1': -2
[  344.131028][   T25] usb 5-1: USB disconnect, device number 20
[  344.805711][   T63] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  344.807787][   T63] ath9k_htc: Failed to initialize the device
[  344.811074][   T25] usb 5-1: ath9k_htc: USB layer deinitialized
[  344.826368][   T39] kauditd_printk_skb: 26 callbacks suppressed
[  344.826377][   T39] audit: type=1326 audit(1737176651.598:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.0.1734" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708e579 code=0x0
[  345.958578][T12099] syz.4.1738: attempt to access beyond end of device
[  345.958578][T12099] nbd4: rw=0, sector=64, nr_sectors = 2 limit=0
[  345.963508][T12099] syz.4.1738: attempt to access beyond end of device
[  345.963508][T12099] nbd4: rw=0, sector=512, nr_sectors = 2 limit=0
[  345.967685][T12099] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  345.971052][T12099] syz.4.1738: attempt to access beyond end of device
[  345.971052][T12099] nbd4: rw=0, sector=1024, nr_sectors = 2 limit=0
[  345.978096][T12099] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  345.981400][T12099] UDF-fs: warning (device nbd4): udf_load_vrs: No anchor found
[  345.986533][T12099] UDF-fs: Scanning with blocksize 1024 failed
[  345.989179][T12099] syz.4.1738: attempt to access beyond end of device
[  345.989179][T12099] nbd4: rw=0, sector=64, nr_sectors = 4 limit=0
[  345.993061][T12099] syz.4.1738: attempt to access beyond end of device
[  345.993061][T12099] nbd4: rw=0, sector=1024, nr_sectors = 4 limit=0
[  345.996565][T12099] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  345.999651][T12099] syz.4.1738: attempt to access beyond end of device
[  345.999651][T12099] nbd4: rw=0, sector=2048, nr_sectors = 4 limit=0
[  346.004469][T12099] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  346.007426][T12099] UDF-fs: warning (device nbd4): udf_load_vrs: No anchor found
[  346.009463][T12099] UDF-fs: Scanning with blocksize 2048 failed
[  346.011342][T12099] syz.4.1738: attempt to access beyond end of device
[  346.011342][T12099] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  346.014891][T12099] syz.4.1738: attempt to access beyond end of device
[  346.014891][T12099] nbd4: rw=0, sector=2048, nr_sectors = 8 limit=0
[  346.018450][T12099] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  346.021323][T12099] syz.4.1738: attempt to access beyond end of device
[  346.021323][T12099] nbd4: rw=0, sector=4096, nr_sectors = 8 limit=0
[  346.026034][T12099] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  346.028619][T12099] UDF-fs: warning (device nbd4): udf_load_vrs: No anchor found
[  346.030634][T12099] UDF-fs: Scanning with blocksize 4096 failed
[  346.033136][T12099] UDF-fs: warning (device nbd4): udf_fill_super: No partition found (1)
[  347.084880][T12139] netlink: 'syz.0.1747': attribute type 1 has an invalid length.
[  347.183152][T12141] FAULT_INJECTION: forcing a failure.
[  347.183152][T12141] name failslab, interval 1, probability 0, space 0, times 0
[  347.187675][T12141] CPU: 2 UID: 0 PID: 12141 Comm: syz.0.1747 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  347.191567][T12141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  347.195473][T12141] Call Trace:
[  347.196704][T12141]  <TASK>
[  347.197795][T12141]  dump_stack_lvl+0x16c/0x1f0
[  347.199544][T12141]  should_fail_ex+0x497/0x5b0
[  347.201274][T12141]  should_failslab+0xc2/0x120
[  347.203009][T12141]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  347.204999][T12141]  ? skb_clone+0x190/0x3f0
[  347.206648][T12141]  skb_clone+0x190/0x3f0
[  347.207849][T12141]  netlink_deliver_tap+0xafd/0xca0
[  347.209288][T12141]  netlink_unicast+0x5e1/0x7f0
[  347.210654][T12141]  ? __pfx_netlink_unicast+0x10/0x10
[  347.212207][T12141]  ? __phys_addr_symbol+0x30/0x80
[  347.213641][T12141]  ? __check_object_size+0x488/0x710
[  347.215186][T12141]  netlink_sendmsg+0x8b8/0xd70
[  347.216541][T12141]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.218042][T12141]  ____sys_sendmsg+0x9ae/0xb40
[  347.219378][T12141]  ? __pfx_____sys_sendmsg+0x10/0x10
[  347.220884][T12141]  ? get_compat_msghdr+0x11b/0x170
[  347.222397][T12141]  ___sys_sendmsg+0x135/0x1e0
[  347.223776][T12141]  ? __pfx____sys_sendmsg+0x10/0x10
[  347.225211][T12141]  ? __pfx_lock_release+0x10/0x10
[  347.226629][T12141]  ? trace_lock_acquire+0x14e/0x1f0
[  347.228102][T12141]  ? __fget_files+0x206/0x3a0
[  347.229403][T12141]  __sys_sendmsg+0x16e/0x220
[  347.230715][T12141]  ? __pfx___sys_sendmsg+0x10/0x10
[  347.232156][T12141]  __do_fast_syscall_32+0x73/0x120
[  347.233546][T12141]  do_fast_syscall_32+0x32/0x80
[  347.234928][T12141]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  347.236702][T12141] RIP: 0023:0xf708e579
[  347.237825][T12141] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  347.243171][T12141] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  347.245488][T12141] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000200000c0
[  347.247673][T12141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  347.249811][T12141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  347.252076][T12141] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  347.254278][T12141] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  347.256373][T12141]  </TASK>
[  347.271347][T12139] 8021q: adding VLAN 0 to HW filter on device bond2
[  347.306235][T12141] 8021q: adding VLAN 0 to HW filter on device bond2
[  347.308879][T12141] bond2: (slave vcan1): The slave device specified does not support setting the MAC address
[  347.320068][T12141] bond2: (slave vcan1): Error -95 calling set_mac_address
[  347.367728][T12144] team0: No ports can be present during mode change
[  347.370766][T12144] FAULT_INJECTION: forcing a failure.
[  347.370766][T12144] name failslab, interval 1, probability 0, space 0, times 0
[  347.375243][T12144] CPU: 3 UID: 0 PID: 12144 Comm: syz.1.1748 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  347.378155][T12144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  347.382046][T12144] Call Trace:
[  347.382978][T12144]  <TASK>
[  347.383807][T12144]  dump_stack_lvl+0x16c/0x1f0
[  347.385146][T12144]  should_fail_ex+0x497/0x5b0
[  347.386657][T12144]  ? fs_reclaim_acquire+0xae/0x150
[  347.388207][T12144]  should_failslab+0xc2/0x120
[  347.389564][T12144]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  347.391232][T12144]  ? __alloc_skb+0x2b3/0x380
[  347.392512][T12144]  __alloc_skb+0x2b3/0x380
[  347.393766][T12144]  ? __pfx___alloc_skb+0x10/0x10
[  347.395421][T12144]  ? genl_rcv_msg+0x4bd/0x800
[  347.396992][T12144]  netlink_ack+0x164/0xb20
[  347.398308][T12144]  netlink_rcv_skb+0x327/0x410
[  347.399669][T12144]  ? __pfx_genl_rcv_msg+0x10/0x10
[  347.401062][T12144]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  347.402529][T12144]  ? down_read+0xc9/0x330
[  347.403749][T12144]  ? __pfx_down_read+0x10/0x10
[  347.405137][T12144]  ? netlink_deliver_tap+0x1ae/0xca0
[  347.406625][T12144]  genl_rcv+0x28/0x40
[  347.407737][T12144]  netlink_unicast+0x53c/0x7f0
[  347.409103][T12144]  ? __pfx_netlink_unicast+0x10/0x10
[  347.410881][T12144]  ? __phys_addr_symbol+0x30/0x80
[  347.412282][T12144]  ? __check_object_size+0x488/0x710
[  347.413701][T12144]  netlink_sendmsg+0x8b8/0xd70
[  347.415009][T12144]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.416433][T12144]  ____sys_sendmsg+0x9ae/0xb40
[  347.417731][T12144]  ? __pfx_____sys_sendmsg+0x10/0x10
[  347.419232][T12144]  ? get_compat_msghdr+0x11b/0x170
[  347.420645][T12144]  ___sys_sendmsg+0x135/0x1e0
[  347.422004][T12144]  ? __pfx____sys_sendmsg+0x10/0x10
[  347.423450][T12144]  ? __pfx_lock_release+0x10/0x10
[  347.424857][T12144]  ? trace_lock_acquire+0x14e/0x1f0
[  347.426343][T12144]  ? __fget_files+0x206/0x3a0
[  347.427673][T12144]  __sys_sendmsg+0x16e/0x220
[  347.429016][T12144]  ? __pfx___sys_sendmsg+0x10/0x10
[  347.430471][T12144]  __do_fast_syscall_32+0x73/0x120
[  347.431954][T12144]  do_fast_syscall_32+0x32/0x80
[  347.433281][T12144]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  347.435161][T12144] RIP: 0023:0xf7f92579
[  347.436305][T12144] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  347.441746][T12144] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  347.444754][T12144] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020004bc0
[  347.446851][T12144] RDX: 0000000000044084 RSI: 0000000000000000 RDI: 0000000000000000
[  347.449016][T12144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  347.451139][T12144] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  347.453295][T12144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  347.455393][T12144]  </TASK>
[  347.791888][  T834] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  347.941860][  T834] usb 5-1: Using ep0 maxpacket: 8
[  347.944601][  T834] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  347.947029][  T834] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  347.949513][  T834] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  347.952231][  T834] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  347.955463][  T834] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  347.957705][  T834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.661069][T12164] tap0: tun_chr_ioctl cmd 1074025678
[  348.662648][T12164] tap0: group set to 0
[  349.027319][  T834] usb 5-1: usb_control_msg returned -71
[  349.031882][  T834] usbtmc 5-1:16.0: can't read capabilities
[  349.041003][  T834] usb 5-1: USB disconnect, device number 21
[  349.420674][T12172] FAULT_INJECTION: forcing a failure.
