last executing test programs:

7m3.078790289s ago: executing program 0 (id=635):
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket(0x2a, 0x2, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
socket$inet6(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd28, 0x25dfdbfd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000001b00)=[{{&(0x7f0000000180)=@in={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000002700)=[{&(0x7f0000000440)=""/167, 0xa7}, {&(0x7f0000000500)=""/236, 0xec}, {&(0x7f0000000280)=""/38, 0x26}, {&(0x7f0000000600)=""/189, 0xbd}, {&(0x7f0000004100)=""/4102, 0x1006}, {&(0x7f0000000340)=""/114, 0x72}, {&(0x7f00000006c0)=""/23, 0x17}, {&(0x7f0000005140)=""/4103, 0x1007}], 0x8}, 0x1002}, {{&(0x7f0000000700)=@hci, 0x80, &(0x7f00000009c0)=[{&(0x7f00000027c0)=""/8, 0x8}, {&(0x7f0000002800)=""/182, 0xb6}, {&(0x7f0000000a40)=""/14, 0xe}, {&(0x7f0000002900)=""/130, 0x82}, {&(0x7f0000000a80)=""/4096, 0x1000}, {&(0x7f00000039c0)=""/13, 0xd}, {&(0x7f0000003a00)=""/58, 0x3a}, {&(0x7f0000003a40)=""/221, 0xdd}, {&(0x7f0000003b40)}, {&(0x7f0000000780)=""/160, 0xa0}, {&(0x7f0000000840)=""/142, 0x8e}, {&(0x7f0000000900)=""/148, 0x94}], 0xc, &(0x7f0000003c00)=""/23, 0x17}, 0x4}, {{&(0x7f0000003c40)=@rc={0x1f, @none}, 0x80, &(0x7f0000003cc0), 0x0, &(0x7f0000001c40)=""/204, 0xcc}, 0x1}, {{&(0x7f0000003dc0)=@l2tp6, 0x80, &(0x7f0000003f80)=[{&(0x7f0000001b80)=""/164, 0xa4}, {&(0x7f0000001a80)=""/84, 0x54}], 0x2, &(0x7f0000003fc0)=""/145, 0x91}, 0x2}], 0x4, 0x40010000, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000003c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0xffffffffffffff83)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000004140), 0x0, 0x4000004)
r6 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)

7m2.143058337s ago: executing program 0 (id=647):
r0 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x62040200)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYBLOB="600000002000010000000000000000000a8010000000000118000100140001007c01000000000000000000000000000008000f00ffffffff1400020000000000000000000000ffff0a0101021400030067656e65766530"], 0x60}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b03000000000000200012800b00010067656e6576650000100002"], 0x40}}, 0x44004)
r3 = socket(0x2, 0x3, 0xff)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x3, @rand_addr=0x64010102}, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x10020002, 0xffffffffffffffba)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001b40)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce60300c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35179bd223ec839bc16ee78076e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e898d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f192daa94a0c556f3218ce740068725c37074e468ee207d0f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9f74fbe9c3c6fca5cbfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e26183524cf5cc1b83d34889f40159e800ea2474b540500a30b23bcee46762e2c93bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ff80e87adf394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0b2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869ba2f3caba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958ad009995ae166deb9856291a43570eeb2e32cefbf463789e1f79b8d4c22be89f44b032dad13007b82e6044f643fc8cd0e30c378b4a88c39c117d27326850a7c3b570863f532c218b10af13d7be949870c9920c2d2a53b384e88862ee92fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a25468e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361f399d7c091d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8fc90f000000000000eef2e5eb804b9d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e84256f2d62d03cab53aa50c3e6000000000000000000000000000000000000283cbeeb000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edf0a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b404797056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab517124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612aa25d6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e030000000000000000000000e14908d973262569d0d6ce62cf3a30aa342f960e838fa39b97e0bf1bc6482bb99717d37b7a54d1e9d794b527a8317efbb1d5f9988e00283c36089e9ab5ee537124396e2964776eb5f02b739260b1371c97158d84ecfd6fadede98c608f4fab805c43e8eaa367f1bf2fad8ccdb058e16c810ddcc543ae417a92f0de850d4180ff08bd2857ebfef435ad23a0cc7bfe8a7928cd9d4ed249cdfc7fcdcf5275c93483be5ebb81af35375e441b09c908e45df79d3b00f031b0ec1e9f3683ded75f1fc9f72af8d690356f9bd26e8ee631b5775b60659ef1aeb789b54aad2004eea0ff225f69a62632574a2a135aa6313aabb5a7fe3ed2a77579ceb4d4af57252a4e8b3aa2a1edb8d6e79eb4aa8b9e9c470d7b53d6d2fd095119a441e19d348e8a774808dbde6b1d4ff83ff3ba6ebfaa4d48f8ce0577e20ea2fe2213946e416d0e08c15016b39eeac426be0a69014bd81d9adb00af52a98500d182f28eec59"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000880)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_TIOCOUTQ(r5, 0x5411, &(0x7f00000000c0))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r4, 0x18000000000002a0, 0x10, 0x0, &(0x7f0000000300)="76389e147583ddd0569ba56a5cfd5588", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$netlink(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000006c00)=ANY=[@ANYBLOB="2800000012000100000000000000009a400c"], 0x28}], 0x1, 0x0, 0x0, 0x4000800}, 0x40000)
r6 = memfd_secret(0x80000)
ioctl$KVM_CAP_HYPERV_SYNIC2(r6, 0x4068aea3, &(0x7f0000000180))

7m1.39349734s ago: executing program 0 (id=653):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="e80000001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000014001a80100003800c0005800800000000000000b00003801800018014000500714abbd2547de97cbbf6efb226f19bf95000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8130002006272696467655f696c6176655f30000007000200293a000008000100000000000400018004000c803c001880080001000000030000000100000000001400040000112a97bf9704ee57915340334b827114000500e8635392a70f36f95f4b9b352920ebec04001a80accf962f2f66a5337a893dd00ff60b3a41b5a99823668b4961e47eaf80e328ef79ff42c990b5c9951222b1d65d69c2524d566872dd102c1c00cf151ef85265637cf19cd487bf1573dbdc03094669fdf000a5e467927040681961e304b4408f480761be1c801d30906e9abc0612632928e943e5e594abd816741b285c1654d335f6c2f53d06504e13883bc8c98cfc1b50515a13dd6354815940361537e2a11900"/380], 0xe8}}, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x5, 0x12, r0, 0x0)
r4 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000001000), &(0x7f0000000f40)=0x44)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$UI_SET_PHYS(r0, 0x4004556c, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
openat$ipvs(0xffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CREATE_PIT2(r8, 0x4040ae77, &(0x7f0000000000))
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r8, 0x8048ae66, &(0x7f0000000040)={[{0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0xf5, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xd3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6}, {0x3fb, 0x3f, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x40}]})
ioctl$KVM_RUN(r9, 0xae80, 0x0)

6m55.687741384s ago: executing program 0 (id=661):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc1105511, &(0x7f0000000700)={{0x7, 0x0, 0x400000, 0x0, 'syz1\x00', 0x3}, 0x0, [0x8001, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffc, 0x204, 0x7ff, 0x2, 0x0, 0x40, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x10, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff81, 0x0, 0x1, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x73a, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbe9e, 0x20, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x6]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES16=r2, @ANYRES32=0x0, @ANYBLOB="cc7c6eda59d4482b06d101f04a4f272f1a8128c846c1b8a4a856899318d3b84221af933082b64c4daa2bc1310efb91c40bd0cc9e96a2fb9c4d30cf1a10daa14b05b660a397939a279fa497e573e9e75cf8a3652e8464e81c6c7f9df66369ea65024c16377feda8659b6f7b414b8b259b00a8"], &(0x7f0000000280)='syzkaller\x00', 0x401, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='block_plug\x00', r3}, 0x18)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f00000001c0), 0x4)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0x0, @vifc_lcl_addr=@loopback, @private=0xa010100}, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r6=>0x0})
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x1d, &(0x7f0000000100)=0x38, 0x4)
sendto$packet(r4, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x11, 0x0, r6, 0x1, 0x20}, 0x14)
setsockopt$sock_int(r4, 0x1, 0x29, &(0x7f0000000340)=0x926, 0x4)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000227bd7000fddbdf253b0000000c0099000300000059000000080057006f050000080057001b1300001600cd00010005000001000000000000020016750100000004006c000600cd0002000000"], 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x20000005)
recvfrom$packet(r4, 0x0, 0x0, 0x2000, 0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000016c0)=ANY=[@ANYBLOB="3001000002090108000000000000000000000000680002292c00018014000300fe8000000000000000000000000000bb14000400fc0100000000000000000000000000000c000280050001003a0000002c00018014000300ff0100000000000000000000000000011400040000000000000000000000ffff7f0000010c000200060003400000000098000200060003400098786d66825a5630bae069ab0000000c00028005000100000000001400018008000100ac1414bb08000200e000000106000340000000002c00018014000300fe8000000000000000000000000000aa14000400fc0000000000000000000000000000002c000180140003000000000000000000000000000000000114000400fc0102000000000000000000000000000c000280050001"], 0x130}}, 0x0)
r7 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCVHANGUP(r8, 0x5437, 0x0)
ioctl$LOOP_GET_STATUS64(r7, 0x4c05, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="2400000018000109000000000800000002180000ff0000060000000008000110ac141400"], 0x24}}, 0x0)

6m50.459824888s ago: executing program 0 (id=672):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}]}], {0x14}}, 0xdc}}, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000200)={@local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x30, 0x3a, 0x0, @private2, @mcast2, {[], @dest_unreach={0x1, 0x6, 0x0, 0x6, '\x00', {0x0, 0x6, "317413", 0x10, 0x0, 0x0, @empty, @rand_addr=' \x01\x00'}}}}}}}, 0x0)

6m50.393989861s ago: executing program 0 (id=676):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_emit_ethernet(0x91, &(0x7f0000000480)={@local, @link_local={0x3}, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0xf, 0x8, [@multicast2, @remote, @multicast2]}, @ssrr={0x89, 0x3, 0xd7}]}}, {{0x0, 0x4e21, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x100}, {"d91fd3b5276a70540600000000000000026ab0ef067de892f23cfd736c24d28a9cdc0510aea1ebeed3f5421c7b11ef22f4f3463b1ca1024900"/71}}}}}}, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r2 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x20000000, 0x4, r2, 0x0, 0x1, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc1105518, &(0x7f0000000c40)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd362, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x7]})
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r5 = memfd_secret(0x0)
ioctl$VHOST_GET_VRING_ENDIAN(r5, 0x4008af14, &(0x7f0000000300)={0x3, 0xe})
close(r4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000100)={'team0\x00', <r8=>0x0})
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x88, 0x30, 0xb, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xffffffff, 0x6, 0x10000000, 0x0, 0xffe0000}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r8}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x88}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r8, 0x1}}, 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r4, {0xee01}}, './file0\x00'})
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000540)={'wlan0\x00'})

6m34.776010785s ago: executing program 32 (id=676):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_emit_ethernet(0x91, &(0x7f0000000480)={@local, @link_local={0x3}, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0xf, 0x8, [@multicast2, @remote, @multicast2]}, @ssrr={0x89, 0x3, 0xd7}]}}, {{0x0, 0x4e21, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x100}, {"d91fd3b5276a70540600000000000000026ab0ef067de892f23cfd736c24d28a9cdc0510aea1ebeed3f5421c7b11ef22f4f3463b1ca1024900"/71}}}}}}, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r2 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x20000000, 0x4, r2, 0x0, 0x1, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc1105518, &(0x7f0000000c40)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd362, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x7]})
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r5 = memfd_secret(0x0)
ioctl$VHOST_GET_VRING_ENDIAN(r5, 0x4008af14, &(0x7f0000000300)={0x3, 0xe})
close(r4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
socket$xdp(0x2c, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000100)={'team0\x00', <r8=>0x0})
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x88, 0x30, 0xb, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xffffffff, 0x6, 0x10000000, 0x0, 0xffe0000}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r8}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x88}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r8, 0x1}}, 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r4, {0xee01}}, './file0\x00'})
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000540)={'wlan0\x00'})

17.089709991s ago: executing program 2 (id=2217):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r3=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001840)={0x26c, r2, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x248, 0x8, 0x0, 0x1, [{0x94, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x170, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0x148, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}]}]}]}, {0x40, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549"}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}]}, 0x26c}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

16.943918549s ago: executing program 2 (id=2225):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x66)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xbd, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x15, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
ioctl$FBIOPUT_CON2FBMAP(0xffffffffffffffff, 0x4610, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0)
read$msr(r2, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x141a42, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x401, 0x0, 0x32}, 0x9c)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
fcntl$setsig(r3, 0xa, 0x21)
fcntl$setlease(r3, 0x400, 0x1)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000000)={0x2710, 0x2, 0xd000, 0x1000, &(0x7f0000a93000/0x1000)=nil, 0x6, r4})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000a96000/0x1000)=nil, 0x1000}, 0x2})
pread64(r4, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)

13.545985676s ago: executing program 2 (id=2230):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, 0x0, &(0x7f0000000080))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000000408e238c1760000000000000000000066a3fb1996d4c8923446d2ca8afacd572ba24cf5dc17aa15a6dbafc8c3a86760f184168d9d63c5db5b5c72cab7a7c5bdbffb48003d899a7137972d3af915641b4e5968ca5d0bcfcd73d86a3638d6f2cf3f87bf06d0013e1ca12637482043fadef2d0b5481c04ff0678fcec43ba7fdf8ff24d2ed470c36ed501a02626e70d63288170818f701ad238d8022c51f247c4c3905e50f744cd01c832c52a37a06f28478bf73ad67848040e149fd3a8fea2389df6145d61d9fea2757d49910cc355ee7d730ef9"], 0x14}}, 0x0)