[  349.420674][T12172] name failslab, interval 1, probability 0, space 0, times 0
[  349.424308][T12172] CPU: 3 UID: 0 PID: 12172 Comm: syz.4.1757 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  349.427307][T12172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  349.430412][T12172] Call Trace:
[  349.431670][T12172]  <TASK>
[  349.432857][T12172]  dump_stack_lvl+0x16c/0x1f0
[  349.434168][T12172]  should_fail_ex+0x497/0x5b0
[  349.435481][T12172]  ? find_held_lock+0x2d/0x110
[  349.436806][T12172]  should_failslab+0xc2/0x120
[  349.438057][T12172]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  349.439732][T12172]  ? __alloc_skb+0x2b3/0x380
[  349.441257][T12172]  __alloc_skb+0x2b3/0x380
[  349.442548][T12172]  ? __pfx___alloc_skb+0x10/0x10
[  349.443919][T12172]  ? if_nlmsg_size+0x45d/0xa70
[  349.445233][T12172]  rtmsg_ifinfo_build_skb+0x81/0x280
[  349.446674][T12172]  rtmsg_ifinfo+0x9f/0x1a0
[  349.447929][T12172]  __dev_notify_flags+0x24e/0x2e0
[  349.449311][T12172]  ? __pfx___dev_notify_flags+0x10/0x10
[  349.450983][T12172]  ? __dev_change_flags+0x3d9/0x720
[  349.452558][T12172]  ? __pfx___dev_change_flags+0x10/0x10
[  349.454148][T12172]  ? __lock_acquire+0x15a9/0x3c40
[  349.455599][T12172]  dev_change_flags+0x10c/0x160
[  349.456985][T12172]  do_setlink.constprop.0+0x17b9/0x3f20
[  349.458588][T12172]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  349.460295][T12172]  ? bpf_trace_run2+0x2a6/0x590
[  349.461872][T12172]  ? __pfx_bpf_trace_run2+0x10/0x10
[  349.463401][T12172]  ? __pfx___mutex_trylock_common+0x10/0x10
[  349.465075][T12172]  ? rtnl_newlink+0x5e4/0x1d70
[  349.466569][T12172]  ? rcu_is_watching+0x12/0xc0
[  349.467933][T12172]  ? trace_contention_end+0xee/0x140
[  349.469422][T12172]  ? __mutex_lock+0x1cc/0xa60
[  349.470800][T12172]  ? rtnl_newlink+0x5e4/0x1d70
[  349.472225][T12172]  ? __pfx___mutex_lock+0x10/0x10
[  349.473703][T12172]  ? apparmor_capable+0x114/0x1d0
[  349.475209][T12172]  ? netlink_ns_capable+0xfa/0x130
[  349.476686][T12172]  rtnl_newlink+0x17f4/0x1d70
[  349.478057][T12172]  ? __pfx_rtnl_newlink+0x10/0x10
[  349.479544][T12172]  ? __pfx___lock_acquire+0x10/0x10
[  349.480998][T12172]  ? kmem_cache_free+0x152/0x4c0
[  349.482418][T12172]  ? aa_get_newest_label+0x376/0x680
[  349.483879][T12172]  ? find_held_lock+0x2d/0x110
[  349.485289][T12172]  ? find_held_lock+0x2d/0x110
[  349.486663][T12172]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  349.488164][T12172]  ? __pfx_lock_release+0x10/0x10
[  349.489566][T12172]  ? trace_lock_acquire+0x14e/0x1f0
[  349.491036][T12172]  ? __pfx_rtnl_newlink+0x10/0x10
[  349.492465][T12172]  rtnetlink_rcv_msg+0x95b/0xea0
[  349.493859][T12172]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  349.495430][T12172]  ? __pfx___dev_queue_xmit+0x10/0x10
[  349.496916][T12172]  netlink_rcv_skb+0x165/0x410
[  349.498251][T12172]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  349.499773][T12172]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  349.501260][T12172]  ? netlink_deliver_tap+0x1ae/0xca0
[  349.502754][T12172]  netlink_unicast+0x53c/0x7f0
[  349.504088][T12172]  ? __pfx_netlink_unicast+0x10/0x10
[  349.505609][T12172]  ? __phys_addr_symbol+0x30/0x80
[  349.507023][T12172]  ? __check_object_size+0x488/0x710
[  349.508668][T12172]  netlink_sendmsg+0x8b8/0xd70
[  349.510018][T12172]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.511513][T12172]  ____sys_sendmsg+0x9ae/0xb40
[  349.512869][T12172]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.514339][T12172]  ? get_compat_msghdr+0x11b/0x170
[  349.515780][T12172]  ___sys_sendmsg+0x135/0x1e0
[  349.517123][T12172]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.518592][T12172]  ? __pfx_lock_release+0x10/0x10
[  349.519995][T12172]  ? trace_lock_acquire+0x14e/0x1f0
[  349.521523][T12172]  ? __fget_files+0x206/0x3a0
[  349.522864][T12172]  __sys_sendmsg+0x16e/0x220
[  349.524173][T12172]  ? __pfx___sys_sendmsg+0x10/0x10
[  349.525802][T12172]  __do_fast_syscall_32+0x73/0x120
[  349.527781][T12172]  do_fast_syscall_32+0x32/0x80
[  349.529493][T12172]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  349.531252][T12172] RIP: 0023:0xf7f78579
[  349.532526][T12172] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  349.538192][T12172] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  349.540604][T12172] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000100
[  349.542911][T12172] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  349.545119][T12172] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  349.547356][T12172] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  349.549570][T12172] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  349.551800][T12172]  </TASK>
[  349.603632][T12172] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  349.722016][T12183] netlink: 'syz.2.1760': attribute type 1 has an invalid length.
[  350.039647][T12183] 8021q: adding VLAN 0 to HW filter on device bond1
[  350.067812][T12187] IPVS: Error joining to the multicast group
[  350.244797][T12199] tipc: Can't bind to reserved service type 0
[  350.281097][T12204] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1767'.
[  350.538690][T12209] FAULT_INJECTION: forcing a failure.
[  350.538690][T12209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  350.542509][T12209] CPU: 3 UID: 0 PID: 12209 Comm: syz.4.1769 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  350.545514][T12209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  350.548536][T12209] Call Trace:
[  350.549493][T12209]  <TASK>
[  350.550381][T12209]  dump_stack_lvl+0x16c/0x1f0
[  350.551678][T12209]  should_fail_ex+0x497/0x5b0
[  350.553015][T12209]  _copy_from_user+0x2e/0xd0
[  350.554348][T12209]  memdup_user+0x71/0xd0
[  350.555538][T12209]  strndup_user+0x78/0xe0
[  350.556762][T12209]  __ia32_sys_mount+0x181/0x310
[  350.558166][T12209]  ? __pfx___ia32_sys_mount+0x10/0x10
[  350.559761][T12209]  __do_fast_syscall_32+0x73/0x120
[  350.561243][T12209]  do_fast_syscall_32+0x32/0x80
[  350.562679][T12209]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  350.564498][T12209] RIP: 0023:0xf7f78579
[  350.565686][T12209] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  350.570968][T12209] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  350.573305][T12209] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000200001c0
[  350.575538][T12209] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  350.577693][T12209] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  350.579910][T12209] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  350.582059][T12209] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  350.584273][T12209]  </TASK>
[  350.641872][ T6509] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  350.655345][T12214] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  350.659764][T12214] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  350.861888][ T6509] usb 6-1: Using ep0 maxpacket: 8
[  350.864669][ T6509] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  350.867514][ T6509] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  350.870477][ T6509] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  350.873998][ T6509] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  350.877905][ T6509] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  350.880573][ T6509] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.570080][T12233] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1774'.
[  351.744754][T12237] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1776'.
[  352.551383][ T6509] usb 6-1: usb_control_msg returned -71
[  352.553086][ T6509] usbtmc 6-1:16.0: can't read capabilities
[  352.563295][ T6509] usb 6-1: USB disconnect, device number 19
[  352.932373][T12255] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  352.934391][T12255] overlayfs: failed to set xattr on upper
[  352.936010][T12255] overlayfs: ...falling back to redirect_dir=nofollow.
[  352.937859][T12255] overlayfs: ...falling back to index=off.
[  352.939527][T12255] overlayfs: ...falling back to uuid=null.
[  353.678969][T12275] netlink: 'syz.4.1787': attribute type 10 has an invalid length.
[  353.702459][T12275] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  354.001880][ T5980] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  354.175377][ T5980] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  354.177895][ T5980] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  354.180753][ T5980] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  354.201925][ T5980] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  354.206368][ T5980] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  354.219680][ T5980] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  354.222544][ T5980] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  354.224846][ T5980] usb 9-1: Product: syz
[  354.226629][ T5980] usb 9-1: Manufacturer: syz
[  354.231436][ T5980] cdc_wdm 9-1:1.0: skipping garbage
[  354.233333][ T5980] cdc_wdm 9-1:1.0: skipping garbage
[  354.237263][ T5980] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  354.239270][ T5980] cdc_wdm 9-1:1.0: Unknown control protocol
[  354.551571][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  354.553555][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  354.555932][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  354.557920][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  354.559893][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  354.561931][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  354.564052][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  354.566072][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  354.568055][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  354.570031][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  354.572123][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  354.574108][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  354.576072][ T1328] usb 9-1: USB disconnect, device number 12
[  354.577857][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  354.577874][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  354.577886][    C0] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  354.592506][T12281] cdc_wdm 9-1:1.0: Tx URB error: -19
[  355.625686][T12302] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  355.627819][T12302] overlayfs: failed to set xattr on upper
[  355.629485][T12302] overlayfs: ...falling back to redirect_dir=nofollow.
[  355.631541][T12302] overlayfs: ...falling back to index=off.
[  355.635099][T12302] overlayfs: ...falling back to uuid=null.
[  357.528604][T12338] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1804'.
[  357.744693][T12341] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1805'.
[  357.933099][T12347] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1807'.
[  358.554444][T12362] FAULT_INJECTION: forcing a failure.
[  358.554444][T12362] name failslab, interval 1, probability 0, space 0, times 0
[  358.558123][T12362] CPU: 0 UID: 0 PID: 12362 Comm: syz.0.1811 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  358.561181][T12362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.564223][T12362] Call Trace:
[  358.565194][T12362]  <TASK>
[  358.566044][T12362]  dump_stack_lvl+0x16c/0x1f0
[  358.567463][T12362]  should_fail_ex+0x497/0x5b0
[  358.568825][T12362]  ? fs_reclaim_acquire+0xae/0x150
[  358.570356][T12362]  should_failslab+0xc2/0x120
[  358.571720][T12362]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  358.573406][T12362]  ? __pfx___might_resched+0x10/0x10
[  358.574950][T12362]  ? alloc_vmap_area+0x636/0x2a70
[  358.576390][T12362]  alloc_vmap_area+0x636/0x2a70
[  358.577791][T12362]  ? __pfx_alloc_vmap_area+0x10/0x10
[  358.579317][T12362]  __get_vm_area_node+0x19e/0x2f0
[  358.580783][T12362]  ? __pfx_mark_lock+0x10/0x10
[  358.582203][T12362]  __vmalloc_node_range_noprof+0x26a/0x1530
[  358.583972][T12362]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  358.585587][T12362]  ? mark_lock+0xb5/0xc60
[  358.586840][T12362]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  358.588472][T12362]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  358.590339][T12362]  ? __pfx_aa_get_newest_label+0x10/0x10
[  358.592011][T12362]  ? __pfx___lock_acquire+0x10/0x10
[  358.593521][T12362]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  358.595154][T12362]  __vmalloc_noprof+0x6d/0x90
[  358.596553][T12362]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  358.598145][T12362]  bpf_prog_alloc_no_stats+0x54/0x630
[  358.599710][T12362]  ? security_capable+0x7e/0x260
[  358.601138][T12362]  bpf_prog_alloc+0x3b/0x230
[  358.602500][T12362]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  358.604207][T12362]  bpf_prog_load+0x1758/0x2670
[  358.605611][T12362]  ? __pfx_bpf_prog_load+0x10/0x10
[  358.607096][T12362]  ? find_held_lock+0x2d/0x110
[  358.608478][T12362]  ? __might_fault+0x13b/0x190
[  358.609862][T12362]  ? __might_fault+0xe3/0x190
[  358.611231][T12362]  __sys_bpf+0x5677/0x57a0
[  358.612528][T12362]  ? __pfx_lock_release+0x10/0x10
[  358.613980][T12362]  ? __pfx___sys_bpf+0x10/0x10
[  358.615386][T12362]  ? vfs_write+0x306/0x1150
[  358.616696][T12362]  ? __mutex_unlock_slowpath+0x164/0x690
[  358.618300][T12362]  ? fput+0x67/0x440
[  358.619443][T12362]  ? ksys_write+0x1ba/0x250
[  358.620757][T12362]  ? __pfx_ksys_write+0x10/0x10
[  358.622194][T12362]  __ia32_sys_bpf+0x76/0xe0
[  358.623501][T12362]  __do_fast_syscall_32+0x73/0x120
[  358.624983][T12362]  do_fast_syscall_32+0x32/0x80
[  358.626412][T12362]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.628275][T12362] RIP: 0023:0xf708e579
[  358.629485][T12362] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  358.634970][T12362] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  358.637358][T12362] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200005c0
[  358.639642][T12362] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  358.641911][T12362] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.644179][T12362] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  358.646459][T12362] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.648713][T12362]  </TASK>
[  358.651892][T12362] syz.0.1811: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  358.656554][T12362] CPU: 1 UID: 0 PID: 12362 Comm: syz.0.1811 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  358.659586][T12362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.662741][T12362] Call Trace:
[  358.663725][T12362]  <TASK>
[  358.664601][T12362]  dump_stack_lvl+0x16c/0x1f0
[  358.666040][T12362]  warn_alloc+0x24d/0x3a0
[  358.667322][T12362]  ? __pfx_warn_alloc+0x10/0x10
[  358.668710][T12362]  ? kfree+0x14f/0x4b0
[  358.669937][T12362]  ? __get_vm_area_node+0x1dc/0x2f0
[  358.671487][T12362]  __vmalloc_node_range_noprof+0xd27/0x1530
[  358.673161][T12362]  ? mark_lock+0xb5/0xc60
[  358.674466][T12362]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  358.676063][T12362]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  358.677912][T12362]  ? __pfx_aa_get_newest_label+0x10/0x10
[  358.679534][T12362]  ? __pfx___lock_acquire+0x10/0x10
[  358.681024][T12362]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  358.682730][T12362]  __vmalloc_noprof+0x6d/0x90
[  358.684089][T12362]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  358.685695][T12362]  bpf_prog_alloc_no_stats+0x54/0x630
[  358.687243][T12362]  ? security_capable+0x7e/0x260
[  358.688657][T12362]  bpf_prog_alloc+0x3b/0x230
[  358.690027][T12362]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  358.691965][T12362]  bpf_prog_load+0x1758/0x2670
[  358.693370][T12362]  ? __pfx_bpf_prog_load+0x10/0x10
[  358.694911][T12362]  ? find_held_lock+0x2d/0x110
[  358.696329][T12362]  ? __might_fault+0x13b/0x190
[  358.697696][T12362]  ? __might_fault+0xe3/0x190
[  358.699032][T12362]  __sys_bpf+0x5677/0x57a0
[  358.700277][T12362]  ? __pfx_lock_release+0x10/0x10
[  358.701817][T12362]  ? __pfx___sys_bpf+0x10/0x10
[  358.703222][T12362]  ? vfs_write+0x306/0x1150
[  358.704526][T12362]  ? __mutex_unlock_slowpath+0x164/0x690
[  358.706209][T12362]  ? fput+0x67/0x440
[  358.707384][T12362]  ? ksys_write+0x1ba/0x250
[  358.708738][T12362]  ? __pfx_ksys_write+0x10/0x10
[  358.710194][T12362]  __ia32_sys_bpf+0x76/0xe0
[  358.711702][T12362]  __do_fast_syscall_32+0x73/0x120
[  358.713336][T12362]  do_fast_syscall_32+0x32/0x80
[  358.714799][T12362]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.716636][T12362] RIP: 0023:0xf708e579
[  358.717856][T12362] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  358.723494][T12362] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  358.725889][T12362] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200005c0
[  358.728218][T12362] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  358.730565][T12362] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.732949][T12362] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  358.735303][T12362] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.737650][T12362]  </TASK>
[  358.738684][    C1] vkms_vblank_simulate: vblank timer overrun
[  358.759584][T12362] Mem-Info:
[  358.765819][T12362] active_anon:10640 inactive_anon:0 isolated_anon:0
[  358.765819][T12362]  active_file:17439 inactive_file:28714 isolated_file:0
[  358.765819][T12362]  unevictable:1768 dirty:208 writeback:0
[  358.765819][T12362]  slab_reclaimable:10327 slab_unreclaimable:64460
[  358.765819][T12362]  mapped:26367 shmem:7444 pagetables:678
[  358.765819][T12362]  sec_pagetables:306 bounce:0
[  358.765819][T12362]  kernel_misc_reclaimable:0
[  358.765819][T12362]  free:38986 free_pcp:1345 free_cma:0
[  358.819806][T12362] Node 0 active_anon:3512kB inactive_anon:0kB active_file:288kB inactive_file:15772kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:6024kB dirty:0kB writeback:0kB shmem:4444kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9452kB pagetables:796kB sec_pagetables:1116kB all_unreclaimable? yes
[  358.828920][T12362] Node 1 active_anon:39848kB inactive_anon:0kB active_file:69468kB inactive_file:99084kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:103144kB dirty:832kB writeback:0kB shmem:26132kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3320kB pagetables:1816kB sec_pagetables:108kB all_unreclaimable? no
[  358.842584][T12362] Node 0 DMA free:2964kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:32kB inactive_file:3444kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:440kB local_pcp:148kB free_cma:0kB
[  358.852006][T12362] lowmem_reserve[]: 0 299 0 0 0
[  358.854224][T12362] Node 0 DMA32 free:22944kB boost:8192kB min:22096kB low:25572kB high:29048kB reserved_highatomic:4096KB active_anon:3496kB inactive_anon:0kB active_file:256kB inactive_file:12328kB unevictable:3536kB writepending:0kB present:1032196kB managed:306308kB mlocked:0kB bounce:0kB free_pcp:368kB local_pcp:64kB free_cma:0kB
[  358.862687][T12362] lowmem_reserve[]: 0 0 0 0 0
[  358.864120][T12362] Node 1 DMA32 free:127480kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:41248kB inactive_anon:0kB active_file:69468kB inactive_file:99084kB unevictable:3536kB writepending:848kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:4804kB local_pcp:1376kB free_cma:0kB
[  358.918260][T12362] lowmem_reserve[]: 0 0 0 0 0
[  358.919814][T12362] Node 0 DMA: 93*4kB (UM) 102*8kB (UM) 39*16kB (UM) 20*32kB (UM) 4*64kB (UM) 2*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2964kB
[  358.931891][T12362] Node 0 DMA32: 404*4kB (UMH) 54*8kB (UMEH) 24*16kB (UMH) 141*32kB (UMEH) 76*64kB (UM) 11*128kB (UM) 6*256kB (UM) 6*512kB (UM) 1*1024kB (M) 0*2048kB 1*4096kB (M) = 22944kB
[  358.938313][T12362] Node 1 DMA32: 2*4kB (ME) 246*8kB (UE) 155*16kB (UME) 188*32kB (UME) 146*64kB (UME) 68*128kB (UME) 34*256kB (UM) 23*512kB (UME) 8*1024kB (UME) 7*2048kB (ME) 13*4096kB (UM) = 124776kB
[  359.009715][T12366] netlink: 'syz.4.1812': attribute type 39 has an invalid length.
[  359.051919][T12362] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  359.082207][T12362] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  359.084982][T12362] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  359.087785][T12362] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  359.090474][T12362] 55780 total pagecache pages
[  359.092027][T12362] 0 pages in swap cache
[  359.093215][T12362] Free swap  = 124604kB
[  359.094410][T12362] Total swap = 124996kB
[  359.095612][T12362] 524155 pages RAM
[  359.096686][T12362] 0 pages HighMem/MovableOnly
[  359.098035][T12362] 206675 pages reserved
[  359.099230][T12362] 0 pages cma reserved
[  359.172551][T12367] syz.4.1812: attempt to access beyond end of device
[  359.172551][T12367] ram200: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=8192
[  359.813361][T12379] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1816'.
[  360.678858][T12401] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  360.685171][T12401] overlayfs: failed to set xattr on upper
[  360.686901][T12401] overlayfs: ...falling back to redirect_dir=nofollow.
[  360.688941][T12401] overlayfs: ...falling back to index=off.
[  360.690687][T12401] overlayfs: ...falling back to uuid=null.
[  361.081600][T12414] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1825'.
[  361.539578][T12423] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1827'.
[  361.641621][T12431] Sensor A: =================  START STATUS  =================
[  361.645557][T12431] Sensor A: Test Pattern: 75% Colorbar
[  361.648595][T12431] Sensor A: Show Information: All
[  361.650220][T12431] Sensor A: Vertical Flip: false
[  361.659743][T12431] Sensor A: Horizontal Flip: true
[  361.662402][T12431] Sensor A: Brightness: 128
[  361.674105][T12426] FAULT_INJECTION: forcing a failure.
[  361.674105][T12426] name failslab, interval 1, probability 0, space 0, times 0
[  361.679300][T12426] CPU: 2 UID: 0 PID: 12426 Comm: syz.4.1828 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  361.682514][T12426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  361.685627][T12426] Call Trace:
[  361.685634][T12426]  <TASK>
[  361.685639][T12426]  dump_stack_lvl+0x16c/0x1f0
[  361.685656][T12426]  should_fail_ex+0x497/0x5b0
[  361.685671][T12426]  ? fs_reclaim_acquire+0xae/0x150
[  361.685684][T12426]  should_failslab+0xc2/0x120
[  361.685699][T12426]  __kmalloc_cache_noprof+0x68/0x420
[  361.685712][T12426]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  361.685724][T12426]  ? lockdep_hardirqs_on+0x7c/0x110
[  361.685739][T12426]  __request_module+0x2c6/0x6c0
[  361.685750][T12426]  ? dev_load+0x1ff/0x240
[  361.685762][T12426]  ? __pfx___request_module+0x10/0x10
[  361.685772][T12426]  ? aa_get_newest_label+0x376/0x680
[  361.685804][T12426]  ? __pfx_aa_get_newest_label+0x10/0x10
[  361.706764][T12426]  ? apparmor_capable+0x114/0x1d0
[  361.708243][T12426]  ? dev_load+0x1de/0x240
[  361.709540][T12426]  dev_load+0x1ff/0x240
[  361.710747][T12431] 
[  361.710807][T12426]  dev_ioctl+0x293/0x10c0
[  361.710823][T12426]  compat_sock_ioctl+0x44c/0x7e0
[  361.710837][T12426]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  361.710852][T12426]  ? __fget_files+0x206/0x3a0
[  361.710867][T12426]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  361.710880][T12426]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  361.710892][T12426]  __do_fast_syscall_32+0x73/0x120
[  361.710908][T12426]  do_fast_syscall_32+0x32/0x80
[  361.710921][T12426]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  361.713672][T12431] Sensor A: Contrast: 
[  361.714366][T12426] RIP: 0023:0xf7f78579
[  361.714379][T12426] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  361.714389][T12426] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  361.714400][T12426] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 0000000000008946
[  361.714407][T12426] RDX: 0000000020000900 RSI: 0000000000000000 RDI: 0000000000000000
[  361.714413][T12426] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  361.714419][T12426] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  361.714426][T12426] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  361.714438][T12426]  </TASK>
[  361.878233][T12431] 128
[  361.888410][T12431] Sensor A: Hue: 0
[  361.890038][T12431] Sensor A: Saturation: 128
[  361.903501][T12431] Sensor A: ==================  END STATUS  ==================
[  363.042653][T12448] netlink: 'syz.1.1830': attribute type 3 has an invalid length.
[  363.045207][T12448] netlink: 'syz.1.1830': attribute type 2 has an invalid length.
[  363.088867][T12453] syz.4.1831: attempt to access beyond end of device
[  363.088867][T12453] nbd4: rw=0, sector=64, nr_sectors = 2 limit=0
[  363.175630][T12453] syz.4.1831: attempt to access beyond end of device
[  363.175630][T12453] nbd4: rw=0, sector=512, nr_sectors = 2 limit=0
[  363.212224][T12453] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  363.216449][T12453] syz.4.1831: attempt to access beyond end of device
[  363.216449][T12453] nbd4: rw=0, sector=1024, nr_sectors = 2 limit=0
[  363.220505][T12453] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  363.225321][T12453] syz.4.1831: attempt to access beyond end of device
[  363.225321][T12453] nbd4: rw=0, sector=64, nr_sectors = 4 limit=0
[  363.265863][T12453] syz.4.1831: attempt to access beyond end of device
[  363.265863][T12453] nbd4: rw=0, sector=1024, nr_sectors = 4 limit=0
[  363.275069][T12453] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  363.296862][T12453] syz.4.1831: attempt to access beyond end of device
[  363.296862][T12453] nbd4: rw=0, sector=2048, nr_sectors = 4 limit=0
[  363.301679][T12453] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  363.314047][T12453] syz.4.1831: attempt to access beyond end of device
[  363.314047][T12453] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  363.319818][T12453] syz.4.1831: attempt to access beyond end of device
[  363.319818][T12453] nbd4: rw=0, sector=2048, nr_sectors = 8 limit=0
[  363.324830][T12453] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  363.328896][T12453] syz.4.1831: attempt to access beyond end of device
[  363.328896][T12453] nbd4: rw=0, sector=4096, nr_sectors = 8 limit=0
[  363.333187][T12453] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  363.336239][T12453] UDF-fs: warning (device nbd4): udf_fill_super: No partition found (1)
[  363.754114][T12446] nbd4: detected capacity change from 0 to 67108884
[  363.777075][T12412] block nbd4: Send control failed (result -89)
[  363.779857][T12412] block nbd4: Request send failed, requeueing
[  363.785895][ T5951] block nbd4: Receive control failed (result -32)
[  363.787839][ T7355] block nbd4: Dead connection, failed to find a fallback
[  363.792156][ T7355] block nbd4: shutting down sockets
[  363.794230][ T7355] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.798345][ T7355] Buffer I/O error on dev nbd4, logical block 0, async page read
[  363.801459][T12412] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.807153][T12412] Buffer I/O error on dev nbd4, logical block 0, async page read
[  363.960651][T12412] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.963469][T12412] Buffer I/O error on dev nbd4, logical block 0, async page read
[  363.965809][T12412] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.968439][T12412] Buffer I/O error on dev nbd4, logical block 0, async page read
[  363.970766][T12412] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.976148][T12412] Buffer I/O error on dev nbd4, logical block 0, async page read
[  363.980240][T12412] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.983401][T12412] Buffer I/O error on dev nbd4, logical block 0, async page read
[  363.992032][T12412] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  363.995742][T12412] Buffer I/O error on dev nbd4, logical block 0, async page read
[  363.998073][T12412] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  364.000606][T12412] Buffer I/O error on dev nbd4, logical block 0, async page read
[  364.024189][T12460] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  364.026285][T12460] overlayfs: failed to set xattr on upper
[  364.027971][T12460] overlayfs: ...falling back to redirect_dir=nofollow.
[  364.029968][T12460] overlayfs: ...falling back to index=off.
[  364.031727][T12460] overlayfs: ...falling back to uuid=null.
[  364.041876][T12412] ldm_validate_partition_table(): Disk read failed.
[  364.043934][T12412] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  364.046604][T12412] Buffer I/O error on dev nbd4, logical block 0, async page read
[  364.048919][T12412] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  364.051582][T12412] Buffer I/O error on dev nbd4, logical block 0, async page read
[  364.057995][T12465] smc: net device bond0 erased user defined pnetid SYZ0
[  364.107221][T12412] Dev nbd4: unable to read RDB block 0
[  364.110421][T12412]  nbd4: unable to read partition table
[  364.149341][T12412] ldm_validate_partition_table(): Disk read failed.