13.402020357s ago: executing program 2 (id=2231):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c00000001040101000000000100000005000007050001000100000008000506000640000600004ecc2bdf9fbb9e90b6934e8bcf2e608ada8d7c026b5e662fc689c3ad19cfb9ba09cf42341c8ff4e5446f89e7b10bd0ecefca4e396d445198a1b89814aa281411720a05429da1ec514dd130e5012e9486c2d620355f5d9056e2609e713c758460c8b87e14e82383ea86d42f2aad767e90d05e6f9dbb74d540f7bec769ce0f5e45b2d777723876bd92493d5132b2bf8cd39eb12252c4cc5f1f31695b3e98ec9275e1bd120aad796be1c113c8199256a52bee2d5d1a7e4e64f57aa5b6df2b8d5b549b5aa02ce07059f6f927944925effeb95f2bd36249c6acce8d7f44179735597f7e8215642cda1e0057da473de0c453a21254c5562bc9764c544b2e1fa51b1ad8b52b32620bbe3483e13b911a2c973d527115ab05a283e497274eddaa7673e2283e578fdb437ec8afcd2d23d7836ad105481150cd829c81361ac4e5a48fb883aa9fc65e5addfdbf1c314fcf5243776165330e72893b82cb54b517565d58cc63649eb0106cfe0c0f5904dfeb916bf9ba02cf8d6b05a85a2df025d6152abb30c8145c270d1b641158ef214c46fb6cd4dd6ba4db2e8dc679c34b065e7e1ada72b88e0252b70d15d3a7bd2a17b8ef8b4c1410782ae13f256c0b70cd1aa985b6318c2a24e43cf534a01032571013d538d27822"], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x200008c0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
write(r1, &(0x7f0000000080)="012dd41e", 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000480)={0x11, 0x7, r3, 0x1, 0xcb}, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@delqdisc={0x24, 0x25, 0x200, 0x70bd31, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x10}, {0x8, 0xfff2}, {0xffff, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000081}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r5 = openat$nmem0(0xffffff9c, &(0x7f0000000140), 0x12f801, 0x0)
ioctl$VIDIOC_SUBDEV_S_CROP(r5, 0xc038563c, &(0x7f0000000180)={0x0, 0x0, {0x7, 0x4, 0x3, 0x8}})
r6 = syz_open_dev$sndmidi(&(0x7f00000000c0), 0x2, 0x149101)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='1', 0x1)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_setup(0x3, 0x0)
r8 = socket$key(0xf, 0x3, 0x2)
sendfile(r8, 0xffffffffffffffff, 0x0, 0x1000)
creat(0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x102)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
ioctl$TIOCSTI(r9, 0x5412, 0x0)

13.29699847s ago: executing program 2 (id=2232):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
readv(r0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000300)="10004305", 0x4, 0x0, &(0x7f0000000200)={0x11, 0x8100, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32], 0xb4}}, 0x0)
r4 = openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.log\x00', 0x84140, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r4, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000400)={0x28, r5, 0x4, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x9, 0x60}}}}, ["", "", "", ""]}, 0x28}}, 0x4000000)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r7, 0x0)
recvmmsg(r7, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000359, 0x0, 0x0)

11.844063175s ago: executing program 4 (id=2235):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r3=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001840)={0x26c, r2, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x248, 0x8, 0x0, 0x1, [{0x94, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x170, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0x148, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}]}]}]}, {0x40, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549"}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}]}, 0x26c}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

11.659215445s ago: executing program 4 (id=2238):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x5f58591e46362374}}, 0x0)
getsockname$packet(r2, &(0x7f0000000340)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="08030000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}}, 0x0)

11.51789485s ago: executing program 4 (id=2239):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x66)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xbd, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x15, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
ioctl$FBIOPUT_CON2FBMAP(0xffffffffffffffff, 0x4610, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0)
read$msr(r2, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x401, 0x0, 0x32}, 0x9c)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
fcntl$setsig(r4, 0xa, 0x21)
fcntl$setlease(r4, 0x400, 0x1)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000000)={0x2710, 0x2, 0xd000, 0x1000, &(0x7f0000a93000/0x1000)=nil, 0x6, r5})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000a96000/0x1000)=nil, 0x1000}, 0x2})
pread64(r5, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)

10.02956751s ago: executing program 2 (id=2244):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='ext4_fc_commit_start\x00', r0, 0x0, 0x71a}, 0x41)
socket$alg(0x26, 0x5, 0x0)
userfaultfd(0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0xffffffffffffffff, 0x0, 0x0) (async)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x19) (async)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x10, 0xa702)
mmap(&(0x7f0000371000/0x5000)=nil, 0x5000, 0x0, 0x11, r3, 0x0) (async)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
r6 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r7, 0x0) (async, rerun: 64)
keyctl$update(0x2, r6, &(0x7f0000000040)="b8", 0x1) (rerun: 64)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) (async, rerun: 64)
syz_open_dev$tty1(0xc, 0x4, 0x1) (rerun: 64)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f00000002c0)={0x3, &(0x7f0000000140)=[{0x101, 0x80}, {0x3}, {0xa0, 0xf30}]}) (async, rerun: 64)
connect(0xffffffffffffffff, &(0x7f0000000e40)=@nl=@unspec, 0x80) (async, rerun: 64)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff) (async, rerun: 64)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x48040}, 0x0) (async, rerun: 64)
openat$sysctl(0xffffff9c, &(0x7f0000000280)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) (async)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async, rerun: 32)
r9 = gettid() (rerun: 32)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))

8.901339969s ago: executing program 4 (id=2249):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
io_uring_setup(0x1234, &(0x7f0000000080)={0x0, 0x893f, 0x800, 0x2})
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045009, &(0x7f0000000040)) (fail_nth: 1)
close_range(r0, 0xffffffffffffffff, 0x0)

6.323851321s ago: executing program 1 (id=2253):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x14, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f00000003a8407a730b93bf02"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f00000000c0)={0x3})

5.810211624s ago: executing program 3 (id=2254):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
readv(r0, 0x0, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x0, 0x8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000300)="10004305", 0x4, 0x0, &(0x7f0000000200)={0x11, 0x8100, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1], 0xb4}}, 0x0)
r5 = openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.log\x00', 0x84140, 0x1)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r5, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000400)={0x28, r6, 0x4, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x9, 0x60}}}}, ["", "", "", ""]}, 0x28}}, 0x4000000)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r8, 0x0)
recvmmsg(r8, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000359, 0x0, 0x0)

4.508607992s ago: executing program 1 (id=2255):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)=@newtaction={0x74, 0x30, 0x1, 0x8, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_PROTO={0x6, 0x4, 0x9300}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x3a80, 0x5, 0x4, 0x800, 0x68b}, 0x1}}, @TCA_MPLS_TC={0x5, 0x6, 0x2}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x2400c8c4}, 0x0)

4.463366714s ago: executing program 1 (id=2256):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r3=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001840)={0x288, r2, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x264, 0x8, 0x0, 0x1, [{0x94, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x170, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0x148, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}]}]}]}, {0x5c, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549"}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}]}, 0x288}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

4.319178954s ago: executing program 1 (id=2257):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x66)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xbd, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x15, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
ioctl$FBIOPUT_CON2FBMAP(0xffffffffffffffff, 0x4610, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0)
read$msr(r2, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x401, 0x0, 0x32}, 0x9c)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
fcntl$setsig(r4, 0xa, 0x21)
fcntl$setlease(r4, 0x400, 0x1)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000000)={0x2710, 0x2, 0xd000, 0x1000, &(0x7f0000a93000/0x1000)=nil, 0x6, r5})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000a96000/0x1000)=nil, 0x1000}, 0x2})
pread64(r5, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)

3.354490036s ago: executing program 3 (id=2258):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x503, 0x70bd28, 0xffffffff, {0x0, 0xcf, 0x0, 0x0, 0x808b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0x3a}}, @IFLA_GRE_REMOTE={0x8, 0x7, @multicast1=0xe000030a}]}}}]}, 0x40}}, 0x0)

3.339495355s ago: executing program 3 (id=2259):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x66)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xbd, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x15, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$FBIOPUT_CON2FBMAP(0xffffffffffffffff, 0x4610, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x141a42, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x401, 0x0, 0x32}, 0x9c)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
fcntl$setsig(r3, 0xa, 0x21)
fcntl$setlease(r3, 0x400, 0x1)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
ioctl$KVM_SET_USER_MEMORY_REGION2(r5, 0x40a0ae49, &(0x7f0000000000)={0x2710, 0x2, 0xd000, 0x1000, &(0x7f0000a93000/0x1000)=nil, 0x6, r5})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000a96000/0x1000)=nil, 0x1000}, 0x2})
pread64(r5, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)

2.60974954s ago: executing program 1 (id=2260):
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x2000000000000376, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0xb6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2008, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x57c91000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
sendfile(r3, r3, 0x0, 0x40008)

1.280074241s ago: executing program 3 (id=2261):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f00000000c0)={0x1, 0x2})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = fsmount(0xffffffffffffffff, 0x1, 0x81)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_GET(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="ffff28bd7000fedbdf250f0000001800018014000200776c616e31"], 0x2c}, 0x1, 0x0, 0x0, 0x44811}, 0x80)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6b8a00ff", @ANYRES16=r3, @ANYBLOB="00022dbd7000fddbdf2504000000180001801400020076657468315f766972745f7769666900b4656206b2f4a937da945270f2ef6fc76b1437a4201e0597e1bd4c5ad6e97b255a3c34ce71d6a6b9772d7bcabff73270cf6c1a5ae085a6841291e43998c3e91a19dd7f6e4eba5b6302e5359893b30acfaa8a2495dc7445c528ac0c9ee5f866fdba47d6db"], 0x2c}, 0x1, 0x0, 0x0, 0x20008040}, 0x41090)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x10001, 0x345101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, 0x0, 0x0)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x200)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r7 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r7, 0xc004500a, 0x0)
read$FUSE(r7, &(0x7f00000023c0)={0x2020}, 0x2020)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000c80)=ANY=[], 0x210)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x14)
setsockopt$inet6_mreq(r6, 0x29, 0x1c, &(0x7f00000001c0)={@remote}, 0x14)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r8)

533.361591ms ago: executing program 3 (id=2262):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)=@newtaction={0x74, 0x30, 0x1, 0x8, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_PROTO={0x6, 0x4, 0x9300}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x3a80, 0x5, 0x4, 0x800, 0x68b}, 0x1}}, @TCA_MPLS_TC={0x5, 0x6, 0x2}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x2400c8c4}, 0x0) (fail_nth: 1)

532.756536ms ago: executing program 1 (id=2263):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x14, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f00000003a8407a730b93bf0280"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f00000000c0)={0x3})

425.854444ms ago: executing program 3 (id=2264):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = syz_clone(0x60940200, 0x0, 0x0, 0x0, 0x0, 0x0)
tgkill(r0, r0, 0x11)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{0x0, 0x1c}], 0x1}, 0x1)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r2, 0x0, 0x18, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="809a14030000"], &(0x7f0000000240)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x254, 0x0, 0x0, 0x7fffffff}]})
set_mempolicy(0x4005, &(0x7f0000000080)=0x41, 0xb)
setsockopt$inet_int(r2, 0x0, 0x4, 0x0, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32], 0x48)
syz_emit_vhci(&(0x7f0000000780)=ANY=[@ANYBLOB="896117f31bbc1ebcafc34cdc102b16ca5ea68848d77c42a99ab285a2fd0b05db3950e0d5c3e2c30ef80eac6154e71db1d263f1154987edd7e962b0e5504bf2454c6909f71d1719651c09dfd05ff6f37843d2cc275b2e7fb93fe682a1e1d681e4f1f98356656a821c67cab1286c2cf646a1a5ffa41cb44a2428762201d6f5e2642c927100e5286f763519a2453af9f118bfdece675972a7a219cc608397c5536e62d23d066bc9a955aab1d48a0b19cef8eed6becd05f6959114232e9a6f380be2d7ff3dfa11e29de52a08d5853a0ca4e1"], 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f"])
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_MIUX(r6, 0x118, 0x2, 0x0, 0x0)

55.805349ms ago: executing program 4 (id=2265):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r3=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001840)={0x288, r2, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x264, 0x8, 0x0, 0x1, [{0x94, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x170, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0x148, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}]}]}]}, {0x5c, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549"}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}]}, 0x288}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

0s ago: executing program 4 (id=2266):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
readv(r0, 0x0, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x0, 0x8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000300)="10004305", 0x4, 0x0, &(0x7f0000000200)={0x11, 0x8100, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1], 0xb4}}, 0x0)
r5 = openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.log\x00', 0x84140, 0x1)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r5, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000400)={0x28, r6, 0x4, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x9, 0x60}}}}, ["", "", "", ""]}, 0x28}}, 0x4000000)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r8, 0x0)
recvmmsg(r8, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000359, 0x0, 0x0)

kernel console output (not intermixed with test programs):