[  364.157628][T12412] Dev nbd4: unable to read RDB block 0
[  364.159664][T12412]  nbd4: unable to read partition table
[  364.300501][T12473] lo speed is unknown, defaulting to 1000
[  365.389472][T12501] IPv6: NLM_F_CREATE should be specified when creating new route
[  365.838057][T12510] syz.2.1847: attempt to access beyond end of device
[  365.838057][T12510] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0
[  365.874052][T12510] syz.2.1847: attempt to access beyond end of device
[  365.874052][T12510] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0
[  365.880909][T12510] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  365.890401][T12510] syz.2.1847: attempt to access beyond end of device
[  365.890401][T12510] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0
[  365.894492][T12510] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  365.899847][T12510] syz.2.1847: attempt to access beyond end of device
[  365.899847][T12510] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0
[  365.905404][T12510] syz.2.1847: attempt to access beyond end of device
[  365.905404][T12510] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0
[  365.909388][T12510] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  365.913260][T12510] syz.2.1847: attempt to access beyond end of device
[  365.913260][T12510] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0
[  365.917660][T12510] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  365.931890][T12510] syz.2.1847: attempt to access beyond end of device
[  365.931890][T12510] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  365.936091][T12510] syz.2.1847: attempt to access beyond end of device
[  365.936091][T12510] nbd2: rw=0, sector=2048, nr_sectors = 8 limit=0
[  365.940087][T12510] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  365.953208][T12510] syz.2.1847: attempt to access beyond end of device
[  365.953208][T12510] nbd2: rw=0, sector=4096, nr_sectors = 8 limit=0
[  365.957977][T12510] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  365.961006][T12510] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[  366.182867][T12509] nbd2: detected capacity change from 0 to 67108884
[  366.290436][T12412] block nbd2: Send control failed (result -89)
[  366.302642][T12508] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  366.304534][T12508] overlayfs: failed to set xattr on upper
[  366.306165][T12508] overlayfs: ...falling back to redirect_dir=nofollow.
[  366.308053][T12508] overlayfs: ...falling back to index=off.
[  366.310071][T12508] overlayfs: ...falling back to uuid=null.
[  366.313645][T12412] block nbd2: Request send failed, requeueing
[  366.316755][ T7354] block nbd2: Dead connection, failed to find a fallback
[  366.318772][ T7354] block nbd2: shutting down sockets
[  366.321700][T12412] ldm_validate_partition_table(): Disk read failed.
[  366.323761][T12412] Dev nbd2: unable to read RDB block 0
[  366.328246][T12412]  nbd2: unable to read partition table
[  366.335313][T12412] ldm_validate_partition_table(): Disk read failed.
[  366.337334][T12412] Dev nbd2: unable to read RDB block 0
[  366.346527][T12412]  nbd2: unable to read partition table
[  366.356576][T12412] ldm_validate_partition_table(): Disk read failed.
[  366.358686][T12412] Dev nbd2: unable to read RDB block 0
[  366.370697][T12412]  nbd2: unable to read partition table
[  366.391010][T12412] ldm_validate_partition_table(): Disk read failed.
[  366.395301][T12412] Dev nbd2: unable to read RDB block 0
[  366.397118][T12412]  nbd2: unable to read partition table
[  366.556450][T12516] Driver unsupported XDP return value 0 on prog  (id 452) dev N/A, expect packet loss!
[  367.077908][T12528] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  367.080001][T12528] overlayfs: failed to set xattr on upper
[  367.081730][T12528] overlayfs: ...falling back to redirect_dir=nofollow.
[  367.083755][T12528] overlayfs: ...falling back to index=off.
[  367.085434][T12528] overlayfs: ...falling back to uuid=null.
[  367.761902][T11171] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  367.894679][   T39] audit: type=1400 audit(1737176674.668:215): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A090EA3680EB06A1A5FD3F7614EFCD31267A0590DD509A5EFFE069ABB05AD3352B3AC017439E1DBC66F4DF20C0741B02DB717F35BBBCD4A734DE1F70C73C07EDA77D9616BE3DD1E63E92055FE373A94F022B1F018E4B2A80C8DE7F63E446A7147 pid=12542 comm="syz.2.1859"
[  367.911870][T11171] usb 6-1: Using ep0 maxpacket: 8
[  367.914993][T11171] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  367.917884][T11171] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  367.920638][T11171] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  367.929884][T11171] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  367.935147][T11171] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  367.937812][T11171] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.645139][T11171] usb 6-1: GET_CAPABILITIES returned 0
[  368.665314][T11171] usbtmc 6-1:16.0: can't read capabilities
[  368.737923][T12563] FAULT_INJECTION: forcing a failure.
[  368.737923][T12563] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.742506][T12563] CPU: 3 UID: 0 PID: 12563 Comm: syz.4.1863 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  368.745841][T12563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  368.749096][T12563] Call Trace:
[  368.750053][T12563]  <TASK>
[  368.750912][T12563]  dump_stack_lvl+0x16c/0x1f0
[  368.752314][T12563]  should_fail_ex+0x497/0x5b0
[  368.753673][T12563]  _copy_to_user+0x32/0xd0
[  368.754936][T12563]  bpf_test_finish.isra.0+0x4a1/0x680
[  368.756435][T12563]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  368.758137][T12563]  ? kfree+0x3d0/0x4b0
[  368.759273][T12563]  bpf_prog_test_run_skb+0x11da/0x22c0
[  368.760854][T12563]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  368.762550][T12563]  ? fput+0x67/0x440
[  368.763688][T12563]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  368.765368][T12563]  __sys_bpf+0x1921/0x57a0
[  368.766684][T12563]  ? __pfx_lock_release+0x10/0x10
[  368.768115][T12563]  ? __pfx___sys_bpf+0x10/0x10
[  368.769458][T12563]  ? vfs_write+0x306/0x1150
[  368.770765][T12563]  ? __mutex_unlock_slowpath+0x164/0x690
[  368.772385][T12563]  ? fput+0x67/0x440
[  368.773519][T12563]  ? ksys_write+0x1ba/0x250
[  368.774832][T12563]  ? __pfx_ksys_write+0x10/0x10
[  368.776237][T12563]  __ia32_sys_bpf+0x76/0xe0
[  368.777549][T12563]  __do_fast_syscall_32+0x73/0x120
[  368.779026][T12563]  do_fast_syscall_32+0x32/0x80
[  368.780426][T12563]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  368.782246][T12563] RIP: 0023:0xf7f78579
[  368.783412][T12563] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  368.788882][T12563] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  368.791281][T12563] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200005c0
[  368.793515][T12563] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  368.795761][T12563] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  368.798007][T12563] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  368.800260][T12563] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  368.802525][T12563]  </TASK>
[  368.836133][T12569] netlink: 'syz.2.1864': attribute type 1 has an invalid length.
[  369.844613][  T834] usb 6-1: USB disconnect, device number 20
[  370.309460][T12598] input: syz1 as /devices/virtual/input/input38
[  370.779809][   T39] audit: type=1400 audit(1737176677.548:216): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A090EA3680EB06A1A5FD3F7614EFCD31267A0590DD509A5EFFE069ABB05AD3352B3AC017439E1DBC66F4DF20C0741B02DB717F35BBBCD4A734DE1F70C73C07EDA77D9616BE3DD1E63E92055FE373A94F022B1F018E4B2A80C8DE7F63E446A7147 pid=12608 comm="syz.4.1876"
[  371.743149][T12624] ubi0: attaching mtd0
[  371.744563][T12624] ubi0 error: ubi_attach_mtd_dev: bad VID header (16) or data offsets (80)
[  372.735549][T12647] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1888'.
[  374.517256][T12676] input: syz1 as /devices/virtual/input/input39
[  374.568651][T12678] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1896'.
[  375.280343][T12695] FAULT_INJECTION: forcing a failure.
[  375.280343][T12695] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  375.285376][T12695] CPU: 1 UID: 0 PID: 12695 Comm: syz.2.1901 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  375.288557][T12695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  375.291651][T12695] Call Trace:
[  375.292624][T12695]  <TASK>
[  375.293456][T12695]  dump_stack_lvl+0x16c/0x1f0
[  375.294766][T12695]  should_fail_ex+0x497/0x5b0
[  375.296070][T12695]  ? fs_reclaim_acquire+0xae/0x150
[  375.297481][T12695]  should_fail_alloc_page+0xe7/0x130
[  375.299002][T12695]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  375.300677][T12695]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  375.302399][T12695]  __alloc_pages_noprof+0x190/0x25b0
[  375.303872][T12695]  ? __kernel_text_address+0xd/0x40
[  375.305317][T12695]  ? arch_stack_walk+0xa7/0x100
[  375.306686][T12695]  ? hlock_class+0x4e/0x130
[  375.307958][T12695]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  375.309593][T12695]  ? __pfx___lock_acquire+0x10/0x10
[  375.311046][T12695]  ? kasan_save_stack+0x42/0x60
[  375.312392][T12695]  ? kasan_save_stack+0x33/0x60
[  375.313803][T12695]  ? kasan_save_track+0x14/0x30
[  375.315233][T12695]  ? __kasan_slab_alloc+0x89/0x90
[  375.316634][T12695]  ? kmem_cache_alloc_node_noprof+0x1ca/0x3b0
[  375.318417][T12695]  ? alloc_vmap_area+0x636/0x2a70
[  375.319947][T12695]  ? __get_vm_area_node+0x19e/0x2f0
[  375.321446][T12695]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  375.323130][T12695]  ? policy_nodemask+0xea/0x4e0
[  375.324500][T12695]  alloc_pages_mpol_noprof+0x2c8/0x620
[  375.326000][T12695]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  375.327704][T12695]  ? do_raw_spin_lock+0x12d/0x2c0
[  375.329160][T12695]  ? lock_acquire+0x2f/0xb0
[  375.330476][T12695]  ? kasan_populate_vmalloc_pte+0xfb/0x160
[  375.332136][T12695]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  375.333865][T12695]  get_free_pages_noprof+0xc/0x40
[  375.335341][T12695]  kasan_populate_vmalloc_pte+0x2d/0x160
[  375.336976][T12695]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  375.338755][T12695]  __apply_to_page_range+0x5fd/0xd30
[  375.340164][T12695]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  375.341852][T12695]  ? __pfx___apply_to_page_range+0x10/0x10
[  375.343523][T12695]  ? insert_vmap_area+0x2ef/0x4d0
[  375.344911][T12695]  alloc_vmap_area+0x93e/0x2a70
[  375.346218][T12695]  ? __pfx_alloc_vmap_area+0x10/0x10
[  375.347726][T12695]  __get_vm_area_node+0x19e/0x2f0
[  375.349047][T12695]  __vmalloc_node_range_noprof+0x26a/0x1530
[  375.350652][T12695]  ? sock_hash_alloc+0x336/0x510
[  375.352088][T12695]  ? sock_hash_alloc+0x336/0x510
[  375.353437][T12695]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  375.355147][T12695]  ? rcu_is_watching+0x12/0xc0
[  375.356485][T12695]  ? trace_kmalloc+0x2d/0xd0
[  375.357914][T12695]  ? __kmalloc_node_noprof+0x23d/0x520
[  375.359428][T12695]  ? sock_hash_alloc+0x336/0x510
[  375.360822][T12695]  __bpf_map_area_alloc+0xea/0x190
[  375.362303][T12695]  ? sock_hash_alloc+0x336/0x510
[  375.363741][T12695]  sock_hash_alloc+0x336/0x510
[  375.365139][T12695]  map_create+0x5c5/0x1f20
[  375.366432][T12695]  ? __pfx_lock_release+0x10/0x10
[  375.367930][T12695]  ? trace_lock_acquire+0x14e/0x1f0
[  375.369424][T12695]  ? __pfx_map_create+0x10/0x10
[  375.370850][T12695]  ? lock_acquire+0x2f/0xb0
[  375.372160][T12695]  ? __might_fault+0xe3/0x190
[  375.373461][T12695]  ? __might_fault+0xe3/0x190
[  375.374789][T12695]  __sys_bpf+0x4f58/0x57a0
[  375.376061][T12695]  ? __pfx_lock_release+0x10/0x10
[  375.377511][T12695]  ? __pfx___sys_bpf+0x10/0x10
[  375.378983][T12695]  ? vfs_write+0x306/0x1150
[  375.380293][T12695]  ? __mutex_unlock_slowpath+0x164/0x690
[  375.381905][T12695]  ? fput+0x67/0x440
[  375.383047][T12695]  ? ksys_write+0x1ba/0x250
[  375.384355][T12695]  ? __pfx_ksys_write+0x10/0x10
[  375.385774][T12695]  __ia32_sys_bpf+0x76/0xe0
[  375.387076][T12695]  __do_fast_syscall_32+0x73/0x120
[  375.388523][T12695]  do_fast_syscall_32+0x32/0x80
[  375.389955][T12695]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.391803][T12695] RIP: 0023:0xf7fc4579
[  375.392964][T12695] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  375.398263][T12695] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  375.400932][T12695] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000600
[  375.403589][T12695] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  375.405841][T12695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  375.408085][T12695] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  375.410318][T12695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.412602][T12695]  </TASK>
[  375.413849][    C1] vkms_vblank_simulate: vblank timer overrun
[  375.524267][T12703] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1905'.
[  375.604818][T12710] FAULT_INJECTION: forcing a failure.
[  375.604818][T12710] name failslab, interval 1, probability 0, space 0, times 0
[  375.608630][T12710] CPU: 0 UID: 0 PID: 12710 Comm: syz.2.1908 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  375.612096][T12710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  375.615532][T12710] Call Trace:
[  375.616483][T12710]  <TASK>
[  375.617317][T12710]  dump_stack_lvl+0x16c/0x1f0
[  375.618648][T12710]  should_fail_ex+0x497/0x5b0
[  375.619962][T12710]  ? fs_reclaim_acquire+0xae/0x150
[  375.621384][T12710]  should_failslab+0xc2/0x120
[  375.622717][T12710]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  375.624361][T12710]  ? __alloc_skb+0x2b3/0x380
[  375.625728][T12710]  __alloc_skb+0x2b3/0x380
[  375.627009][T12710]  ? __pfx___alloc_skb+0x10/0x10
[  375.628432][T12710]  ? genl_rcv_msg+0x540/0x800
[  375.629786][T12710]  ? genl_rcv_msg+0x4bd/0x800
[  375.631376][T12710]  netlink_ack+0x164/0xb20
[  375.633358][T12710]  netlink_rcv_skb+0x327/0x410
[  375.634836][T12710]  ? __pfx_genl_rcv_msg+0x10/0x10
[  375.636357][T12710]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  375.637927][T12710]  ? down_read+0xc9/0x330
[  375.639261][T12710]  ? __pfx_down_read+0x10/0x10
[  375.640674][T12710]  ? netlink_deliver_tap+0x1ae/0xca0
[  375.642368][T12710]  genl_rcv+0x28/0x40
[  375.643596][T12710]  netlink_unicast+0x53c/0x7f0
[  375.644975][T12710]  ? __pfx_netlink_unicast+0x10/0x10
[  375.646527][T12710]  ? __phys_addr_symbol+0x30/0x80
[  375.647987][T12710]  ? __check_object_size+0x488/0x710
[  375.649461][T12710]  netlink_sendmsg+0x8b8/0xd70
[  375.650953][T12710]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.653051][T12710]  ____sys_sendmsg+0x9ae/0xb40
[  375.654545][T12710]  ? __pfx_____sys_sendmsg+0x10/0x10
[  375.656044][T12710]  ? get_compat_msghdr+0x11b/0x170
[  375.657446][T12710]  ___sys_sendmsg+0x135/0x1e0
[  375.658749][T12710]  ? __pfx____sys_sendmsg+0x10/0x10
[  375.660186][T12710]  ? __pfx_lock_release+0x10/0x10
[  375.661586][T12710]  ? trace_lock_acquire+0x14e/0x1f0
[  375.663032][T12710]  ? __fget_files+0x206/0x3a0
[  375.664352][T12710]  __sys_sendmsg+0x16e/0x220
[  375.665654][T12710]  ? __pfx___sys_sendmsg+0x10/0x10
[  375.667138][T12710]  __do_fast_syscall_32+0x73/0x120
[  375.668560][T12710]  do_fast_syscall_32+0x32/0x80
[  375.669919][T12710]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.671712][T12710] RIP: 0023:0xf7fc4579
[  375.672828][T12710] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  375.678075][T12710] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  375.680365][T12710] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200004c0
[  375.683357][T12710] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  375.685598][T12710] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  375.687838][T12710] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  375.690007][T12710] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.692429][T12710]  </TASK>
[  375.760264][T12718] FAULT_INJECTION: forcing a failure.
[  375.760264][T12718] name failslab, interval 1, probability 0, space 0, times 0
[  375.763958][T12718] CPU: 0 UID: 0 PID: 12718 Comm: syz.2.1911 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  375.767038][T12718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  375.770058][T12718] Call Trace:
[  375.771051][T12718]  <TASK>
[  375.771963][T12718]  dump_stack_lvl+0x16c/0x1f0
[  375.773315][T12718]  should_fail_ex+0x497/0x5b0
[  375.774674][T12718]  should_failslab+0xc2/0x120
[  375.775990][T12718]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  375.777481][T12718]  ? skb_clone+0x190/0x3f0
[  375.778731][T12718]  skb_clone+0x190/0x3f0
[  375.779911][T12718]  netlink_deliver_tap+0xafd/0xca0
[  375.781346][T12718]  netlink_unicast+0x5e1/0x7f0
[  375.782721][T12718]  ? __pfx_netlink_unicast+0x10/0x10
[  375.784328][T12718]  ? __phys_addr_symbol+0x30/0x80
[  375.786287][T12718]  ? __check_object_size+0x488/0x710
[  375.788258][T12718]  netlink_sendmsg+0x8b8/0xd70
[  375.789846][T12718]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.791321][T12718]  ____sys_sendmsg+0x9ae/0xb40
[  375.792729][T12718]  ? __pfx_____sys_sendmsg+0x10/0x10
[  375.794292][T12718]  ? get_compat_msghdr+0x11b/0x170
[  375.795751][T12718]  ___sys_sendmsg+0x135/0x1e0
[  375.797085][T12718]  ? __pfx____sys_sendmsg+0x10/0x10
[  375.798628][T12718]  ? __pfx_lock_release+0x10/0x10
[  375.800045][T12718]  ? trace_lock_acquire+0x14e/0x1f0
[  375.801666][T12718]  ? __fget_files+0x206/0x3a0
[  375.803158][T12718]  __sys_sendmsg+0x16e/0x220
[  375.804525][T12718]  ? __pfx___sys_sendmsg+0x10/0x10
[  375.806066][T12718]  __do_fast_syscall_32+0x73/0x120
[  375.807599][T12718]  do_fast_syscall_32+0x32/0x80
[  375.809018][T12718]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.810918][T12718] RIP: 0023:0xf7fc4579
[  375.812129][T12718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  375.817739][T12718] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  375.820186][T12718] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[  375.822549][T12718] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  375.825073][T12718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  375.827352][T12718] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  375.829745][T12718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.832204][T12718]  </TASK>
[  375.931010][T12719] netlink: 'syz.4.1910': attribute type 10 has an invalid length.
[  376.209347][T12728] lo speed is unknown, defaulting to 1000
[  376.437844][T12734] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1916'.
[  376.727996][T12742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1918'.
[  377.390705][T12760] vlan3: entered allmulticast mode
[  377.393245][T12760] bond0: entered allmulticast mode
[  377.394889][T12760] bond_slave_0: entered allmulticast mode
[  377.394985][T12763] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1925'.
[  377.396878][T12760] bond_slave_1: entered allmulticast mode
[  377.405394][T12760] bond0: left allmulticast mode
[  377.406835][T12760] bond_slave_0: left allmulticast mode
[  377.408390][T12760] bond_slave_1: left allmulticast mode
[  377.708309][T12769] netlink: 'syz.2.1928': attribute type 10 has an invalid length.
[  377.712485][T12769] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  378.082156][T12774] netlink: 'syz.1.1929': attribute type 4 has an invalid length.
[  378.093168][T12774] netlink: 'syz.1.1929': attribute type 4 has an invalid length.
[  378.319870][T12784] FAULT_INJECTION: forcing a failure.
[  378.319870][T12784] name failslab, interval 1, probability 0, space 0, times 0
[  378.324908][T12784] CPU: 1 UID: 0 PID: 12784 Comm: syz.4.1932 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  378.328932][T12784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  378.332047][T12784] Call Trace:
[  378.333065][T12784]  <TASK>
[  378.333924][T12784]  dump_stack_lvl+0x16c/0x1f0
[  378.335330][T12784]  should_fail_ex+0x497/0x5b0
[  378.336681][T12784]  ? fs_reclaim_acquire+0xae/0x150
[  378.338163][T12784]  should_failslab+0xc2/0x120
[  378.339516][T12784]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  378.341388][T12784]  ? __alloc_skb+0x2b3/0x380
[  378.342908][T12784]  ? bpf_lsm_capable+0x9/0x10
[  378.344301][T12784]  __alloc_skb+0x2b3/0x380
[  378.345614][T12784]  ? __pfx___alloc_skb+0x10/0x10
[  378.347060][T12784]  ? genl_rcv_msg+0x4bd/0x800
[  378.348417][T12784]  netlink_ack+0x164/0xb20
[  378.349703][T12784]  netlink_rcv_skb+0x327/0x410
[  378.351195][T12784]  ? __pfx_genl_rcv_msg+0x10/0x10
[  378.352643][T12784]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  378.354557][T12784]  ? down_read+0xc9/0x330
[  378.356302][T12784]  ? __pfx_down_read+0x10/0x10
[  378.358198][T12784]  ? netlink_deliver_tap+0x1ae/0xca0
[  378.360311][T12784]  genl_rcv+0x28/0x40
[  378.361884][T12784]  netlink_unicast+0x53c/0x7f0
[  378.363820][T12784]  ? __pfx_netlink_unicast+0x10/0x10
[  378.365934][T12784]  ? __phys_addr_symbol+0x30/0x80
[  378.367947][T12784]  ? __check_object_size+0x488/0x710
[  378.370049][T12784]  netlink_sendmsg+0x8b8/0xd70
[  378.372013][T12784]  ? __pfx_netlink_sendmsg+0x10/0x10
[  378.374100][T12784]  ____sys_sendmsg+0x9ae/0xb40
[  378.375937][T12784]  ? __pfx_____sys_sendmsg+0x10/0x10
[  378.378018][T12784]  ? get_compat_msghdr+0x11b/0x170
[  378.379816][T12784]  ___sys_sendmsg+0x135/0x1e0
[  378.381135][T12784]  ? __pfx____sys_sendmsg+0x10/0x10
[  378.382528][T12784]  ? __pfx_lock_release+0x10/0x10
[  378.383983][T12784]  ? trace_lock_acquire+0x14e/0x1f0
[  378.385423][T12784]  ? __fget_files+0x206/0x3a0
[  378.386712][T12784]  __sys_sendmsg+0x16e/0x220
[  378.387975][T12784]  ? __pfx___sys_sendmsg+0x10/0x10
[  378.389637][T12784]  __do_fast_syscall_32+0x73/0x120
[  378.391626][T12784]  do_fast_syscall_32+0x32/0x80
[  378.393563][T12784]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  378.395550][T12784] RIP: 0023:0xf7f78579
[  378.396709][T12784] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  378.402124][T12784] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  378.404503][T12784] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180
[  378.406918][T12784] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  378.409110][T12784] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  378.411519][T12784] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  378.414620][T12784] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  378.417761][T12784]  </TASK>
[  378.419199][    C1] vkms_vblank_simulate: vblank timer overrun
[  378.450562][   T39] audit: type=1326 audit(1737176685.218:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.458188][   T39] audit: type=1326 audit(1737176685.218:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.469304][   T39] audit: type=1326 audit(1737176685.218:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.476145][   T39] audit: type=1326 audit(1737176685.218:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.486481][   T39] audit: type=1326 audit(1737176685.218:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.493449][   T39] audit: type=1326 audit(1737176685.218:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.499698][   T39] audit: type=1326 audit(1737176685.218:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.506120][   T39] audit: type=1326 audit(1737176685.218:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.512289][   T39] audit: type=1326 audit(1737176685.218:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.523418][   T39] audit: type=1326 audit(1737176685.218:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12785 comm="syz.4.1933" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  378.538587][T12791] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1936'.
[  378.831306][T12800] lo speed is unknown, defaulting to 1000
[  381.907134][T12821] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  382.052095][T12834] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1945'.
[  383.207060][T12842] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1948'.