9702][T11651]  __alloc_pages_noprof+0x190/0x25b0
[  361.821338][T11651]  ? rcu_is_watching+0x12/0xc0
[  361.822812][T11651]  ? finish_task_switch.isra.0+0x160/0xcc0
[  361.824571][T11651]  ? rcu_is_watching+0x12/0xc0
[  361.826044][T11651]  ? trace_irq_enable.constprop.0+0xea/0x140
[  361.827860][T11651]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  361.829646][T11651]  ? cgroup_rstat_updated+0x2a/0xb20
[  361.831284][T11651]  ? __mod_zone_page_state+0xcc/0x1a0
[  361.833017][T11651]  ? lru_gen_update_size+0x539/0xde0
[  361.834662][T11651]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  361.836471][T11651]  ? policy_nodemask+0xea/0x4e0
[  361.837975][T11651]  alloc_pages_mpol_noprof+0x2c9/0x610
[  361.839623][T11651]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  361.841470][T11651]  ? rcu_is_watching+0x12/0xc0
[  361.842930][T11651]  ? lock_release+0x4e2/0x6f0
[  361.844353][T11651]  ? sched_clock_cpu+0x6d/0x4d0
[  361.845854][T11651]  ? psi_task_switch+0x203/0x8e0
[  361.847353][T11651]  ? __pfx_lock_release+0x10/0x10
[  361.848882][T11651]  folio_alloc_mpol_noprof+0x36/0xd0
[  361.850496][T11651]  alloc_migration_target_by_mpol+0x247/0x490
[  361.852371][T11651]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  361.854372][T11651]  ? __pfx___might_resched+0x10/0x10
[  361.855966][T11651]  ? finish_task_switch.isra.0+0x160/0xcc0
[  361.857748][T11651]  migrate_pages_batch+0x3c0/0x3150
[  361.859330][T11651]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  361.861354][T11651]  ? __pfx_migrate_pages_batch+0x10/0x10
[  361.863053][T11651]  ? __pfx___schedule+0x10/0x10
[  361.864528][T11651]  migrate_pages_sync+0x109/0x8f0
[  361.866086][T11651]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  361.868058][T11651]  ? rcu_is_watching+0x12/0xc0
[  361.869532][T11651]  ? __pfx_migrate_pages_sync+0x10/0x10
[  361.871231][T11651]  migrate_pages+0x1a46/0x21f0
[  361.872689][T11651]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  361.874695][T11651]  ? __pfx_migrate_pages+0x10/0x10
[  361.876244][T11651]  ? do_mbind+0x4dd/0xe90
[  361.877575][T11651]  ? __pfx_lock_release+0x10/0x10
[  361.879102][T11651]  ? up_write+0x1b2/0x520
[  361.880419][T11651]  do_mbind+0x6d2/0xe90
[  361.881753][T11651]  ? __pfx_do_mbind+0x10/0x10
[  361.883264][T11651]  ? vfs_write+0x306/0x1150
[  361.884729][T11651]  ? __mutex_unlock_slowpath+0x164/0x690
[  361.886599][T11651]  ? __pfx_get_nodes+0x10/0x10
[  361.888150][T11651]  ? __fget_files+0x206/0x3a0
[  361.889609][T11651]  kernel_mbind+0x1e8/0x200
[  361.891010][T11651]  ? __pfx_kernel_mbind+0x10/0x10
[  361.892542][T11651]  ? rcu_is_watching+0x12/0xc0
[  361.894024][T11651]  __do_fast_syscall_32+0x73/0x120
[  361.895576][T11651]  do_fast_syscall_32+0x32/0x80
[  361.897057][T11651]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  361.898986][T11651] RIP: 0023:0xf7fb2579
[  361.900223][T11651] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  361.906013][T11651] RSP: 002b:00000000f50e555c EFLAGS: 00000296 ORIG_RAX: 0000000000000112
[  361.908512][T11651] RAX: ffffffffffffffda RBX: 0000000020400000 RCX: 0000000000c01100
[  361.910908][T11651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000003000000
[  361.913323][T11651] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  361.915699][T11651] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  361.918104][T11651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  361.920485][T11651]  </TASK>
[  361.922686][ T6063] usb usb8-port1: attempt power cycle
[  362.267321][ T6063] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  362.288424][ T6063] usb 8-1: device descriptor read/8, error -71
[  362.527364][ T6063] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  362.548076][ T6063] usb 8-1: device descriptor read/8, error -71
[  362.657941][ T6063] usb usb8-port1: unable to enumerate USB device
[  363.945563][T11674] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1759'.
[  367.827438][ T6063] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  367.978941][ T6063] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  367.982166][ T6063] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  367.984895][ T6063] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  367.988052][ T6063] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.996141][ T6063] usb 6-1: config 0 descriptor??
[  368.034667][T11723] 9pnet_fd: Insufficient options for proto=fd
[  368.075825][T11728] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1776'.
[  370.446965][T11751] FAULT_INJECTION: forcing a failure.
[  370.446965][T11751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  370.531943][T11751] CPU: 1 UID: 0 PID: 11751 Comm: syz.4.1782 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  370.536535][T11751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  370.541096][T11751] Call Trace:
[  370.542520][T11751]  <TASK>
[  370.543798][T11751]  dump_stack_lvl+0x16c/0x1f0
[  370.545808][T11751]  should_fail_ex+0x497/0x5b0
[  370.547820][T11751]  _copy_from_user+0x2e/0xd0
[  370.549851][T11751]  move_addr_to_kernel+0x68/0x160
[  370.552040][T11751]  __sys_sendto+0x1ba/0x4f0
[  370.554017][T11751]  ? __pfx___sys_sendto+0x10/0x10
[  370.556176][T11751]  ? ksys_write+0x1ba/0x250
[  370.558184][T11751]  __ia32_sys_sendto+0xdd/0x1b0
[  370.560250][T11751]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  370.563066][T11751]  __do_fast_syscall_32+0x73/0x120
[  370.565259][T11751]  do_fast_syscall_32+0x32/0x80
[  370.567354][T11751]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  370.570037][T11751] RIP: 0023:0xf7f45579
[  370.571806][T11751] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  370.579899][T11751] RSP: 002b:00000000f505455c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  370.583306][T11751] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020847fff
[  370.586600][T11751] RDX: 000000000000fee4 RSI: 0000000000000000 RDI: 000000002005ffe4
[  370.589857][T11751] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  370.593193][T11751] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  370.596347][T11751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  370.599581][T11751]  </TASK>
[  370.602113][ T5969] usb 6-1: USB disconnect, device number 11
[  372.844153][T11772] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1788'.
[  373.307698][ T6063] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  373.468457][ T6063] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  373.474638][ T6063] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  373.478449][ T6063] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  373.482035][ T6063] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.486422][ T6063] usb 6-1: config 0 descriptor??
[  376.060916][ T6063] usb 6-1: USB disconnect, device number 12
[  376.125598][   T40] audit: type=1804 audit(1735449431.859:20): pid=11800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1797" name="/newroot/456/file1" dev="fuse" ino=1 res=1 errno=0
[  376.139952][T11797] FAULT_INJECTION: forcing a failure.
[  376.139952][T11797] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.143856][T11797] CPU: 2 UID: 0 PID: 11797 Comm: syz.4.1796 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  376.147057][T11797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  376.150258][T11797] Call Trace:
[  376.151268][T11797]  <TASK>
[  376.152172][T11797]  dump_stack_lvl+0x16c/0x1f0
[  376.153601][T11797]  should_fail_ex+0x497/0x5b0
[  376.155033][T11797]  _copy_from_user+0x2e/0xd0
[  376.156431][T11797]  move_addr_to_kernel+0x68/0x160
[  376.157974][T11797]  __sys_bind+0x11c/0x260
[  376.159273][T11797]  ? __pfx___sys_bind+0x10/0x10
[  376.160755][T11797]  ? __fget_files+0x206/0x3a0
[  376.162188][T11797]  ? __pfx_ksys_write+0x10/0x10
[  376.163649][T11797]  __ia32_sys_bind+0x71/0xb0
[  376.165056][T11797]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  376.167022][T11797]  __do_fast_syscall_32+0x73/0x120
[  376.168562][T11797]  do_fast_syscall_32+0x32/0x80
[  376.170031][T11797]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  376.171933][T11797] RIP: 0023:0xf7f45579
[  376.173165][T11797] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  376.178898][T11797] RSP: 002b:00000000f505455c EFLAGS: 00000296 ORIG_RAX: 0000000000000169
[  376.181398][T11797] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020514ff4
[  376.183762][T11797] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000
[  376.186137][T11797] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  376.188535][T11797] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  376.190991][T11797] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  376.193399][T11797]  </TASK>
[  378.001623][ T1411] ieee802154 phy0 wpan0: encryption failed: -22
[  378.004127][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[  378.014217][T11812] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1801'.
[  378.557355][ T5969] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  378.718745][ T5969] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  378.721829][ T5969] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  378.724502][ T5969] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  378.727308][ T5969] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.730505][ T5969] usb 6-1: config 0 descriptor??
[  380.574178][T11860] FAULT_INJECTION: forcing a failure.
[  380.574178][T11860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.578285][T11860] CPU: 2 UID: 0 PID: 11860 Comm: syz.4.1815 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  380.581500][T11860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  380.584685][T11860] Call Trace:
[  380.585705][T11860]  <TASK>
[  380.586601][T11860]  dump_stack_lvl+0x16c/0x1f0
[  380.588045][T11860]  should_fail_ex+0x497/0x5b0
[  380.589472][T11860]  _copy_from_user+0x2e/0xd0
[  380.590894][T11860]  move_addr_to_kernel+0x68/0x160
[  380.592412][T11860]  __sys_sendto+0x1ba/0x4f0
[  380.593870][T11860]  ? __pfx___sys_sendto+0x10/0x10
[  380.595383][T11860]  ? ksys_write+0x1ba/0x250
[  380.596723][T11860]  ? __pfx_ksys_write+0x10/0x10
[  380.598214][T11860]  __ia32_sys_sendto+0xdd/0x1b0
[  380.599677][T11860]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  380.601655][T11860]  __do_fast_syscall_32+0x73/0x120
[  380.603208][T11860]  do_fast_syscall_32+0x32/0x80
[  380.604697][T11860]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  380.606592][T11860] RIP: 0023:0xf7f45579
[  380.607809][T11860] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  380.613546][T11860] RSP: 002b:00000000f507555c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  380.616023][T11860] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020847fff
[  380.618393][T11860] RDX: 000000000000fee4 RSI: 0000000000000000 RDI: 000000002005ffe4
[  380.620751][T11860] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  380.623120][T11860] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  380.625722][T11860] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  380.628090][T11860]  </TASK>
[  381.326548][ T5969] usb 6-1: USB disconnect, device number 13
[  381.340325][T11870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1818'.
[  382.897321][ T6063] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  383.048693][ T6063] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  383.052501][ T6063] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  383.057277][ T6063] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  383.059958][ T6063] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.063206][ T6063] usb 8-1: config 0 descriptor??
[  383.065805][ T6063] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  385.187961][T11914] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1831'.
[  385.660841][ T5969] usb 8-1: USB disconnect, device number 22
[  386.498389][T11940] FAULT_INJECTION: forcing a failure.
[  386.498389][T11940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.511343][T11940] CPU: 2 UID: 0 PID: 11940 Comm: syz.1.1840 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  386.515956][T11940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  386.520382][T11940] Call Trace:
[  386.521770][T11940]  <TASK>
[  386.523084][T11940]  dump_stack_lvl+0x16c/0x1f0
[  386.525112][T11940]  should_fail_ex+0x497/0x5b0
[  386.527106][T11940]  _copy_from_user+0x2e/0xd0
[  386.529201][T11940]  get_compat_msghdr+0xa8/0x170
[  386.531405][T11940]  ? __pfx_get_compat_msghdr+0x10/0x10
[  386.533852][T11940]  ? rcu_is_watching+0x12/0xc0
[  386.535903][T11940]  ? lock_release+0x4e2/0x6f0
[  386.537923][T11940]  ? get_pid_task+0xfc/0x250
[  386.539900][T11940]  ___sys_sendmsg+0x1b0/0x1e0
[  386.541911][T11940]  ? get_pid_task+0x35/0x250
[  386.543859][T11940]  ? __pfx____sys_sendmsg+0x10/0x10
[  386.546091][T11940]  ? lock_release+0x4e2/0x6f0
[  386.548098][T11940]  ? __pfx_lock_release+0x10/0x10
[  386.550238][T11940]  ? trace_lock_acquire+0x14e/0x1f0
[  386.552480][T11940]  ? __fget_files+0x206/0x3a0
[  386.554469][T11940]  __sys_sendmsg+0x16e/0x220
[  386.556436][T11940]  ? __pfx___sys_sendmsg+0x10/0x10
[  386.558641][T11940]  ? rcu_is_watching+0x12/0xc0
[  386.560699][T11940]  __do_fast_syscall_32+0x73/0x120
[  386.562861][T11940]  do_fast_syscall_32+0x32/0x80
[  386.564904][T11940]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  386.567470][T11940] RIP: 0023:0xf70ee579
[  386.569178][T11940] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  386.576908][T11940] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  386.580291][T11940] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000480
[  386.583513][T11940] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  386.586636][T11940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  386.589880][T11940] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  386.593219][T11940] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  386.596477][T11940]  </TASK>
[  386.947802][ T5969] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  387.119129][ T5969] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  387.122465][ T5969] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  387.126491][ T5969] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  387.129406][ T5969] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.132407][ T5969] usb 9-1: config 0 descriptor??
[  387.135195][ T5969] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[  388.368767][T11961] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1846'.
[  388.600145][T11976] FAULT_INJECTION: forcing a failure.
[  388.600145][T11976] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.606757][T11976] CPU: 1 UID: 0 PID: 11976 Comm: syz.3.1850 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  388.609954][T11976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  388.613315][T11976] Call Trace:
[  388.614306][T11976]  <TASK>
[  388.615161][T11976]  dump_stack_lvl+0x16c/0x1f0
[  388.616593][T11976]  should_fail_ex+0x497/0x5b0
[  388.617967][T11976]  _copy_from_user+0x2e/0xd0
[  388.619311][T11976]  move_addr_to_kernel+0x68/0x160
[  388.620802][T11976]  __sys_connect+0xb0/0x170