[  383.635132][T12843] syz.4.1940: attempt to access beyond end of device
[  383.635132][T12843] nbd4: rw=0, sector=64, nr_sectors = 2 limit=0
[  383.638963][T12843] syz.4.1940: attempt to access beyond end of device
[  383.638963][T12843] nbd4: rw=0, sector=512, nr_sectors = 2 limit=0
[  383.643299][T12843] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  383.646274][T12843] syz.4.1940: attempt to access beyond end of device
[  383.646274][T12843] nbd4: rw=0, sector=1024, nr_sectors = 2 limit=0
[  383.650013][T12843] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  383.656835][T12843] syz.4.1940: attempt to access beyond end of device
[  383.656835][T12843] nbd4: rw=0, sector=64, nr_sectors = 4 limit=0
[  383.661156][T12843] syz.4.1940: attempt to access beyond end of device
[  383.661156][T12843] nbd4: rw=0, sector=1024, nr_sectors = 4 limit=0
[  383.665228][T12843] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  383.668026][T12843] syz.4.1940: attempt to access beyond end of device
[  383.668026][T12843] nbd4: rw=0, sector=2048, nr_sectors = 4 limit=0
[  383.671764][T12843] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  383.675597][T12843] syz.4.1940: attempt to access beyond end of device
[  383.675597][T12843] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  383.680721][T12843] syz.4.1940: attempt to access beyond end of device
[  383.680721][T12843] nbd4: rw=0, sector=2048, nr_sectors = 8 limit=0
[  383.686021][T12843] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  383.691053][T12843] syz.4.1940: attempt to access beyond end of device
[  383.691053][T12843] nbd4: rw=0, sector=4096, nr_sectors = 8 limit=0
[  383.695170][T12843] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  383.697916][T12843] UDF-fs: warning (device nbd4): udf_fill_super: No partition found (1)
[  383.861912][T12814] block nbd4: shutting down sockets
[  383.996838][T12841] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  383.999424][T12841] IPv6: NLM_F_CREATE should be set when creating new route
[  384.001543][T12841] IPv6: NLM_F_CREATE should be set when creating new route
[  385.365909][T12874] FAULT_INJECTION: forcing a failure.
[  385.365909][T12874] name failslab, interval 1, probability 0, space 0, times 0
[  385.369970][T12874] CPU: 0 UID: 0 PID: 12874 Comm: syz.1.1955 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  385.373398][T12874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  385.376493][T12874] Call Trace:
[  385.377536][T12874]  <TASK>
[  385.378518][T12874]  dump_stack_lvl+0x16c/0x1f0
[  385.380196][T12874]  should_fail_ex+0x497/0x5b0
[  385.381746][T12874]  ? fs_reclaim_acquire+0xae/0x150
[  385.383462][T12874]  should_failslab+0xc2/0x120
[  385.385064][T12874]  __kmalloc_cache_noprof+0x68/0x420
[  385.386791][T12874]  tc_new_tfilter+0xfd9/0x23a0
[  385.388170][T12874]  ? __pfx_tc_new_tfilter+0x10/0x10
[  385.389692][T12874]  ? __pfx___lock_acquire+0x10/0x10
[  385.391320][T12874]  ? kmem_cache_free+0x152/0x4c0
[  385.392931][T12874]  ? aa_get_newest_label+0x376/0x680
[  385.394669][T12874]  ? find_held_lock+0x2d/0x110
[  385.396207][T12874]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  385.397769][T12874]  ? __pfx_lock_release+0x10/0x10
[  385.399352][T12874]  ? trace_lock_acquire+0x14e/0x1f0
[  385.401007][T12874]  ? __pfx_tc_new_tfilter+0x10/0x10
[  385.402811][T12874]  rtnetlink_rcv_msg+0x95b/0xea0
[  385.404403][T12874]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  385.406265][T12874]  ? __pfx___dev_queue_xmit+0x10/0x10
[  385.408111][T12874]  netlink_rcv_skb+0x165/0x410
[  385.409894][T12874]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  385.412108][T12874]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  385.413903][T12874]  ? netlink_deliver_tap+0x1ae/0xca0
[  385.415677][T12874]  netlink_unicast+0x53c/0x7f0
[  385.417291][T12874]  ? __pfx_netlink_unicast+0x10/0x10
[  385.418827][T12874]  ? __phys_addr_symbol+0x30/0x80
[  385.420286][T12874]  ? __check_object_size+0x488/0x710
[  385.421800][T12874]  netlink_sendmsg+0x8b8/0xd70
[  385.423191][T12874]  ? __pfx_netlink_sendmsg+0x10/0x10
[  385.424710][T12874]  ____sys_sendmsg+0x9ae/0xb40
[  385.426088][T12874]  ? __pfx_____sys_sendmsg+0x10/0x10
[  385.427590][T12874]  ? get_compat_msghdr+0x11b/0x170
[  385.429089][T12874]  ___sys_sendmsg+0x135/0x1e0
[  385.430442][T12874]  ? __pfx____sys_sendmsg+0x10/0x10
[  385.431936][T12874]  ? __pfx_lock_release+0x10/0x10
[  385.433368][T12874]  ? trace_lock_acquire+0x14e/0x1f0
[  385.434863][T12874]  ? __fget_files+0x206/0x3a0
[  385.436214][T12874]  __sys_sendmsg+0x16e/0x220
[  385.437533][T12874]  ? __pfx___sys_sendmsg+0x10/0x10
[  385.439034][T12874]  __do_fast_syscall_32+0x73/0x120
[  385.440580][T12874]  do_fast_syscall_32+0x32/0x80
[  385.442005][T12874]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  385.443786][T12874] RIP: 0023:0xf7f92579
[  385.444962][T12874] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  385.450443][T12874] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  385.452837][T12874] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020006040
[  385.455075][T12874] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  385.457302][T12874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  385.459784][T12874] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  385.462094][T12874] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  385.464328][T12874]  </TASK>
[  386.993731][T12895] overlayfs: missing 'lowerdir'
[  387.224799][T12900] netlink: 'syz.4.1961': attribute type 3 has an invalid length.
[  387.227040][T12900] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1961'.
[  393.194177][T12914] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1965'.
[  393.316170][T12918] netlink: 'syz.1.1965': attribute type 4 has an invalid length.
[  393.318356][T12918] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1965'.
[  393.337115][T12918] lo speed is unknown, defaulting to 1000
[  393.456938][T12923] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1963'.
[  395.227728][T12948] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1970'.
[  395.560630][T12959] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1973'.
[  396.373698][T12970] 9pnet_fd: Insufficient options for proto=fd
[  397.394889][T12979] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1977'.
[  397.664648][T12990] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1981'.
[  397.757260][T12981] lo speed is unknown, defaulting to 1000
[  397.885653][T12996] input input40: cannot allocate more than FF_MAX_EFFECTS effects
[  398.044023][T13004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1982'.
[  398.692323][T13005] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  398.700954][T13005] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  399.241752][T13020] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1985'.
[  400.693548][T13027] netlink: 'syz.0.1989': attribute type 4 has an invalid length.
[  400.775312][T13028] netlink: 'syz.0.1989': attribute type 4 has an invalid length.
[  401.713170][T13031] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1990'.
[  402.895203][T13041] netlink: 'syz.1.1991': attribute type 4 has an invalid length.
[  403.020087][T13036] netlink: 'syz.1.1991': attribute type 4 has an invalid length.
[  403.135505][T13044] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1992'.
[  404.630123][T13072] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2000'.
[  404.856430][T13078] FAULT_INJECTION: forcing a failure.
[  404.856430][T13078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.951877][T13078] CPU: 0 UID: 0 PID: 13078 Comm: syz.1.2001 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  404.954968][T13078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.958171][T13078] Call Trace:
[  404.959140][T13078]  <TASK>
[  404.960256][T13078]  dump_stack_lvl+0x16c/0x1f0
[  404.962041][T13078]  should_fail_ex+0x497/0x5b0
[  404.963843][T13078]  _copy_from_iter+0x29b/0x1400
[  404.965548][T13078]  ? trace_lock_acquire+0x14e/0x1f0
[  404.967555][T13078]  ? __alloc_skb+0x200/0x380
[  404.968921][T13078]  ? __pfx__copy_from_iter+0x10/0x10
[  404.970464][T13078]  ? __virt_addr_valid+0x1a4/0x590
[  404.971945][T13078]  ? __virt_addr_valid+0x5e/0x590
[  404.973391][T13078]  ? __phys_addr_symbol+0x30/0x80
[  404.974850][T13078]  ? __check_object_size+0x488/0x710
[  404.976356][T13078]  netlink_sendmsg+0x813/0xd70
[  404.977753][T13078]  ? __pfx_netlink_sendmsg+0x10/0x10
[  404.979275][T13078]  ____sys_sendmsg+0x9ae/0xb40
[  404.980646][T13078]  ? __pfx_____sys_sendmsg+0x10/0x10
[  404.982193][T13078]  ? get_compat_msghdr+0x11b/0x170
[  404.983668][T13078]  ___sys_sendmsg+0x135/0x1e0
[  404.985030][T13078]  ? __pfx____sys_sendmsg+0x10/0x10
[  404.986534][T13078]  ? __pfx_lock_release+0x10/0x10
[  404.988008][T13078]  ? trace_lock_acquire+0x14e/0x1f0
[  404.989496][T13078]  ? __fget_files+0x206/0x3a0
[  404.990882][T13078]  __sys_sendmsg+0x16e/0x220
[  404.992218][T13078]  ? __pfx___sys_sendmsg+0x10/0x10
[  404.993695][T13078]  __do_fast_syscall_32+0x73/0x120
[  404.995179][T13078]  do_fast_syscall_32+0x32/0x80
[  404.996584][T13078]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  404.998403][T13078] RIP: 0023:0xf7f92579
[  404.999576][T13078] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  405.005038][T13078] RSP: 002b:00000000f50c555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  405.007415][T13078] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000540
[  405.009702][T13078] RDX: 0000000000040080 RSI: 0000000000000000 RDI: 0000000000000000
[  405.011966][T13078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  405.014220][T13078] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  405.016473][T13078] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  405.018742][T13078]  </TASK>
[  405.166252][T13074] overlayfs: missing 'lowerdir'
[  405.681053][T13093] FAULT_INJECTION: forcing a failure.
[  405.681053][T13093] name fail_futex, interval 1, probability 0, space 0, times 1
[  405.684984][T13093] CPU: 1 UID: 0 PID: 13093 Comm: syz.4.2003 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  405.688181][T13093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  405.691462][T13093] Call Trace:
[  405.692530][T13093]  <TASK>
[  405.693453][T13093]  dump_stack_lvl+0x16c/0x1f0
[  405.694893][T13093]  should_fail_ex+0x497/0x5b0
[  405.696351][T13093]  ? __lock_acquire+0x15a9/0x3c40
[  405.697917][T13093]  get_futex_key+0x4a3/0x1000
[  405.699342][T13093]  ? __pfx_get_futex_key+0x10/0x10
[  405.701047][T13093]  futex_wake+0xe8/0x4e0
[  405.702348][T13093]  ? __pfx_futex_wake+0x10/0x10
[  405.703829][T13093]  ? find_held_lock+0x2d/0x110
[  405.705329][T13093]  do_futex+0x1e5/0x350
[  405.706667][T13093]  ? __pfx_do_futex+0x10/0x10
[  405.708092][T13093]  ? __might_fault+0xe3/0x190
[  405.709547][T13093]  ? __might_fault+0xe3/0x190
[  405.711112][T13093]  mm_release+0x24e/0x300
[  405.712431][T13093]  do_exit+0x886/0x2d70
[  405.713807][T13093]  ? get_signal+0x8f7/0x2610
[  405.715234][T13093]  ? __pfx_do_exit+0x10/0x10
[  405.716635][T13093]  ? do_raw_spin_lock+0x12d/0x2c0
[  405.718207][T13093]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  405.719887][T13093]  do_group_exit+0xd3/0x2a0
[  405.721281][T13093]  get_signal+0x2576/0x2610
[  405.722712][T13093]  ? __pfx___lock_acquire+0x10/0x10
[  405.724274][T13093]  ? __pfx_fuse_dev_write+0x10/0x10
[  405.725849][T13093]  ? __pfx_get_signal+0x10/0x10
[  405.727339][T13093]  ? find_held_lock+0x2d/0x110
[  405.728811][T13093]  arch_do_signal_or_restart+0x90/0x7e0
[  405.730545][T13093]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  405.732418][T13093]  ? __might_fault+0xe3/0x190
[  405.733877][T13093]  syscall_exit_to_user_mode+0x150/0x2a0
[  405.735562][T13093]  __do_fast_syscall_32+0x80/0x120
[  405.737077][T13093]  do_fast_syscall_32+0x32/0x80
[  405.738597][T13093]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  405.740498][T13093] RIP: 0023:0xf7f78579
[  405.741950][T13093] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  405.747672][T13093] RSP: 002b:00000000f508455c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  405.750193][T13093] RAX: fffffffffffffffe RBX: 0000000000000003 RCX: 00000000200000c0
[  405.752579][T13093] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  405.754973][T13093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  405.757320][T13093] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  405.759724][T13093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  405.762195][T13093]  </TASK>
[  405.833364][T13099] overlayfs: missing 'lowerdir'
[  406.130501][T13107] lo speed is unknown, defaulting to 1000
[  406.411869][ T6509] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  406.542006][ T6509] usb 5-1: device descriptor read/64, error -71
[  406.792315][ T6509] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  406.942216][ T6509] usb 5-1: device descriptor read/64, error -71
[  407.052592][ T6509] usb usb5-port1: attempt power cycle
[  407.391957][ T6509] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  407.426975][ T6509] usb 5-1: device descriptor read/8, error -71
[  407.731866][ T6509] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  407.752280][ T6509] usb 5-1: device descriptor read/8, error -71
[  407.837083][T13122] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  407.872075][ T6509] usb usb5-port1: unable to enumerate USB device
[  408.448600][T13143] netlink: 'syz.2.2018': attribute type 1 has an invalid length.
[  408.450914][T13143] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2018'.
[  410.177015][T13160] overlayfs: missing 'workdir'
[  410.424713][T13174] lo speed is unknown, defaulting to 1000
[  410.427876][T13174] lo speed is unknown, defaulting to 1000
[  410.429738][T13174] lo speed is unknown, defaulting to 1000
[  410.495152][T13179] netlink: 'syz.4.2025': attribute type 1 has an invalid length.
[  410.497456][T13179] netlink: 'syz.4.2025': attribute type 3 has an invalid length.
[  410.499639][T13179] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2025'.
[  410.508701][T13179] »»»»»»7: renamed from lo
[  410.515693][    T9] »»»»»»7 speed is unknown, defaulting to 1000
[  410.518241][T13174] infiniband s
z1: set down
[  410.519738][T13174] infiniband s
z1: added »»»»»»7
[  410.549786][T13174] RDS/IB: s
z1: added
[  410.551443][T13174] smc: adding ib device s
z1 with port count 1
[  410.554721][T13174] smc:    ib device s
z1 port 1 has pnetid 
[  410.558722][   T30] »»»»»»7 speed is unknown, defaulting to 1000
[  410.561414][T13174] »»»»»»7 speed is unknown, defaulting to 1000
[  410.605654][T13174] »»»»»»7 speed is unknown, defaulting to 1000
[  410.644160][T13174] »»»»»»7 speed is unknown, defaulting to 1000
[  410.661023][T13196] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2029'.
[  410.682862][T13174] »»»»»»7 speed is unknown, defaulting to 1000
[  410.719788][T13174] »»»»»»7 speed is unknown, defaulting to 1000
[  410.853720][T13205] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2032'.
[  411.177651][T13213] overlayfs: missing 'workdir'
[  412.132052][   T39] kauditd_printk_skb: 11 callbacks suppressed
[  412.132063][   T39] audit: type=1804 audit(1737176718.898:238): pid=13225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2037" name="/newroot/360/file0/file0" dev="ramfs" ino=43700 res=1 errno=0
[  412.420347][T13242] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2041'.
[  412.539692][T13245] syzkaller0: entered promiscuous mode
[  412.541701][T13245] syzkaller0: entered allmulticast mode
[  413.170141][T13257] overlayfs: failed to resolve './bus/file0': -2
[  414.309079][T13263] smc: net device bond0 applied user defined pnetid SYZ0
[  415.004025][T13273] overlayfs: missing 'workdir'
[  415.163084][T13287] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2051'.
[  415.952192][T11171] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  416.091984][    T9] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  416.111885][T11171] usb 9-1: Using ep0 maxpacket: 8
[  416.115150][T11171] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  416.117549][T11171] usb 9-1: config 0 has no interface number 0
[  416.119519][T11171] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  416.122438][T11171] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  416.125832][T11171] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  416.128921][T11171] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  416.132603][T11171] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  416.135201][T11171] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.138329][T11171] usb 9-1: config 0 descriptor??
[  416.142262][T11171] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  416.244441][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  416.247283][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  416.249738][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 30062, setting to 64
[  416.253254][    T9] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  416.255840][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.262178][T13314] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  416.265343][    T9] hub 5-1:1.0: bad descriptor, ignoring hub
[  416.267066][    T9] hub 5-1:1.0: probe with driver hub failed with error -5
[  416.269245][    T9] cdc_wdm 5-1:1.0: skipping garbage
[  416.270727][    T9] cdc_wdm 5-1:1.0: skipping garbage
[  416.275884][    T9] cdc_wdm 5-1:1.0: cdc-wdm1: USB WDM device
[  416.277592][    T9] cdc_wdm 5-1:1.0: Unknown control protocol
[  416.381873][T13319] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2062'.
[  418.454192][T12943] usb 9-1: USB disconnect, device number 13
[  418.455968][    C2] ldusb 9-1:0.55: usb_submit_urb failed (-19)
[  418.459700][T12943] ldusb 9-1:0.55: LD USB Device #0 now disconnected
[  418.855445][T13357] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2071'.
[  419.299245][T13357] netlink: 'syz.2.2071': attribute type 4 has an invalid length.
[  419.301533][T13357] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2071'.
[  419.304947][T13363] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2073'.
[  419.320528][T13357] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2071'.
[  419.339844][T13357] lo speed is unknown, defaulting to 1000
[  419.343819][T13357] »»»»»»7 speed is unknown, defaulting to 1000
[  419.782202][ T1328] usb 5-1: USB disconnect, device number 26
[  420.505320][T13398] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2083'.
[  420.684693][T13412] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2088'.
[  420.748224][T13412] netlink: 'syz.1.2088': attribute type 4 has an invalid length.
[  420.750388][T13412] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2088'.
[  420.764960][T13412] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2088'.
[  420.837271][T13417] random: crng reseeded on system resumption
[  420.853452][T13417] ebtables: wrong size: *len 120, entries_size 48, replsz 48
[  420.883982][T13412] lo speed is unknown, defaulting to 1000
[  420.899121][T13412] »»»»»»7 speed is unknown, defaulting to 1000
[  421.360550][T13423] netlink: 'syz.4.2090': attribute type 1 has an invalid length.
[  421.492641][T13431] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2093'.
[  421.641955][ T5911] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  421.803363][ T5911] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  421.806586][ T5911] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  421.809383][ T5911] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  421.813271][ T5911] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  421.815891][ T5911] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.825391][ T5911] usb 9-1: config 0 descriptor??
[  422.237117][T13447] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  422.239070][T13447] overlayfs: failed to set xattr on upper
[  422.240610][T13447] overlayfs: ...falling back to redirect_dir=nofollow.
[  422.261949][T13447] overlayfs: ...falling back to index=off.
[  422.301298][ T5911] usbhid 9-1:0.0: can't add hid device: -71
[  422.304222][ T5911] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  422.307343][ T5911] usb 9-1: USB disconnect, device number 14
[  422.313412][T13447] overlayfs: ...falling back to uuid=null.
[  422.795750][T13465] ALSA: mixer_oss: invalid OSS volume ''
[  422.877975][T13468] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2102'.
[  423.057994][T13472] netlink: 'syz.2.2103': attribute type 10 has an invalid length.
[  423.067324][T13472] bond0: (slave netdevsim0): Releasing backup interface
[  423.071239][T13472] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  423.082842][T13472] team0: Failed to send options change via netlink (err -105)
[  423.084915][T13472] team0: Port device netdevsim0 added
[  423.130707][T13472] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2103'.
[  423.156389][T13472] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2103'.
[  423.184773][T13472] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2103'.
[  423.406990][T13462] /dev/sr0: Can't open blockdev
[  423.647642][T13484] misc userio: Invalid payload size
[  423.661504][T13484] misc userio: Invalid payload size
[  424.193346][T13502] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  424.195563][T13502] overlayfs: failed to set xattr on upper
[  424.197183][T13502] overlayfs: ...falling back to redirect_dir=nofollow.
[  424.199068][T13502] overlayfs: ...falling back to index=off.
[  424.202480][T13502] overlayfs: ...falling back to uuid=null.
[  424.411891][ T6509] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  424.561876][ T6509] usb 5-1: Using ep0 maxpacket: 8
[  424.564649][ T6509] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  424.567529][ T6509] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  424.570250][ T6509] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  424.573579][ T6509] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  424.577461][ T6509] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  424.579942][ T6509] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.837085][ T6509] usb 5-1: GET_CAPABILITIES returned 0
[  424.838668][ T6509] usbtmc 5-1:16.0: can't read capabilities
[  425.039351][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.041947][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.044427][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.046893][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.049385][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.051960][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.054524][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.056986][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.059485][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.062054][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.064512][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.067022][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.070435][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.072968][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.075512][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.078081][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  425.646218][T12943] usb 5-1: USB disconnect, device number 27
[  426.020388][T13524] input: syz1 as /devices/virtual/input/input42
[  426.185894][T13527] dccp_xmit_packet: Payload too large (65475) for featneg.
[  426.237248][T13534] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2119'.
[  426.299525][T13536] FAULT_INJECTION: forcing a failure.
[  426.299525][T13536] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.303199][T13536] CPU: 3 UID: 0 PID: 13536 Comm: syz.0.2120 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  426.306145][T13536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  426.309053][T13536] Call Trace:
[  426.310043][T13536]  <TASK>
[  426.310864][T13536]  dump_stack_lvl+0x16c/0x1f0
[  426.312217][T13536]  should_fail_ex+0x497/0x5b0
[  426.313526][T13536]  _copy_from_user+0x2e/0xd0
[  426.314870][T13536]  vt_compat_ioctl+0x27e/0x4e0
[  426.316219][T13536]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  426.317687][T13536]  ? __fget_files+0x206/0x3a0
[  426.318991][T13536]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  426.320495][T13536]  tty_compat_ioctl+0x2ee/0x4d0
[  426.321862][T13536]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  426.323478][T13536]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  426.325019][T13536]  __do_fast_syscall_32+0x73/0x120
[  426.326462][T13536]  do_fast_syscall_32+0x32/0x80
[  426.327852][T13536]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  426.329659][T13536] RIP: 0023:0xf708e579
[  426.330843][T13536] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  426.336332][T13536] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  426.338621][T13536] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b67
[  426.340789][T13536] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000000000
[  426.342955][T13536] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  426.345546][T13536] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  426.347772][T13536] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  426.349939][T13536]  </TASK>
[  427.267145][T12943] 
[  427.268063][T12943] ======================================================
[  427.270528][T12943] WARNING: possible circular locking dependency detected
[  427.272955][T12943] 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0 Not tainted
[  427.273852][T13552] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  427.276447][T12943] ------------------------------------------------------
[  427.276455][T12943] kworker/2:4/12943 is trying to acquire lock:
[  427.276464][T12943] ffff888024510fa0 (&q->sysfs_lock){+.+.}-{4:4}, at: blk_unregister_queue+0x125/0x2e0
[  427.279335][T13552] overlayfs: failed to set xattr on upper
[  427.281877][T12943] 
[  427.281877][T12943] but task is already holding lock:
[  427.281884][T12943] ffff888024511030 (&q->sysfs_dir_lock){+.+.}-{4:4}, at: blk_unregister_queue+0xdb/0x2e0
[  427.281939][T12943] 
[  427.281939][T12943] which lock already depends on the new lock.
[  427.281939][T12943] 
[  427.281944][T12943] 
[  427.281944][T12943] the existing dependency chain (in reverse order) is:
[  427.281949][T12943] 
[  427.281949][T12943] -> #5 (&q->sysfs_dir_lock){+.+.}-{4:4}:
[  427.305399][T12943]        __mutex_lock+0x19b/0xa60
[  427.307296][T12943]        blk_mq_sysfs_unregister_hctxs+0x92/0x2d0
[  427.309576][T12943]        __blk_mq_update_nr_hw_queues+0x93f/0x1460
[  427.311863][T12943]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  427.314188][T12943]        nbd_start_device+0x15b/0xd70
[  427.316348][T12943]        nbd_ioctl+0x21a/0xfd0
[  427.318284][T12943]        compat_blkdev_ioctl+0x2f7/0x750
[  427.320531][T12943]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  427.322871][T12943]        __do_fast_syscall_32+0x73/0x120
[  427.325131][T12943]        do_fast_syscall_32+0x32/0x80
[  427.327300][T12943]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  427.330036][T12943] 
[  427.330036][T12943] -> #4 (&q->q_usage_counter(io)#53){++++}-{0:0}:
[  427.333470][T12943]        blk_mq_submit_bio+0x1fb6/0x24c0
[  427.335711][T12943]        __submit_bio+0x384/0x540
[  427.337760][T12943]        submit_bio_noacct_nocheck+0x698/0xd70
[  427.340240][T12943]        submit_bio_noacct+0x93a/0x1e20
[  427.342465][T12943]        mpage_readahead+0x41d/0x590
[  427.344597][T12943]        read_pages+0x1a8/0xdc0
[  427.346561][T12943]        page_cache_ra_unbounded+0x3dc/0x750
[  427.348967][T12943]        force_page_cache_ra+0x24b/0x340
[  427.350781][T12943]        page_cache_sync_ra+0x110/0x9c0
[  427.352361][T12943]        filemap_get_pages+0xd7b/0x1be0
[  427.353939][T12943]        filemap_read+0x3ca/0xd70
[  427.355380][T12943]        blkdev_read_iter+0x187/0x480
[  427.356864][T12943]        vfs_read+0x87f/0xbe0
[  427.358195][T12943]        ksys_read+0x12b/0x250
[  427.359558][T12943]        do_syscall_64+0xcd/0x250
[  427.361021][T12943]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.362871][T12943] 
[  427.362871][T12943] -> #3 (mapping.invalidate_lock#2){++++}-{4:4}:
[  427.365289][T12943]        down_read+0x9a/0x330
[  427.366656][T12943]        filemap_fault+0x2e0/0x2820
[  427.368157][T12943]        __do_fault+0x10a/0x490
[  427.369559][T12943]        do_pte_missing+0xebd/0x3e00
[  427.371079][T12943]        __handle_mm_fault+0x103c/0x2a40
[  427.372685][T12943]        handle_mm_fault+0x3fa/0xaa0
[  427.374213][T12943]        do_user_addr_fault+0x7a3/0x13f0
[  427.375810][T12943]        exc_page_fault+0x5c/0xc0
[  427.377261][T12943]        asm_exc_page_fault+0x26/0x30
[  427.378799][T12943]        _copy_from_user+0x95/0xd0
[  427.380265][T12943]        get_compat_msghdr+0xa8/0x170
[  427.381781][T12943]        ___sys_recvmsg+0x193/0x1a0
[  427.383269][T12943]        do_recvmmsg+0x55d/0x740
[  427.384696][T12943]        __sys_recvmmsg+0x21e/0x280
[  427.386192][T12943]        __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  427.388109][T12943]        __do_fast_syscall_32+0x73/0x120
[  427.389719][T12943]        do_fast_syscall_32+0x32/0x80
[  427.391281][T12943]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  427.392159][T13552] overlayfs: ...falling back to redirect_dir=nofollow.