[  388.622146][T11976]  ? __pfx___sys_connect+0x10/0x10
[  388.623693][T11976]  __ia32_sys_connect+0x71/0xb0
[  388.625161][T11976]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  388.627028][T11976]  __do_fast_syscall_32+0x73/0x120
[  388.628492][T11976]  do_fast_syscall_32+0x32/0x80
[  388.629896][T11976]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  388.631731][T11976] RIP: 0023:0xf7f82579
[  388.632949][T11976] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  388.638472][T11976] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  388.640836][T11976] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200001c0
[  388.643211][T11976] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  388.645583][T11976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  388.647754][T11976] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  388.650047][T11976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  388.652434][T11976]  </TASK>
[  389.648626][ T5969] usb 9-1: USB disconnect, device number 15
[  389.975151][T11995] fuse: Unknown parameter 'user_id9“KéÚ8&›?]•…*IÂlu
[  389.975151][T11995] %ùž
X0#X�è‹°{·‚lÚÕð³Q”1g½
[  389.975151][T11995] ÍÒñÅž¹Ý‹Õnöiòªt+'
[  392.841381][T12007] syzkaller0: entered promiscuous mode
[  392.845137][T12007] syzkaller0: entered allmulticast mode
[  393.863459][ T5969] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  394.021918][ T5969] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  394.025610][ T5969] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  394.065083][ T5969] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  394.068540][ T5969] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.073003][ T5969] usb 6-1: config 0 descriptor??
[  394.080505][ T5969] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  395.880352][T12025] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1863'.
[  396.624450][   T56] usb 6-1: USB disconnect, device number 14
[  396.806858][T12037] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1866'.
[  397.042791][T12032] FAULT_INJECTION: forcing a failure.
[  397.042791][T12032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  397.054088][T12032] CPU: 1 UID: 0 PID: 12032 Comm: syz.2.1865 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  397.058781][T12032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  397.076153][T12032] Call Trace:
[  397.077748][T12032]  <TASK>
[  397.079142][T12032]  dump_stack_lvl+0x16c/0x1f0
[  397.081552][T12032]  should_fail_ex+0x497/0x5b0
[  397.083803][T12032]  _copy_from_user+0x2e/0xd0
[  397.085855][T12032]  move_addr_to_kernel+0x68/0x160
[  397.101888][T12032]  __sys_sendto+0x1ba/0x4f0
[  397.104053][T12032]  ? __pfx___sys_sendto+0x10/0x10
[  397.106635][T12032]  ? ksys_write+0x1ba/0x250
[  397.108654][T12032]  ? __pfx_ksys_write+0x10/0x10
[  397.110905][T12032]  __ia32_sys_sendto+0xdd/0x1b0
[  397.113226][T12032]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  397.116409][T12032]  __do_fast_syscall_32+0x73/0x120
[  397.118791][T12032]  do_fast_syscall_32+0x32/0x80
[  397.131130][T12032]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  397.134146][T12032] RIP: 0023:0xf7fb2579
[  397.136161][T12032] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  397.155577][T12032] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  397.178066][T12032] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020847fff
[  397.181632][T12032] RDX: 000000000000fee4 RSI: 0000000000000000 RDI: 000000002005ffe4
[  397.185352][T12032] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  397.189104][T12032] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  397.206016][T12032] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  397.209532][T12032]  </TASK>
[  397.741208][T12048] syzkaller0: entered promiscuous mode
[  397.744545][T12048] syzkaller0: entered allmulticast mode
[  398.865985][T12060] 9pnet_fd: Insufficient options for proto=fd
[  402.726092][T12086] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1883'.
[  402.911581][T12090] 9pnet_fd: Insufficient options for proto=fd
[  405.901671][   T56] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  406.119984][   T56] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.130199][   T56] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  406.134503][   T56] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  406.138868][   T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  406.164042][   T56] usb 6-1: config 0 descriptor??
[  406.169297][   T56] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  408.139730][T12148] FAULT_INJECTION: forcing a failure.
[  408.139730][T12148] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  408.156875][T12148] CPU: 1 UID: 0 PID: 12148 Comm: syz.2.1901 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  408.179663][T12148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  408.186438][T12148] Call Trace:
[  408.188643][T12148]  <TASK>
[  408.190473][T12148]  dump_stack_lvl+0x16c/0x1f0
[  408.202129][T12148]  should_fail_ex+0x497/0x5b0
[  408.205110][T12148]  _copy_to_user+0x32/0xd0
[  408.208062][T12148]  simple_read_from_buffer+0xd0/0x160
[  408.211446][T12148]  proc_fail_nth_read+0x198/0x270
[  408.214215][T12148]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  408.218773][T12148]  ? bpf_lsm_file_permission+0x9/0x10
[  408.222645][T12148]  ? security_file_permission+0x71/0x210
[  408.225772][T12148]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  408.228721][T12148]  vfs_read+0x1df/0xbe0
[  408.231185][T12148]  ? __fget_files+0x1fc/0x3a0
[  408.234181][T12148]  ? __pfx___mutex_lock+0x10/0x10
[  408.237328][T12148]  ? __pfx_vfs_read+0x10/0x10
[  408.240182][T12148]  ? __fget_files+0x206/0x3a0
[  408.242918][T12148]  ksys_read+0x12b/0x250
[  408.245712][T12148]  ? __pfx_ksys_read+0x10/0x10
[  408.247962][T12148]  ? rcu_is_watching+0x12/0xc0
[  408.250239][T12148]  __do_fast_syscall_32+0x73/0x120
[  408.253124][T12148]  do_fast_syscall_32+0x32/0x80
[  408.256172][T12148]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  408.260364][T12148] RIP: 0023:0xf7fb2579
[  408.263104][T12148] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  408.275101][T12148] RSP: 002b:00000000f5106590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  408.280545][T12148] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5106620
[  408.285595][T12148] RDX: 000000000000000f RSI: 00000000f7443ff4 RDI: 0000000000000000
[  408.290709][T12148] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  408.295796][T12148] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  408.300876][T12148] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  408.305998][T12148]  </TASK>
[  409.365478][ T6063] usb 6-1: USB disconnect, device number 15
[  409.702307][T12159] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1904'.
[  409.938971][   T56] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  410.311754][   T56] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  410.319343][   T56] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  410.332408][   T56] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  410.340298][   T56] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  410.399417][   T56] usb 9-1: config 0 descriptor??
[  410.455709][   T56] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[  412.155850][T12190] FAULT_INJECTION: forcing a failure.
[  412.155850][T12190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  412.191592][T12190] CPU: 0 UID: 0 PID: 12190 Comm: syz.3.1914 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  412.198260][T12190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  412.202890][T12190] Call Trace:
[  412.204313][T12190]  <TASK>
[  412.209972][T12190]  dump_stack_lvl+0x16c/0x1f0
[  412.211798][T12190]  should_fail_ex+0x497/0x5b0
[  412.226702][T12190]  _copy_to_user+0x32/0xd0
[  412.229060][T12190]  simple_read_from_buffer+0xd0/0x160
[  412.232503][T12190]  proc_fail_nth_read+0x198/0x270
[  412.234649][T12190]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  412.237511][T12190]  ? bpf_lsm_file_permission+0x9/0x10
[  412.239946][T12190]  ? security_file_permission+0x71/0x210
[  412.243460][T12190]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  412.245841][T12190]  vfs_read+0x1df/0xbe0
[  412.247881][T12190]  ? __fget_files+0x1fc/0x3a0
[  412.250610][T12190]  ? __pfx___mutex_lock+0x10/0x10
[  412.252494][T12190]  ? __pfx_vfs_read+0x10/0x10
[  412.254248][T12190]  ? __fget_files+0x206/0x3a0
[  412.256187][T12190]  ksys_read+0x12b/0x250
[  412.267935][T12190]  ? __pfx_ksys_read+0x10/0x10
[  412.269927][T12190]  ? rcu_is_watching+0x12/0xc0
[  412.271802][T12190]  __do_fast_syscall_32+0x73/0x120
[  412.283539][T12190]  do_fast_syscall_32+0x32/0x80
[  412.285154][T12190]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  412.287905][T12190] RIP: 0023:0xf7f82579
[  412.290008][T12190] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  412.299776][T12190] RSP: 002b:00000000f50d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  412.303191][T12190] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50d6620
[  412.306279][T12190] RDX: 000000000000000f RSI: 00000000f7413ff4 RDI: 0000000000000000
[  412.309242][T12190] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  412.312739][T12190] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  412.315897][T12190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  412.318913][T12190]  </TASK>
[  412.746210][  T832] usb 9-1: USB disconnect, device number 16
[  414.479230][T12223] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1927'.
[  414.747673][T12226] FAULT_INJECTION: forcing a failure.
[  414.747673][T12226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  414.767429][T12226] CPU: 0 UID: 0 PID: 12226 Comm: syz.1.1928 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  414.773201][T12226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  414.779940][T12226] Call Trace:
[  414.781571][T12226]  <TASK>
[  414.782990][T12226]  dump_stack_lvl+0x16c/0x1f0
[  414.786085][T12226]  should_fail_ex+0x497/0x5b0
[  414.789168][T12226]  _copy_from_user+0x2e/0xd0
[  414.791343][T12226]  get_compat_msghdr+0xa8/0x170
[  414.793487][T12226]  ? __pfx_get_compat_msghdr+0x10/0x10
[  414.814787][T12226]  ? rcu_is_watching+0x12/0xc0
[  414.816527][T12226]  ? lock_release+0x4e2/0x6f0
[  414.818278][T12226]  ? get_pid_task+0xfc/0x250
[  414.819970][T12226]  ___sys_sendmsg+0x1b0/0x1e0
[  414.822650][T12226]  ? get_pid_task+0x35/0x250
[  414.825023][T12226]  ? __pfx____sys_sendmsg+0x10/0x10
[  414.830748][T12226]  ? lock_release+0x4e2/0x6f0
[  414.832626][T12226]  ? __pfx_lock_release+0x10/0x10
[  414.838401][T12226]  ? trace_lock_acquire+0x14e/0x1f0
[  414.845651][T12226]  ? __fget_files+0x206/0x3a0
[  414.848257][T12226]  __sys_sendmsg+0x16e/0x220
[  414.852537][T12226]  ? __pfx___sys_sendmsg+0x10/0x10
[  414.863205][T12226]  ? rcu_is_watching+0x12/0xc0
[  414.866067][T12226]  __do_fast_syscall_32+0x73/0x120
[  414.868787][T12226]  do_fast_syscall_32+0x32/0x80
[  414.881527][T12226]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  414.884664][T12226] RIP: 0023:0xf70ee579
[  414.886674][T12226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  414.904453][T12226] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  414.908581][T12226] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  414.921725][T12226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  414.924575][T12226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  414.927872][T12226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  414.941251][T12226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  414.944092][T12226]  </TASK>
[  417.628836][T12249] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  417.659122][T12253] FAULT_INJECTION: forcing a failure.
[  417.659122][T12253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  417.675406][T12253] CPU: 1 UID: 0 PID: 12253 Comm: syz.4.1937 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  417.699688][T12253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.703692][T12253] Call Trace:
[  417.705183][T12253]  <TASK>
[  417.706500][T12253]  dump_stack_lvl+0x16c/0x1f0
[  417.709184][T12253]  should_fail_ex+0x497/0x5b0
[  417.721870][T12253]  _copy_from_user+0x2e/0xd0
[  417.723853][T12253]  move_addr_to_kernel+0x68/0x160
[  417.725788][T12253]  __sys_sendto+0x1ba/0x4f0
[  417.727745][T12253]  ? __pfx___sys_sendto+0x10/0x10
[  417.730865][T12253]  ? ksys_write+0x1ba/0x250
[  417.732888][T12253]  ? __pfx_ksys_write+0x10/0x10
[  417.735842][T12253]  __ia32_sys_sendto+0xdd/0x1b0
[  417.738373][T12253]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  417.750599][T12253]  __do_fast_syscall_32+0x73/0x120
[  417.758978][T12253]  do_fast_syscall_32+0x32/0x80
[  417.761196][T12253]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  417.763863][T12253] RIP: 0023:0xf7f45579
[  417.767268][T12253] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  417.783189][T12253] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  417.788310][T12253] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  417.797695][T12253] RDX: 00000000ffffffef RSI: 0000000000000000 RDI: 0000000020000080
[  417.807370][T12253] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  417.810744][T12253] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  417.817234][T12253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  417.820046][T12253]  </TASK>
[  417.928637][T12259] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  417.946128][T12259] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  418.337392][T12019] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  418.540970][T12019] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  418.545900][T12019] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  418.550129][T12019] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.572739][T12019] usb 8-1: config 0 descriptor??
[  418.578673][T12019] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  420.165130][T12273] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1944'.
[  421.142847][ T6063] usb 8-1: USB disconnect, device number 23
[  422.728354][T12294] FAULT_INJECTION: forcing a failure.
[  422.728354][T12294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.745753][T12294] CPU: 2 UID: 0 PID: 12294 Comm: syz.1.1952 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  422.758818][T12294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  422.766676][T12294] Call Trace:
[  422.768699][T12294]  <TASK>
[  422.774884][T12294]  dump_stack_lvl+0x16c/0x1f0
[  422.777773][T12294]  should_fail_ex+0x497/0x5b0
[  422.785115][T12294]  _copy_from_user+0x2e/0xd0
[  422.787959][T12294]  get_compat_msghdr+0xa8/0x170
[  422.798040][T12294]  ? __pfx_get_compat_msghdr+0x10/0x10
[  422.802719][T12294]  ? rcu_is_watching+0x12/0xc0
[  422.805845][T12294]  ? lock_release+0x4e2/0x6f0
[  422.811094][T12294]  ? get_pid_task+0xfc/0x250
[  422.818140][T12294]  ___sys_sendmsg+0x1b0/0x1e0
[  422.824185][T12294]  ? get_pid_task+0x35/0x250
[  422.833544][T12294]  ? __pfx____sys_sendmsg+0x10/0x10
[  422.835898][T12294]  ? lock_release+0x4e2/0x6f0
[  422.837800][T12294]  ? __pfx_lock_release+0x10/0x10