[  427.393213][T12943] 
[  427.393213][T12943] -> #2 (&mm->mmap_lock){++++}-{4:4}:
[  427.393230][T12943]        __might_fault+0x11b/0x190
[  427.393244][T12943]        _copy_from_user+0x29/0xd0
[  427.393257][T12943]        compat_blk_trace_setup+0xc9/0x200
[  427.401758][T12943]        blk_trace_ioctl+0x24a/0x290
[  427.403267][T12943]        compat_blkdev_ioctl+0x13c/0x750
[  427.404868][T12943]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  427.406508][T12943]        __do_fast_syscall_32+0x73/0x120
[  427.408060][T12943]        do_fast_syscall_32+0x32/0x80
[  427.409583][T12943]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  427.411454][T12943] 
[  427.411454][T12943] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}:
[  427.413599][T12943]        __mutex_lock+0x19b/0xa60
[  427.414976][T12943]        blk_register_queue+0x13c/0x4f0
[  427.416492][T12943]        add_disk_fwnode+0x785/0x1300
[  427.417953][T12943]        brd_alloc.isra.0+0x50a/0x7c0
[  427.419449][T12943]        brd_init+0x12b/0x1d0
[  427.420760][T12943]        do_one_initcall+0x128/0x630
[  427.422233][T12943]        kernel_init_freeable+0x58f/0x8b0
[  427.423851][T12943]        kernel_init+0x1c/0x2b0
[  427.425205][T12943]        ret_from_fork+0x45/0x80
[  427.426592][T12943]        ret_from_fork_asm+0x1a/0x30
[  427.428075][T12943] 
[  427.428075][T12943] -> #0 (&q->sysfs_lock){+.+.}-{4:4}:
[  427.430155][T12943]        __lock_acquire+0x249e/0x3c40
[  427.431634][T12943]        lock_acquire.part.0+0x11b/0x380
[  427.433186][T12943]        __mutex_lock+0x19b/0xa60
[  427.434566][T12943]        blk_unregister_queue+0x125/0x2e0
[  427.436139][T12943]        del_gendisk+0x2df/0xad0
[  427.437510][T12943]        md_kobj_release+0xb2/0x100
[  427.438969][T12943]        kobject_put+0x1e4/0x5a0
[  427.440365][T12943]        process_one_work+0x958/0x1b30
[  427.441893][T12943]        worker_thread+0x6c8/0xf00
[  427.443327][T12943]        kthread+0x2c1/0x3a0
[  427.444667][T12943]        ret_from_fork+0x45/0x80
[  427.446129][T12943]        ret_from_fork_asm+0x1a/0x30
[  427.447567][T12943] 
[  427.447567][T12943] other info that might help us debug this:
[  427.447567][T12943] 
[  427.450341][T12943] Chain exists of:
[  427.450341][T12943]   &q->sysfs_lock --> &q->q_usage_counter(io)#53 --> &q->sysfs_dir_lock
[  427.450341][T12943] 
[  427.454331][T12943]  Possible unsafe locking scenario:
[  427.454331][T12943] 
[  427.456368][T12943]        CPU0                    CPU1
[  427.457827][T12943]        ----                    ----
[  427.459300][T12943]   lock(&q->sysfs_dir_lock);
[  427.460603][T12943]                                lock(&q->q_usage_counter(io)#53);
[  427.462781][T12943]                                lock(&q->sysfs_dir_lock);
[  427.464792][T12943]   lock(&q->sysfs_lock);
[  427.466005][T12943] 
[  427.466005][T12943]  *** DEADLOCK ***
[  427.466005][T12943] 
[  427.468243][T12943] 3 locks held by kworker/2:4/12943:
[  427.469761][T12943]  #0: ffff88801bb53d48 ((wq_completion)md_misc){+.+.}-{0:0}, at: process_one_work+0x12cd/0x1b30
[  427.472640][T12943]  #1: ffffc90007e47d80 ((work_completion)(&mddev->del_work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30
[  427.475843][T12943]  #2: ffff888024511030 (&q->sysfs_dir_lock){+.+.}-{4:4}, at: blk_unregister_queue+0xdb/0x2e0
[  427.478647][T12943] 
[  427.478647][T12943] stack backtrace:
[  427.480271][T12943] CPU: 2 UID: 0 PID: 12943 Comm: kworker/2:4 Not tainted 6.13.0-rc7-syzkaller-00160-gad26fc09dabf #0
[  427.483244][T12943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  427.486196][T12943] Workqueue: md_misc mddev_delayed_delete
[  427.487821][T12943] Call Trace:
[  427.488790][T12943]  <TASK>
[  427.489654][T12943]  dump_stack_lvl+0x116/0x1f0
[  427.491034][T12943]  print_circular_bug+0x41c/0x610
[  427.492489][T12943]  check_noncircular+0x31a/0x400
[  427.493923][T12943]  ? __pfx_check_noncircular+0x10/0x10
[  427.495492][T12943]  ? lockdep_lock+0xc6/0x200
[  427.496824][T12943]  ? __pfx_lockdep_lock+0x10/0x10
[  427.498262][T12943]  ? __pfx___lock_acquire+0x10/0x10
[  427.499687][T12943]  __lock_acquire+0x249e/0x3c40
[  427.501041][T12943]  ? __pfx___lock_acquire+0x10/0x10
[  427.502501][T12943]  ? __pfx_lock_release+0x10/0x10
[  427.503898][T12943]  ? trace_lock_acquire+0x14e/0x1f0
[  427.505343][T12943]  lock_acquire.part.0+0x11b/0x380
[  427.506771][T12943]  ? blk_unregister_queue+0x125/0x2e0
[  427.508259][T12943]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  427.509844][T12943]  ? rcu_is_watching+0x12/0xc0
[  427.511203][T12943]  ? trace_lock_acquire+0x14e/0x1f0
[  427.512679][T12943]  ? blk_unregister_queue+0x125/0x2e0
[  427.514204][T12943]  ? lock_acquire+0x2f/0xb0
[  427.515493][T12943]  ? blk_unregister_queue+0x125/0x2e0
[  427.516987][T12943]  __mutex_lock+0x19b/0xa60
[  427.518255][T12943]  ? blk_unregister_queue+0x125/0x2e0
[  427.519744][T12943]  ? blk_unregister_queue+0x125/0x2e0
[  427.521241][T12943]  ? __pfx___mutex_lock+0x10/0x10
[  427.522641][T12943]  ? kobject_put+0xab/0x5a0
[  427.523908][T12943]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  427.525601][T12943]  ? blk_unregister_queue+0x125/0x2e0
[  427.527082][T12943]  blk_unregister_queue+0x125/0x2e0
[  427.528556][T12943]  del_gendisk+0x2df/0xad0
[  427.529840][T12943]  ? __pfx_del_gendisk+0x10/0x10
[  427.531210][T12943]  ? kernfs_put.part.0+0x19d/0x3a0
[  427.532637][T12943]  md_kobj_release+0xb2/0x100
[  427.533941][T12943]  kobject_put+0x1e4/0x5a0
[  427.535190][T12943]  process_one_work+0x958/0x1b30
[  427.536603][T12943]  ? __pfx_disk_events_workfn+0x10/0x10
[  427.538181][T12943]  ? __pfx_process_one_work+0x10/0x10
[  427.539702][T12943]  ? rcu_is_watching+0x12/0xc0
[  427.541094][T12943]  ? assign_work+0x1a0/0x250
[  427.542440][T12943]  worker_thread+0x6c8/0xf00
[  427.543773][T12943]  ? __kthread_parkme+0x148/0x220
[  427.545219][T12943]  ? __pfx_worker_thread+0x10/0x10
[  427.546662][T12943]  kthread+0x2c1/0x3a0
[  427.547817][T12943]  ? _raw_spin_unlock_irq+0x23/0x50
[  427.549305][T12943]  ? __pfx_kthread+0x10/0x10
[  427.550644][T12943]  ret_from_fork+0x45/0x80
[  427.551931][T12943]  ? __pfx_kthread+0x10/0x10
[  427.553255][T12943]  ret_from_fork_asm+0x1a/0x30
[  427.554626][T12943]  </TASK>
[  427.562078][T13552] overlayfs: ...falling back to index=off.
[  427.563814][T13552] overlayfs: ...falling back to uuid=null.
[  427.848765][T13532] netlink: 'syz.2.2118': attribute type 9 has an invalid length.

VM DIAGNOSIS:
05:05:33  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000002 RBX=0000000000000035 RCX=ffffffff817947a1 RDX=ffff888022bfa440
RSI=0000000000000000 RDI=0000000000000001 RBP=1ffff92000650f29 RSP=ffffc90003287930
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=00000000000a201e
R12=0000000000000001 R13=0000000000000200 R14=ffff88801edc4880 R15=0000000000000001
RIP=ffffffff819947c2 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3159cb CR3=000000006b0d6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000ca4c1c RBX=0000000000000001 RCX=ffffffff8b1a8889 RDX=ffffed10056a6fee
RSI=ffffffff8bb17300 RDI=ffffffff81703079 RBP=ffffed10039dc910 RSP=ffffc9000047fe08
R8 =0000000000000000 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=ffff88802b43fb10
R12=0000000000000001 R13=ffff88801cee4880 R14=ffffffff901cf850 R15=0000000000000000
RIP=ffffffff8b1a9c6f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002000f000 CR3=000000006b0d6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000026 RCX=ffffffff817947a1 RDX=ffff88801edc4880
RSI=0000000000000000 RDI=0000000000000001 RBP=1ffff92000fc8e85 RSP=ffffc90007e47410
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=722d302e33312e36
R12=0000000000000001 R13=0000000000000000 R14=ffff888022bfa440 R15=0000000000000001
RIP=ffffffff81994791 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000580a799c CR3=00000000255e6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004080 Opmask01=0000000000000001 Opmask02=000000000000ffdf Opmask03=0104100080810010
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcbafe2f50 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 00ff000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffff0000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373255d0f53c4b3 73730c5c9c2c6823
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737312 7373737373730a07
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 0000000000000000 44455a494c414954 494e495f43455355
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75722079 7261726f706d6574 002a3f005b3f2a00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 746e6e6f635f666e 0000562e7c1c16c9 0000000000000031 0000000000003234
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2fef5f1c10 0000562e7c1ca2b0 0000000000000121 0000000000302e36
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f5f4673597e622d 3576613172280e6e 0a1031146e000176 07263f3a621b1508
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f7f7f7f7f7f7b7f 7f7f7b7f7f7f7f7f 7f3f377f7f37777f 1f373f3e7f7f7d7b
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26483b3a3a264b3b 3a0a00307f617930 3b2433273f397b27 697a787c69303b7e
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0032303834003038 313d51454a003000 6373626d623d453d 414554454400303d
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0032303834003038 3133003030003000 30446233303d453d 3a4554453600303d
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000007 RBX=0000000000000200 RCX=1ffffffff203a56a RDX=0000000000000000
RSI=0000000000000200 RDI=ffffffff813f49d6 RBP=0000000000000246 RSP=ffffc9000716fba8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000008 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=ffffc9000716fc70 R15=00000000000000e7
RIP=ffffffff815bf273 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0003 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020065000 CR3=000000004b470000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000