[  422.840309][T12294]  ? trace_lock_acquire+0x14e/0x1f0
[  422.842562][T12294]  ? __fget_files+0x206/0x3a0
[  422.845179][T12294]  __sys_sendmsg+0x16e/0x220
[  422.847340][T12294]  ? __pfx___sys_sendmsg+0x10/0x10
[  422.849705][T12294]  ? rcu_is_watching+0x12/0xc0
[  422.851690][T12294]  __do_fast_syscall_32+0x73/0x120
[  422.853765][T12294]  do_fast_syscall_32+0x32/0x80
[  422.855723][T12294]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  422.859302][T12294] RIP: 0023:0xf70ee579
[  422.861767][T12294] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  422.872674][T12294] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  422.878131][T12294] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  422.882018][T12294] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  422.886823][T12294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  422.892347][T12294] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  422.897267][T12294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  422.902262][T12294]  </TASK>
[  423.068934][T12297] mkiss: ax0: crc mode is auto.
[  423.888928][ T2297] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  424.057666][ T2297] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  424.066515][ T2297] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  424.079672][ T2297] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.098763][ T2297] usb 9-1: config 0 descriptor??
[  424.103868][ T2297] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[  425.303414][T12315] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1960'.
[  426.649960][T12317] FAULT_INJECTION: forcing a failure.
[  426.649960][T12317] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.658209][T12317] CPU: 3 UID: 0 PID: 12317 Comm: syz.1.1961 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  426.673834][T12317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  426.678250][T12317] Call Trace:
[  426.679594][T12317]  <TASK>
[  426.680089][  T832] usb 9-1: USB disconnect, device number 17
[  426.680823][T12317]  dump_stack_lvl+0x16c/0x1f0
[  426.680854][T12317]  should_fail_ex+0x497/0x5b0
[  426.691066][T12317]  _copy_from_user+0x2e/0xd0
[  426.694467][T12317]  io_submit_one+0xbc/0x1da0
[  426.697945][T12317]  ? do_user_addr_fault+0x83d/0x13f0
[  426.702498][T12317]  ? __pfx_io_submit_one+0x10/0x10
[  426.706716][T12317]  ? rcu_is_watching+0x12/0xc0
[  426.710058][T12317]  ? lock_release+0x4e2/0x6f0
[  426.713489][T12317]  ? __might_fault+0x13b/0x190
[  426.716653][T12317]  ? lock_acquire+0x2f/0xb0
[  426.719711][T12317]  ? __might_fault+0xe3/0x190
[  426.722787][T12317]  ? __ia32_compat_sys_io_submit+0x1ba/0x3a0
[  426.727998][T12317]  __ia32_compat_sys_io_submit+0x1ba/0x3a0
[  426.732668][T12317]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  426.735708][T12317]  ? rcu_is_watching+0x12/0xc0
[  426.738026][T12317]  __do_fast_syscall_32+0x73/0x120
[  426.740555][T12317]  do_fast_syscall_32+0x32/0x80
[  426.743150][T12317]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  426.746876][T12317] RIP: 0023:0xf70ee579
[  426.748890][T12317] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  426.761216][T12317] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  426.767457][T12317] RAX: ffffffffffffffda RBX: 00000000f7f8b000 RCX: 0000000000000001
[  426.773419][T12317] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  426.777429][T12317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  426.781951][T12317] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  426.785312][T12317] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  426.788838][T12317]  </TASK>
[  428.798230][ T5969] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  428.960697][ T5969] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  428.963823][ T5969] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  428.969436][ T5969] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  428.975835][T12336] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1965'.
[  428.984862][ T5969] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.993056][ T5969] usb 8-1: config 0 descriptor??
[  429.004966][ T5969] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  431.329757][T12359] FAULT_INJECTION: forcing a failure.
[  431.329757][T12359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.337517][T12359] CPU: 3 UID: 0 PID: 12359 Comm: syz.2.1973 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  431.359009][T12359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.374413][T12359] Call Trace:
[  431.381181][T12359]  <TASK>
[  431.383221][T12359]  dump_stack_lvl+0x16c/0x1f0
[  431.388936][T12359]  should_fail_ex+0x497/0x5b0
[  431.398713][T12359]  _copy_from_user+0x2e/0xd0
[  431.401020][T12359]  get_compat_msghdr+0xa8/0x170
[  431.403448][T12359]  ? __pfx_get_compat_msghdr+0x10/0x10
[  431.406521][T12359]  ? rcu_is_watching+0x12/0xc0
[  431.411383][T12359]  ? lock_release+0x4e2/0x6f0
[  431.413589][T12359]  ? get_pid_task+0xfc/0x250
[  431.429351][T12359]  ___sys_sendmsg+0x1b0/0x1e0
[  431.433842][T12359]  ? get_pid_task+0x35/0x250
[  431.437456][T12359]  ? __pfx____sys_sendmsg+0x10/0x10
[  431.440130][T12359]  ? lock_release+0x4e2/0x6f0
[  431.442442][T12359]  ? __pfx_lock_release+0x10/0x10
[  431.444901][T12359]  ? trace_lock_acquire+0x14e/0x1f0
[  431.447792][T12359]  ? __fget_files+0x206/0x3a0
[  431.450488][T12359]  __sys_sendmsg+0x16e/0x220
[  431.455365][T12359]  ? __pfx___sys_sendmsg+0x10/0x10
[  431.458921][T12359]  ? rcu_is_watching+0x12/0xc0
[  431.462364][T12359]  __do_fast_syscall_32+0x73/0x120
[  431.466244][T12359]  do_fast_syscall_32+0x32/0x80
[  431.469363][T12359]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  431.476935][T12359] RIP: 0023:0xf7fb2579
[  431.481368][T12359] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  431.493368][T12359] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  431.497760][T12359] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[  431.501834][T12359] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  431.508089][T12359] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  431.513211][T12359] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  431.518459][T12359] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  431.522636][T12359]  </TASK>
[  431.569384][T12361] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1974'.
[  431.576244][ T6063] usb 8-1: USB disconnect, device number 24
[  432.116906][T12376] syz.1.1979 uses obsolete (PF_INET,SOCK_PACKET)
[  432.590634][T12382] FAULT_INJECTION: forcing a failure.
[  432.590634][T12382] name failslab, interval 1, probability 0, space 0, times 0
[  432.595812][T12382] CPU: 3 UID: 0 PID: 12382 Comm: syz.3.1982 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  432.600362][T12382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.604588][T12382] Call Trace:
[  432.615568][T12382]  <TASK>
[  432.616900][T12382]  dump_stack_lvl+0x16c/0x1f0
[  432.618786][T12382]  should_fail_ex+0x497/0x5b0
[  432.630836][T12382]  ? fs_reclaim_acquire+0xae/0x150
[  432.633211][T12382]  should_failslab+0xc2/0x120
[  432.635707][T12382]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  432.638409][T12382]  ? __alloc_skb+0x2b3/0x380
[  432.640591][T12382]  __alloc_skb+0x2b3/0x380
[  432.642887][T12382]  ? __pfx___alloc_skb+0x10/0x10
[  432.652306][T12382]  ? lock_release+0x4e2/0x6f0
[  432.655605][T12382]  ? rcu_is_watching+0x12/0xc0
[  432.658358][T12382]  ? page_ext_put+0x3e/0xd0
[  432.665541][T12382]  ? aa_label_sk_perm+0x19d/0x5a0
[  432.667634][T12382]  alloc_skb_with_frags+0xe4/0x850
[  432.669602][T12382]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  432.676423][T12382]  sock_alloc_send_pskb+0x7f1/0x980
[  432.678349][T12382]  ? lock_release+0x4e2/0x6f0
[  432.685801][T12382]  ? percpu_ref_put_many.constprop.0+0xc4/0x2a0
[  432.688318][T12382]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  432.700527][T12382]  ? lock_release+0x4e2/0x6f0
[  432.702422][T12382]  ? aa_file_perm+0x4c6/0xfe0
[  432.704253][T12382]  ? __pfx_lock_release+0x10/0x10
[  432.706190][T12382]  ? __pfx___might_resched+0x10/0x10
[  432.708198][T12382]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  432.720519][T12382]  hci_sock_sendmsg+0x1c8/0x25e0
[  432.722781][T12382]  ? aa_file_perm+0x4d5/0xfe0
[  432.724550][T12382]  ? __pfx_aa_sk_perm+0x10/0x10
[  432.726369][T12382]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  432.728522][T12382]  sock_write_iter+0x4fe/0x5b0
[  432.740485][T12382]  ? __pfx_sock_write_iter+0x10/0x10
[  432.742466][T12382]  ? ___pte_offset_map+0x58/0x540
[  432.744694][T12382]  ? bpf_lsm_file_permission+0x9/0x10
[  432.747122][T12382]  ? security_file_permission+0x71/0x210
[  432.757118][T12382]  vfs_write+0x5ae/0x1150
[  432.759572][T12382]  ? __pfx_sock_write_iter+0x10/0x10
[  432.762599][T12382]  ? __pfx_vfs_write+0x10/0x10
[  432.765671][T12382]  ? cgroup_rstat_updated+0x2a/0xb20
[  432.769823][T12382]  ? __fget_files+0x40/0x3a0
[  432.773735][T12382]  ksys_write+0x207/0x250
[  432.777133][T12382]  ? __pfx_ksys_write+0x10/0x10
[  432.780883][T12382]  ? rcu_is_watching+0x12/0xc0
[  432.783616][T12382]  __do_fast_syscall_32+0x73/0x120
[  432.786891][T12382]  do_fast_syscall_32+0x32/0x80
[  432.790780][T12382]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  432.795012][T12382] RIP: 0023:0xf7f82579
[  432.797320][T12382] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  432.810765][T12382] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  432.816270][T12382] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  432.822374][T12382] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[  432.828616][T12382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  432.834958][T12382] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  432.841182][T12382] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  432.847192][T12382]  </TASK>
[  433.264032][   T25] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  433.459637][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  433.477733][   T25] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  433.517937][   T25] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  433.540641][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.547318][   T25] usb 8-1: config 0 descriptor??
[  433.562474][   T25] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  436.027440][   T25] usb 8-1: USB disconnect, device number 25
[  436.553779][T12409] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1992'.
[  439.308780][T12437] FAULT_INJECTION: forcing a failure.
[  439.308780][T12437] name failslab, interval 1, probability 0, space 0, times 0
[  439.316184][T12437] CPU: 2 UID: 0 PID: 12437 Comm: syz.3.2004 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  439.322481][T12437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  439.327626][T12437] Call Trace:
[  439.329372][T12437]  <TASK>
[  439.330976][T12437]  dump_stack_lvl+0x16c/0x1f0
[  439.333290][T12437]  should_fail_ex+0x497/0x5b0
[  439.335097][T12437]  ? fs_reclaim_acquire+0xae/0x150
[  439.337714][T12437]  should_failslab+0xc2/0x120
[  439.340075][T12437]  __kmalloc_noprof+0xce/0x4f0
[  439.342952][T12437]  ? tomoyo_realpath_from_path+0xbf/0x710
[  439.346000][T12437]  tomoyo_realpath_from_path+0xbf/0x710
[  439.349476][T12437]  ? tomoyo_path_number_perm+0x235/0x5b0
[  439.352850][T12437]  tomoyo_path_number_perm+0x248/0x5b0
[  439.355990][T12437]  ? tomoyo_path_number_perm+0x235/0x5b0
[  439.359506][T12437]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  439.363150][T12437]  ? rcu_is_watching+0x12/0xc0
[  439.365925][T12437]  ? preempt_count_add+0x76/0x150
[  439.369012][T12437]  ? __pfx_lock_release+0x10/0x10
[  439.372026][T12437]  ? trace_lock_acquire+0x14e/0x1f0
[  439.375751][T12437]  ? __fget_files+0x40/0x3a0
[  439.379941][T12437]  ? lock_acquire+0x2f/0xb0
[  439.382099][T12437]  ? __fget_files+0x40/0x3a0
[  439.384051][T12437]  ? __fget_files+0x206/0x3a0
[  439.386696][T12437]  security_file_ioctl_compat+0x9b/0x240
[  439.389852][T12437]  __do_compat_sys_ioctl+0x4e/0x2c0
[  439.393883][T12437]  __do_fast_syscall_32+0x73/0x120
[  439.397746][T12437]  do_fast_syscall_32+0x32/0x80
[  439.400676][T12437]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  439.404463][T12437] RIP: 0023:0xf7f82579
[  439.406629][T12437] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  439.415469][T12437] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  439.421096][T12437] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005412
[  439.427153][T12437] RDX: 00000000200006c0 RSI: 0000000000000000 RDI: 0000000000000000
[  439.431866][T12437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  439.436720][T12437] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  439.437795][ T1411] ieee802154 phy0 wpan0: encryption failed: -22
[  439.441921][T12437] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  439.441942][T12437]  </TASK>
[  439.450664][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[  439.458835][T12437] ERROR: Out of memory at tomoyo_realpath_from_path.
[  440.377864][T12455] FAULT_INJECTION: forcing a failure.
[  440.377864][T12455] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  440.383291][T12455] CPU: 3 UID: 0 PID: 12455 Comm: syz.2.2010 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  440.388050][T12455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  440.402871][T12455] Call Trace:
[  440.404664][T12455]  <TASK>
[  440.410593][T12455]  dump_stack_lvl+0x16c/0x1f0
[  440.413075][T12455]  should_fail_ex+0x497/0x5b0
[  440.429335][T12455]  _copy_to_user+0x32/0xd0
[  440.431112][T12455]  simple_read_from_buffer+0xd0/0x160
[  440.433498][T12455]  proc_fail_nth_read+0x198/0x270
[  440.435563][T12455]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  440.437871][T12455]  ? bpf_lsm_file_permission+0x9/0x10
[  440.440079][T12455]  ? security_file_permission+0x71/0x210
[  440.442390][T12455]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  440.458060][T12455]  vfs_read+0x1df/0xbe0
[  440.459750][T12455]  ? __fget_files+0x1fc/0x3a0
[  440.461728][T12455]  ? __pfx___mutex_lock+0x10/0x10
[  440.463630][T12455]  ? __pfx_vfs_read+0x10/0x10
[  440.465263][T12455]  ? __fget_files+0x206/0x3a0
[  440.466937][T12455]  ksys_read+0x12b/0x250
[  440.468813][T12455]  ? __pfx_ksys_read+0x10/0x10
[  440.471118][T12455]  ? rcu_is_watching+0x12/0xc0
[  440.480550][T12455]  __do_fast_syscall_32+0x73/0x120
[  440.482635][T12455]  do_fast_syscall_32+0x32/0x80
[  440.484595][T12455]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  440.486886][T12455] RIP: 0023:0xf7fb2579
[  440.500860][T12455] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  440.511712][T12455] RSP: 002b:00000000f5106590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  440.522643][T12455] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5106620
[  440.526267][T12455] RDX: 000000000000000f RSI: 00000000f7443ff4 RDI: 0000000000000000
[  440.532637][T12455] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  440.541376][T12455] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  440.551182][T12455] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  440.555512][T12455]  </TASK>
[  440.617778][T12457] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2011'.
[  442.527459][T12019] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  442.735691][T12019] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  442.759076][T12019] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  442.782035][T12019] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  442.807415][T12019] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  442.811166][T12019] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.815114][T12019] usb 8-1: config 0 descriptor??
[  443.260972][T12019] usbhid 8-1:0.0: can't add hid device: -71
[  443.265199][T12019] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  443.277954][T12019] usb 8-1: USB disconnect, device number 26
[  443.968750][T12492] FAULT_INJECTION: forcing a failure.
[  443.968750][T12492] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  443.973408][T12492] CPU: 2 UID: 0 PID: 12492 Comm: syz.3.2024 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  443.978126][T12492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  443.982607][T12492] Call Trace:
[  443.984055][T12492]  <TASK>
[  443.985332][T12492]  dump_stack_lvl+0x16c/0x1f0
[  443.987147][T12492]  should_fail_ex+0x497/0x5b0
[  443.988995][T12492]  _copy_from_user+0x2e/0xd0
[  443.990875][T12492]  get_compat_msghdr+0xa8/0x170
[  443.993324][T12492]  ? __pfx_get_compat_msghdr+0x10/0x10
[  443.997032][T12492]  ? rcu_is_watching+0x12/0xc0
[  444.001014][T12492]  ? lock_release+0x4e2/0x6f0
[  444.003951][T12492]  ? get_pid_task+0xfc/0x250
[  444.006823][T12492]  ___sys_sendmsg+0x1b0/0x1e0
[  444.009939][T12492]  ? get_pid_task+0x35/0x250
[  444.012872][T12492]  ? __pfx____sys_sendmsg+0x10/0x10
[  444.016234][T12492]  ? lock_release+0x4e2/0x6f0
[  444.020363][T12492]  ? __pfx_lock_release+0x10/0x10
[  444.024279][T12492]  ? trace_lock_acquire+0x14e/0x1f0
[  444.028134][T12492]  ? __fget_files+0x206/0x3a0
[  444.031330][T12492]  __sys_sendmsg+0x16e/0x220
[  444.033984][T12492]  ? __pfx___sys_sendmsg+0x10/0x10
[  444.036444][T12492]  ? rcu_is_watching+0x12/0xc0
[  444.038632][T12492]  __do_fast_syscall_32+0x73/0x120
[  444.041331][T12492]  do_fast_syscall_32+0x32/0x80
[  444.043222][T12492]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  444.046037][T12492] RIP: 0023:0xf7f82579
[  444.048128][T12492] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  444.057305][T12492] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  444.063272][T12492] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  444.068979][T12492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  444.075407][T12492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  444.079919][T12492] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  444.083974][T12492] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  444.087041][T12492]  </TASK>
[  445.054134][T12502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2029'.
[  445.547355][T12019] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  445.750067][T12019] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  445.754547][T12019] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  445.760958][T12019] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  445.769659][T12019] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  445.776249][T12019] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.784882][T12019] usb 8-1: config 0 descriptor??
[  446.236986][T12019] usbhid 8-1:0.0: can't add hid device: -71
[  446.239761][T12019] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  446.244788][T12019] usb 8-1: USB disconnect, device number 27
[  448.197268][T12528] openvswitch: netlink: push_nsh: missing base or metadata attributes
[  448.201893][T12528] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  448.232493][ T6063] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  448.439857][ T6063] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  448.444713][ T6063] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  448.466099][ T6063] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  448.482680][T12534] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2042'.
[  448.489799][ T6063] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  448.494346][ T6063] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.501362][ T6063] usb 8-1: config 0 descriptor??
[  448.919011][ T6063] usbhid 8-1:0.0: can't add hid device: -71
[  448.921463][ T6063] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  448.929263][ T6063] usb 8-1: USB disconnect, device number 28
[  449.353672][T12536] FAULT_INJECTION: forcing a failure.
[  449.353672][T12536] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  449.363013][T12536] CPU: 3 UID: 0 PID: 12536 Comm: syz.2.2043 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  449.372406][T12536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  449.383030][T12536] Call Trace:
[  449.384480][T12536]  <TASK>
[  449.385654][T12536]  dump_stack_lvl+0x16c/0x1f0
[  449.390132][T12536]  should_fail_ex+0x497/0x5b0
[  449.392106][T12536]  strncpy_from_user+0x3b/0x2d0
[  449.396643][T12536]  setxattr_copy+0x8a/0x210
[  449.398782][T12536]  path_setxattrat+0x104/0x290
[  449.401277][T12536]  ? __pfx_path_setxattrat+0x10/0x10
[  449.404180][T12536]  ? fput+0x67/0x440
[  449.408325][T12536]  ? ksys_write+0x1ba/0x250
[  449.410752][T12536]  ? __pfx_ksys_write+0x10/0x10
[  449.413304][T12536]  __ia32_sys_fsetxattr+0xc4/0x140
[  449.415398][T12536]  __do_fast_syscall_32+0x73/0x120
[  449.418538][T12536]  do_fast_syscall_32+0x32/0x80
[  449.422493][T12536]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  449.425502][T12536] RIP: 0023:0xf7fb2579
[  449.427642][T12536] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  449.437121][T12536] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 00000000000000e4
[  449.441100][T12536] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  449.444791][T12536] RDX: 00000000200000c0 RSI: 0000000000000009 RDI: 0000000000000000
[  449.448248][T12536] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  449.455155][T12536] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  449.469301][T12536] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  449.473374][T12536]  </TASK>
[  450.548432][T12546] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  452.957439][ T6063] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  453.051620][T12575] syz.4.2056: attempt to access beyond end of device
[  453.051620][T12575] nbd4: rw=0, sector=64, nr_sectors = 1 limit=0
[  453.078045][T12575] syz.4.2056: attempt to access beyond end of device
[  453.078045][T12575] nbd4: rw=0, sector=256, nr_sectors = 1 limit=0
[  453.082997][T12575] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  453.087174][T12575] syz.4.2056: attempt to access beyond end of device
[  453.087174][T12575] nbd4: rw=0, sector=512, nr_sectors = 1 limit=0
[  453.097788][T12575] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  453.116323][T12575] UDF-fs: warning (device nbd4): udf_load_vrs: No anchor found
[  453.121112][T12575] UDF-fs: Scanning with blocksize 512 failed
[  453.136477][ T6063] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  453.140830][T12575] syz.4.2056: attempt to access beyond end of device
[  453.140830][T12575] nbd4: rw=0, sector=64, nr_sectors = 2 limit=0
[  453.146273][ T6063] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  453.154002][T12575] syz.4.2056: attempt to access beyond end of device
[  453.154002][T12575] nbd4: rw=0, sector=512, nr_sectors = 2 limit=0
[  453.156961][ T6063] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  453.161543][T12575] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  453.161670][T12575] syz.4.2056: attempt to access beyond end of device
[  453.161670][T12575] nbd4: rw=0, sector=1024, nr_sectors = 2 limit=0
[  453.166779][ T6063] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  453.171687][T12575] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  453.171707][T12575] UDF-fs: warning (device nbd4): udf_load_vrs: No anchor found
[  453.171716][T12575] UDF-fs: Scanning with blocksize 1024 failed
[  453.171915][T12575] syz.4.2056: attempt to access beyond end of device
[  453.171915][T12575] nbd4: rw=0, sector=64, nr_sectors = 4 limit=0
[  453.171980][T12575] syz.4.2056: attempt to access beyond end of device
[  453.171980][T12575] nbd4: rw=0, sector=1024, nr_sectors = 4 limit=0
[  453.172004][T12575] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  453.172047][T12575] syz.4.2056: attempt to access beyond end of device
[  453.172047][T12575] nbd4: rw=0, sector=2048, nr_sectors = 4 limit=0
[  453.172071][T12575] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  453.172083][T12575] UDF-fs: warning (device nbd4): udf_load_vrs: No anchor found
[  453.172091][T12575] UDF-fs: Scanning with blocksize 2048 failed
[  453.172212][T12575] syz.4.2056: attempt to access beyond end of device
[  453.172212][T12575] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  453.172305][T12575] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=256, location=256
[  453.172354][T12575] UDF-fs: error (device nbd4): udf_read_tagged: read failed, block=512, location=512
[  453.172366][T12575] UDF-fs: warning (device nbd4): udf_load_vrs: No anchor found
[  453.172373][T12575] UDF-fs: Scanning with blocksize 4096 failed
[  453.172379][T12575] UDF-fs: warning (device nbd4): udf_fill_super: No partition found (1)
[  453.311555][ T6063] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.342573][ T6063] usb 8-1: config 0 descriptor??
[  453.376440][T12579] binder: 12578:12579 ioctl 4028af11 20000300 returned -22
[  453.381676][T12579] binder: 12578:12579 ioctl c0306201 20000180 returned -14
[  453.442784][T12581] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2058'.
[  453.767379][ T6063] usbhid 8-1:0.0: can't add hid device: -71
[  453.771626][ T6063] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  453.777911][ T6063] usb 8-1: USB disconnect, device number 29
[  455.845140][T12602] FAULT_INJECTION: forcing a failure.
[  455.845140][T12602] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  455.851786][T12602] CPU: 2 UID: 0 PID: 12602 Comm: syz.4.2066 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  455.858409][T12602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  455.865328][T12602] Call Trace:
[  455.867415][T12602]  <TASK>
[  455.869092][T12602]  dump_stack_lvl+0x16c/0x1f0
[  455.871997][T12602]  should_fail_ex+0x497/0x5b0
[  455.874915][T12602]  _copy_from_user+0x2e/0xd0
[  455.877744][T12602]  get_compat_msghdr+0xa8/0x170
[  455.880773][T12602]  ? __pfx_get_compat_msghdr+0x10/0x10
[  455.883806][T12602]  ? rcu_is_watching+0x12/0xc0
[  455.886317][T12602]  ? lock_release+0x4e2/0x6f0
[  455.888853][T12602]  ? get_pid_task+0xfc/0x250
[  455.891795][T12602]  ___sys_sendmsg+0x1b0/0x1e0
[  455.894767][T12602]  ? get_pid_task+0x35/0x250
[  455.897752][T12602]  ? __pfx____sys_sendmsg+0x10/0x10
[  455.901167][T12602]  ? lock_release+0x4e2/0x6f0
[  455.903678][T12602]  ? __pfx_lock_release+0x10/0x10
[  455.906530][T12602]  ? trace_lock_acquire+0x14e/0x1f0
[  455.908958][T12602]  ? __fget_files+0x206/0x3a0
[  455.911855][T12602]  __sys_sendmsg+0x16e/0x220
[  455.914216][T12602]  ? __pfx___sys_sendmsg+0x10/0x10
[  455.916838][T12602]  ? rcu_is_watching+0x12/0xc0
[  455.919418][T12602]  __do_fast_syscall_32+0x73/0x120
[  455.922126][T12602]  do_fast_syscall_32+0x32/0x80
[  455.924432][T12602]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  455.927009][T12602] RIP: 0023:0xf7f45579
[  455.928812][T12602] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  455.937172][T12602] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  455.941461][T12602] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001200
[  455.945431][T12602] RDX: 0000000004008094 RSI: 0000000000000000 RDI: 0000000000000000
[  455.949414][T12602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  455.954376][T12602] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  455.958416][T12602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  455.962431][T12602]  </TASK>
[  456.257327][ T6063] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  456.440451][ T6063] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  456.459502][ T6063] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  456.463360][ T6063] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  456.494168][ T6063] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  456.513564][ T6063] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  456.518121][ T6063] usb 9-1: config 0 descriptor??
[  456.948096][ T6063] usbhid 9-1:0.0: can't add hid device: -71
[  456.954663][ T6063] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  456.959631][ T6063] usb 9-1: USB disconnect, device number 18
[  457.905027][T12617] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2072'.
[  459.637355][T12019] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  459.809886][T12019] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  459.814091][T12019] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  459.819078][T12019] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  459.836763][T12019] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  459.851162][T12019] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.861717][T12019] usb 9-1: config 0 descriptor??
[  460.301056][T12019] usbhid 9-1:0.0: can't add hid device: -71
[  460.304217][T12019] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  460.318016][T12019] usb 9-1: USB disconnect, device number 19
[  462.837421][T12652] virtio-fs: tag <(null)> not found
[  462.857624][  T831] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  463.061765][  T831] usb 9-1: Using ep0 maxpacket: 32
[  463.073411][  T831] usb 9-1: config 0 has an invalid interface number: 67 but max is 0
[  463.088905][  T831] usb 9-1: config 0 has no interface number 0
[  463.103155][  T831] usb 9-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  463.116433][  T831] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.131303][  T831] usb 9-1: Product: syz
[  463.133644][  T831] usb 9-1: Manufacturer: syz
[  463.135685][  T831] usb 9-1: SerialNumber: syz
[  463.186416][  T831] usb 9-1: config 0 descriptor??
[  463.216484][  T831] smsc95xx v2.0.0
[  463.234152][  T831] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  463.239805][  T831] smsc95xx 9-1:0.67: probe with driver smsc95xx failed with error -22
[  463.307510][    T9] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  463.432596][ T5969] usb 9-1: USB disconnect, device number 20
[  463.505705][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  463.510028][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  463.514877][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  463.522847][    T9] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  463.528209][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.534251][    T9] usb 8-1: config 0 descriptor??
[  463.629633][T12658] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2086'.
[  464.009394][    T9] usbhid 8-1:0.0: can't add hid device: -71
[  464.013974][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  464.025855][    T9] usb 8-1: USB disconnect, device number 30
[  464.322722][T12668] FAULT_INJECTION: forcing a failure.
[  464.322722][T12668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  464.331631][T12668] CPU: 1 UID: 0 PID: 12668 Comm: syz.4.2089 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  464.338648][T12668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  464.343532][T12668] Call Trace:
[  464.345219][T12668]  <TASK>
[  464.346981][T12668]  dump_stack_lvl+0x16c/0x1f0
[  464.350300][T12668]  should_fail_ex+0x497/0x5b0
[  464.353211][T12668]  _copy_from_user+0x2e/0xd0
[  464.355704][T12668]  move_addr_to_kernel+0x68/0x160
[  464.358316][T12668]  __sys_connect+0xb0/0x170
[  464.360972][T12668]  ? __pfx___sys_connect+0x10/0x10
[  464.364626][T12668]  ? __pfx_ksys_write+0x10/0x10
[  464.368275][T12668]  __ia32_sys_connect+0x71/0xb0
[  464.371477][T12668]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  464.375852][T12668]  __do_fast_syscall_32+0x73/0x120
[  464.379274][T12668]  do_fast_syscall_32+0x32/0x80
[  464.382543][T12668]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.386337][T12668] RIP: 0023:0xf7f45579
[  464.388993][T12668] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  464.401328][T12668] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  464.406259][T12668] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  464.410602][T12668] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  464.414814][T12668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  464.419035][T12668] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  464.423397][T12668] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  464.428061][T12668]  </TASK>
[  465.604460][T12691] FAULT_INJECTION: forcing a failure.
[  465.604460][T12691] name failslab, interval 1, probability 0, space 0, times 0
[  465.613556][T12691] CPU: 0 UID: 0 PID: 12691 Comm: syz.2.2097 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  465.619652][T12691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  465.624199][T12691] Call Trace:
[  465.625780][T12691]  <TASK>
[  465.627153][T12691]  dump_stack_lvl+0x16c/0x1f0
[  465.629339][T12691]  should_fail_ex+0x497/0x5b0
[  465.631725][T12691]  ? fs_reclaim_acquire+0xae/0x150
[  465.634323][T12691]  should_failslab+0xc2/0x120
[  465.636777][T12691]  __kmalloc_noprof+0xce/0x4f0
[  465.639558][T12691]  ? tomoyo_realpath_from_path+0xbf/0x710
[  465.642499][T12691]  tomoyo_realpath_from_path+0xbf/0x710
[  465.645618][T12691]  ? tomoyo_path_number_perm+0x235/0x5b0
[  465.648458][T12691]  tomoyo_path_number_perm+0x248/0x5b0
[  465.651117][T12691]  ? tomoyo_path_number_perm+0x235/0x5b0
[  465.653671][T12691]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  465.656480][T12691]  ? rcu_is_watching+0x12/0xc0
[  465.658780][T12691]  ? preempt_count_add+0x76/0x150
[  465.661611][T12691]  ? __pfx_lock_release+0x10/0x10
[  465.664565][T12691]  ? trace_lock_acquire+0x14e/0x1f0
[  465.668050][T12691]  ? __fget_files+0x40/0x3a0
[  465.672216][T12691]  ? lock_acquire+0x2f/0xb0
[  465.677785][T12691]  ? __fget_files+0x40/0x3a0
[  465.692986][T12691]  ? __fget_files+0x206/0x3a0
[  465.694818][T12691]  security_file_ioctl_compat+0x9b/0x240
[  465.697030][T12691]  __do_compat_sys_ioctl+0x4e/0x2c0
[  465.698956][T12691]  __do_fast_syscall_32+0x73/0x120
[  465.700876][T12691]  do_fast_syscall_32+0x32/0x80
[  465.702708][T12691]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  465.705385][T12691] RIP: 0023:0xf7fb2579
[  465.710066][T12691] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  465.730385][T12691] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  465.736715][T12691] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000720
[  465.746026][T12691] RDX: 0000000020000580 RSI: 0000000000000000 RDI: 0000000000000000
[  465.749452][T12691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  465.752971][T12691] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  465.771841][T12691] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  465.782236][T12691]  </TASK>
[  465.794139][T12691] ERROR: Out of memory at tomoyo_realpath_from_path.
[  466.517582][T12699] syzkaller0: entered promiscuous mode
[  466.527420][T12699] syzkaller0: entered allmulticast mode
[  466.957370][ T5969] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  467.130548][ T5969] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  467.135637][ T5969] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  467.147349][ T5969] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  467.153175][ T5969] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  467.156604][ T5969] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.180274][ T5969] usb 9-1: config 0 descriptor??
[  467.660547][ T5969] usbhid 9-1:0.0: can't add hid device: -71
[  467.665777][ T5969] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  467.671090][ T5969] usb 9-1: USB disconnect, device number 21
[  469.257601][ T5935] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  469.262962][ T5935] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  469.426707][T12723] FAULT_INJECTION: forcing a failure.
[  469.426707][T12723] name failslab, interval 1, probability 0, space 0, times 0
[  469.450370][T12723] CPU: 1 UID: 0 PID: 12723 Comm: syz.2.2107 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  469.476463][T12723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  469.482285][T12723] Call Trace:
[  469.484121][T12723]  <TASK>
[  469.485332][T12723]  dump_stack_lvl+0x16c/0x1f0
[  469.487454][T12723]  should_fail_ex+0x497/0x5b0
[  469.490204][T12723]  ? fs_reclaim_acquire+0xae/0x150
[  469.499889][T12723]  should_failslab+0xc2/0x120
[  469.503029][T12723]  __kmalloc_noprof+0xce/0x4f0
[  469.506202][T12723]  ? tomoyo_realpath_from_path+0xbf/0x710
[  469.509913][T12723]  tomoyo_realpath_from_path+0xbf/0x710
[  469.523210][T12723]  ? tomoyo_path_number_perm+0x235/0x5b0
[  469.526979][T12723]  tomoyo_path_number_perm+0x248/0x5b0
[  469.530644][T12723]  ? tomoyo_path_number_perm+0x235/0x5b0
[  469.540579][T12723]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  469.543997][T12723]  ? rcu_is_watching+0x12/0xc0
[  469.546823][T12723]  ? preempt_count_add+0x76/0x150
[  469.559865][T12723]  ? __pfx_lock_release+0x10/0x10
[  469.563291][T12723]  ? trace_lock_acquire+0x14e/0x1f0
[  469.566763][T12723]  ? __fget_files+0x40/0x3a0
[  469.569910][T12723]  ? lock_acquire+0x2f/0xb0
[  469.580419][T12723]  ? __fget_files+0x40/0x3a0
[  469.582902][T12723]  ? __fget_files+0x206/0x3a0
[  469.584845][T12723]  security_file_ioctl_compat+0x9b/0x240
[  469.587118][T12723]  __do_compat_sys_ioctl+0x4e/0x2c0
[  469.589593][T12723]  __do_fast_syscall_32+0x73/0x120
[  469.602891][T12723]  do_fast_syscall_32+0x32/0x80
[  469.605844][T12723]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  469.609691][T12723] RIP: 0023:0xf7fb2579
[  469.620179][T12723] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  469.627355][T12723] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  469.646204][T12723] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c048aeca
[  469.651255][T12723] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  469.654641][T12723] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  469.658064][T12723] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  469.674637][T12723] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  469.678183][T12723]  </TASK>
[  469.680687][T12723] ERROR: Out of memory at tomoyo_realpath_from_path.
[  470.118881][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2109'.
[  479.836940][T12760] FAULT_INJECTION: forcing a failure.
[  479.836940][T12760] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  479.843321][T12760] CPU: 3 UID: 0 PID: 12760 Comm: syz.4.2117 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  479.852735][T12760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  479.863212][T12760] Call Trace:
[  479.865346][T12760]  <TASK>
[  479.867883][T12760]  dump_stack_lvl+0x16c/0x1f0
[  479.870813][T12760]  should_fail_ex+0x497/0x5b0
[  479.873501][T12760]  _copy_from_user+0x2e/0xd0
[  479.879583][T12760]  get_compat_msghdr+0xa8/0x170
[  479.882406][T12760]  ? __pfx_get_compat_msghdr+0x10/0x10
[  479.886554][T12760]  ? __pfx__kstrtoull+0x10/0x10
[  479.889541][T12760]  ? __pfx_lock_release+0x10/0x10
[  479.892240][T12760]  ? trace_lock_acquire+0x14e/0x1f0
[  479.894841][T12760]  ___sys_recvmsg+0x193/0x1a0
[  479.906432][T12760]  ? __pfx____sys_recvmsg+0x10/0x10
[  479.909504][T12760]  ? lock_release+0x4e2/0x6f0
[  479.912394][T12760]  ? __fget_files+0x1fc/0x3a0
[  479.915614][T12760]  ? trace_lock_acquire+0x14e/0x1f0
[  479.918734][T12760]  ? __fget_files+0x206/0x3a0
[  479.921422][T12760]  do_recvmmsg+0x55d/0x740
[  479.923917][T12760]  ? __pfx_do_recvmmsg+0x10/0x10
[  479.926946][T12760]  ? preempt_count_add+0x76/0x150
[  479.929850][T12760]  ? vfs_write+0x306/0x1150
[  479.932180][T12760]  ? __fget_files+0x206/0x3a0
[  479.934470][T12760]  __sys_recvmmsg+0x21e/0x280
[  479.937494][T12760]  ? __pfx___sys_recvmmsg+0x10/0x10
[  479.940735][T12760]  ? __pfx_ksys_write+0x10/0x10
[  479.943187][T12760]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  479.946682][T12760]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  479.949966][T12760]  __do_fast_syscall_32+0x73/0x120
[  479.952880][T12760]  do_fast_syscall_32+0x32/0x80
[  479.955763][T12760]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  479.959485][T12760] RIP: 0023:0xf7f45579
[  479.961995][T12760] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  479.972822][T12760] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  479.977721][T12760] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020004e80
[  479.982742][T12760] RDX: 0000000000000001 RSI: 0000000000000102 RDI: 0000000000000000
[  479.987654][T12760] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  479.992369][T12760] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  479.996896][T12760] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  480.001368][T12760]  </TASK>
[  481.719288][  T831] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  481.893459][  T831] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  481.898972][  T831] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  481.904424][  T831] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  481.912165][  T831] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  481.917813][  T831] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.932483][  T831] usb 8-1: config 0 descriptor??
[  482.364370][  T831] usbhid 8-1:0.0: can't add hid device: -71
[  482.367014][  T831] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  482.375284][  T831] usb 8-1: USB disconnect, device number 31
[  483.059764][T12792] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2126'.
[  483.111411][T12796] FAULT_INJECTION: forcing a failure.
[  483.111411][T12796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  483.117226][T12796] CPU: 0 UID: 0 PID: 12796 Comm: syz.4.2128 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  483.121916][T12796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  483.134186][T12796] Call Trace:
[  483.135632][T12796]  <TASK>
[  483.136806][T12796]  dump_stack_lvl+0x16c/0x1f0
[  483.138834][T12796]  should_fail_ex+0x497/0x5b0
[  483.140780][T12796]  _copy_from_user+0x2e/0xd0
[  483.142666][T12796]  get_compat_msghdr+0xa8/0x170
[  483.152330][T12796]  ? __pfx_get_compat_msghdr+0x10/0x10
[  483.154425][T12796]  ? rcu_is_watching+0x12/0xc0
[  483.156290][T12796]  ? lock_release+0x4e2/0x6f0
[  483.158280][T12796]  ? get_pid_task+0xfc/0x250
[  483.160368][T12796]  ___sys_sendmsg+0x1b0/0x1e0
[  483.179052][T12796]  ? get_pid_task+0x35/0x250
[  483.192178][T12796]  ? __pfx____sys_sendmsg+0x10/0x10
[  483.195036][T12796]  ? lock_release+0x4e2/0x6f0
[  483.197285][T12796]  ? __pfx_lock_release+0x10/0x10
[  483.199402][T12796]  ? trace_lock_acquire+0x14e/0x1f0
[  483.210118][T12796]  ? __fget_files+0x206/0x3a0
[  483.212889][T12796]  __sys_sendmsg+0x16e/0x220
[  483.215641][T12796]  ? __pfx___sys_sendmsg+0x10/0x10
[  483.217912][T12796]  ? rcu_is_watching+0x12/0xc0
[  483.230233][T12796]  __do_fast_syscall_32+0x73/0x120
[  483.232766][T12796]  do_fast_syscall_32+0x32/0x80
[  483.235495][T12796]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  483.238912][T12796] RIP: 0023:0xf7f45579
[  483.250735][T12796] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  483.261643][T12796] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  483.271940][T12796] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200
[  483.276736][T12796] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  483.287376][T12796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  483.293890][T12796] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  483.308819][T12796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  483.311902][T12796]  </TASK>
[  484.827351][  T831] usb 6-1: new full-speed USB device number 16 using dummy_hcd
[  484.839190][   T56] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  484.909852][T12819] FAULT_INJECTION: forcing a failure.
[  484.909852][T12819] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  484.914890][T12819] CPU: 1 UID: 0 PID: 12819 Comm: syz.2.2136 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  484.923621][T12819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  484.938685][T12819] Call Trace:
[  484.940392][T12819]  <TASK>
[  484.941683][T12819]  dump_stack_lvl+0x16c/0x1f0
[  484.944095][T12819]  should_fail_ex+0x497/0x5b0
[  484.946153][T12819]  _copy_from_user+0x2e/0xd0
[  484.975372][T12819]  get_compat_msghdr+0xa8/0x170
[  484.978125][T12819]  ? __pfx_get_compat_msghdr+0x10/0x10
[  484.981063][T12819]  ? rcu_is_watching+0x12/0xc0
[  484.993151][T12819]  ? lock_release+0x4e2/0x6f0
[  484.995508][T12819]  ? get_pid_task+0xfc/0x250
[  484.997853][T12819]  ___sys_sendmsg+0x1b0/0x1e0
[  485.014149][T12819]  ? get_pid_task+0x35/0x250
[  485.016894][T12819]  ? __pfx____sys_sendmsg+0x10/0x10
[  485.022473][T12819]  ? lock_release+0x4e2/0x6f0
[  485.041085][T12819]  ? __pfx_lock_release+0x10/0x10
[  485.043467][T12819]  ? trace_lock_acquire+0x14e/0x1f0
[  485.046303][T12819]  ? __fget_files+0x206/0x3a0
[  485.049031][T12819]  __sys_sendmsg+0x16e/0x220
[  485.050969][T12819]  ? __pfx___sys_sendmsg+0x10/0x10
[  485.052794][T12819]  ? rcu_is_watching+0x12/0xc0
[  485.054404][T12819]  __do_fast_syscall_32+0x73/0x120
[  485.056362][T12819]  do_fast_syscall_32+0x32/0x80
[  485.072013][T12819]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  485.075057][T12819] RIP: 0023:0xf7fb2579
[  485.077233][T12819] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  485.087793][T12819] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  485.106506][T12819] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  485.110483][T12819] RDX: 0000000000000c40 RSI: 0000000000000000 RDI: 0000000000000000
[  485.114752][T12819] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  485.118811][T12819] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  485.123040][T12819] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  485.131404][T12819]  </TASK>
[  485.222328][   T56] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  485.241062][  T831] usb 6-1: config index 0 descriptor too short (expected 31, got 27)
[  485.255415][  T831] usb 6-1: config 1 interface 0 has no altsetting 0
[  485.260511][   T56] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  485.264393][   T56] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  485.303839][   T56] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  485.308650][   T56] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  485.321934][   T56] usb 9-1: config 0 descriptor??
[  485.331205][  T831] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= b.72
[  485.338031][  T831] usb 6-1: New USB device strings: Mfr=28, Product=37, SerialNumber=3
[  485.342616][  T831] usb 6-1: Product: syz
[  485.345683][  T831] usb 6-1: Manufacturer: syz
[  485.349174][  T831] usb 6-1: SerialNumber: syz
[  485.757619][   T56] usbhid 9-1:0.0: can't add hid device: -71
[  485.875096][   T56] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  485.881217][   T56] usb 9-1: USB disconnect, device number 22
[  486.085946][  T831] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  486.503382][    C0] usblp0: nonzero write bulk status received: -71
[  486.505524][   T56] usb 6-1: USB disconnect, device number 16
[  486.721002][T12807] usblp0: removed
[  489.113451][T12861] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2148'.
[  489.167840][    T9] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  489.349270][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  489.354082][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  489.359727][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  489.382545][    T9] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  489.386050][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.397846][    T9] usb 8-1: config 0 descriptor??
[  489.817848][    T9] usbhid 8-1:0.0: can't add hid device: -71
[  489.820649][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  489.825933][    T9] usb 8-1: USB disconnect, device number 32
[  495.482530][T12879] FAULT_INJECTION: forcing a failure.
[  495.482530][T12879] name failslab, interval 1, probability 0, space 0, times 0
[  495.519323][T12879] CPU: 0 UID: 0 PID: 12879 Comm: syz.1.2154 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  495.538320][T12879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  495.544896][T12879] Call Trace:
[  495.546955][T12879]  <TASK>
[  495.548656][T12879]  dump_stack_lvl+0x16c/0x1f0
[  495.551569][T12879]  should_fail_ex+0x497/0x5b0
[  495.554412][T12879]  ? fs_reclaim_acquire+0xae/0x150
[  495.569767][T12879]  should_failslab+0xc2/0x120
[  495.572675][T12879]  __kmalloc_noprof+0xce/0x4f0
[  495.577369][T12879]  ? tomoyo_realpath_from_path+0xbf/0x710
[  495.588892][T12879]  tomoyo_realpath_from_path+0xbf/0x710
[  495.592390][T12879]  ? tomoyo_path_number_perm+0x235/0x5b0
[  495.596239][T12879]  tomoyo_path_number_perm+0x248/0x5b0
[  495.607732][T12879]  ? tomoyo_path_number_perm+0x235/0x5b0
[  495.611248][T12879]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  495.614992][T12879]  ? rcu_is_watching+0x12/0xc0
[  495.628073][T12879]  ? preempt_count_add+0x76/0x150
[  495.630560][T12879]  ? __pfx_lock_release+0x10/0x10
[  495.632470][T12879]  ? trace_lock_acquire+0x14e/0x1f0
[  495.634393][T12879]  ? __fget_files+0x40/0x3a0
[  495.636365][T12879]  ? lock_acquire+0x2f/0xb0
[  495.647634][T12879]  ? __fget_files+0x40/0x3a0
[  495.650484][T12879]  ? __fget_files+0x206/0x3a0
[  495.653397][T12879]  security_file_ioctl_compat+0x9b/0x240
[  495.656862][T12879]  __do_compat_sys_ioctl+0x4e/0x2c0
[  495.682932][T12879]  __do_fast_syscall_32+0x73/0x120
[  495.687858][T12879]  do_fast_syscall_32+0x32/0x80
[  495.691391][T12879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  495.696225][T12879] RIP: 0023:0xf70ee579
[  495.701547][T12879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  495.725787][T12879] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  495.736673][T12879] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005412
[  495.747997][T12879] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  495.758799][T12879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  495.768050][T12879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  495.779332][T12879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  495.793376][T12879]  </TASK>
[  495.800325][T12879] ERROR: Out of memory at tomoyo_realpath_from_path.
[  499.934997][T12907] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2161'.
[  500.883207][ T1411] ieee802154 phy0 wpan0: encryption failed: -22
[  500.886974][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[  501.839979][ T6063] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  502.010992][ T6063] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  502.014753][ T6063] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  502.019632][ T6063] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  502.024817][ T6063] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  502.031745][ T6063] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.036261][ T6063] usb 8-1: config 0 descriptor??
[  502.430464][T12926] FAULT_INJECTION: forcing a failure.
[  502.430464][T12926] name failslab, interval 1, probability 0, space 0, times 0
[  502.435810][T12926] CPU: 3 UID: 0 PID: 12926 Comm: syz.2.2167 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  502.441355][T12926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  502.452261][T12926] Call Trace:
[  502.454093][T12926]  <TASK>
[  502.455814][T12926]  dump_stack_lvl+0x16c/0x1f0
[  502.460519][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.467189][T12926]  should_fail_ex+0x497/0x5b0
[  502.467222][T12926]  ? fs_reclaim_acquire+0xae/0x150
[  502.467241][T12926]  should_failslab+0xc2/0x120
[  502.467263][T12926]  __kmalloc_noprof+0xce/0x4f0
[  502.467284][T12926]  ? trace_lock_acquire+0x14e/0x1f0
[  502.467305][T12926]  ? tomoyo_realpath_from_path+0xbf/0x710
[  502.467325][T12926]  tomoyo_realpath_from_path+0xbf/0x710
[  502.467347][T12926]  tomoyo_check_open_permission+0x2ad/0x3c0
[  502.467372][T12926]  ? get_pid_task+0xfc/0x250
[  502.467394][T12926]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  502.467422][T12926]  ? lock_release+0x4e2/0x6f0
[  502.467436][T12926]  ? ksys_write+0x12b/0x250
[  502.467459][T12926]  ? lock_acquire+0x2f/0xb0
[  502.467473][T12926]  ? __fget_files+0x40/0x3a0
[  502.467494][T12926]  tomoyo_file_fcntl+0x9e/0xc0
[  502.467514][T12926]  security_file_fcntl+0x211/0x240
[  502.467533][T12926]  do_compat_fcntl64+0x12f/0x6c0
[  502.467553][T12926]  ? __fget_files+0x206/0x3a0
[  502.467570][T12926]  ? __pfx_do_compat_fcntl64+0x10/0x10
[  502.467591][T12926]  ? fput+0x67/0x440
[  502.467610][T12926]  ? ksys_write+0x1ba/0x250
[  502.467627][T12926]  ? rcu_is_watching+0x12/0xc0
[  502.467646][T12926]  __do_fast_syscall_32+0x73/0x120
[  502.467667][T12926]  do_fast_syscall_32+0x32/0x80
[  502.467686][T12926]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  502.467710][T12926] RIP: 0023:0xf7fb2579
[  502.467724][T12926] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  502.467748][T12926] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000037
[  502.467765][T12926] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000004
[  502.467802][T12926] RDX: 0000000000042400 RSI: 0000000000000000 RDI: 0000000000000000
[  502.467814][T12926] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  502.467824][T12926] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  502.467833][T12926] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  502.467849][T12926]  </TASK>
[  502.471343][T12926] ERROR: Out of memory at tomoyo_realpath_from_path.
[  502.615708][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.624016][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.626826][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.635814][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.639249][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.642532][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.645449][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.649486][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.654318][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.660010][ T6063] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0
[  502.664896][ T6063] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[  502.670655][ T6063] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  502.705029][ T6063] usb 8-1: USB disconnect, device number 33
[  503.677863][T12948] FAULT_INJECTION: forcing a failure.
[  503.677863][T12948] name failslab, interval 1, probability 0, space 0, times 0
[  503.683434][T12948] CPU: 3 UID: 0 PID: 12948 Comm: syz.1.2173 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  503.688786][T12948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  503.702808][T12948] Call Trace:
[  503.705025][T12948]  <TASK>
[  503.720085][T12948]  dump_stack_lvl+0x16c/0x1f0
[  503.726070][T12948]  should_fail_ex+0x497/0x5b0
[  503.728242][T12948]  ? fs_reclaim_acquire+0xae/0x150
[  503.740742][T12948]  should_failslab+0xc2/0x120
[  503.742713][T12948]  __kmalloc_noprof+0xce/0x4f0
[  503.745008][T12948]  ? tomoyo_realpath_from_path+0xbf/0x710
[  503.748408][T12948]  tomoyo_realpath_from_path+0xbf/0x710
[  503.751173][T12948]  ? tomoyo_path_number_perm+0x235/0x5b0
[  503.754120][T12948]  tomoyo_path_number_perm+0x248/0x5b0
[  503.757614][T12948]  ? tomoyo_path_number_perm+0x235/0x5b0
[  503.761410][T12948]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  503.764423][T12948]  ? rcu_is_watching+0x12/0xc0
[  503.766759][T12948]  ? preempt_count_add+0x76/0x150
[  503.769108][T12948]  ? __pfx_lock_release+0x10/0x10
[  503.771401][T12948]  ? trace_lock_acquire+0x14e/0x1f0
[  503.774107][T12948]  ? __fget_files+0x40/0x3a0
[  503.777131][T12948]  ? lock_acquire+0x2f/0xb0
[  503.780672][T12948]  ? __fget_files+0x40/0x3a0
[  503.783013][T12948]  ? __fget_files+0x206/0x3a0
[  503.785204][T12948]  security_file_ioctl_compat+0x9b/0x240
[  503.788314][T12948]  __do_compat_sys_ioctl+0x4e/0x2c0
[  503.791310][T12948]  __do_fast_syscall_32+0x73/0x120
[  503.794581][T12948]  do_fast_syscall_32+0x32/0x80
[  503.797855][T12948]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  503.801495][T12948] RIP: 0023:0xf70ee579
[  503.803755][T12948] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  503.823674][T12948] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  503.828761][T12948] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000004004743a
[  503.839234][T12948] RDX: 0000000020000300 RSI: 0000000000000000 RDI: 0000000000000000
[  503.844446][T12948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  503.849665][T12948] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  503.854801][T12948] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  503.860164][T12948]  </TASK>
[  503.873462][T12948] ERROR: Out of memory at tomoyo_realpath_from_path.
[  504.105785][T12954] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2175'.
[  504.827870][T12019] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  505.011437][T12019] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  505.017984][T12019] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  505.040657][T12019] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  505.076501][T12019] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  505.087392][T12019] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.132461][T12019] usb 6-1: config 0 descriptor??
[  505.562606][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.567382][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.572132][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.576753][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.580444][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.583604][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.586855][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.607973][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.612172][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.615322][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.628110][T12019] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  505.632779][T12019] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[  505.639446][T12019] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  505.831428][T12019] usb 6-1: USB disconnect, device number 17
[  510.377364][ T6063] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[  510.528892][ T6063] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  510.533905][ T6063] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  510.540150][ T6063] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  510.545089][ T6063] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  510.559160][ T6063] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.584479][ T6063] usb 8-1: config 0 descriptor??
[  511.012277][ T6063] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  511.036118][ T6063] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  511.042747][ T6063] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  511.047193][ T6063] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  511.056216][ T6063] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  511.062758][ T6063] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  511.072683][ T6063] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving
[  511.160846][ T6063] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  511.289718][ T6063] usb 8-1: USB disconnect, device number 34
[  513.387942][T13003] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2192'.
[  516.717727][ T5969] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  516.874561][ T5969] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  516.891460][ T5969] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  516.905348][ T5969] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  516.911976][ T5969] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  516.929201][ T5969] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.938134][ T5969] usb 8-1: config 0 descriptor??
[  517.499113][ T5969] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  517.503101][ T5969] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  517.510214][ T5969] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  517.513126][ T5969] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  517.515885][ T5969] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  517.519875][ T5969] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  517.524799][ T5969] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving
[  517.531555][ T5969] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  517.810290][ T5969] usb 8-1: USB disconnect, device number 35
[  518.550538][T13040] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2203'.
[  524.697430][ T6107] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  524.944843][ T6107] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  524.993466][ T6107] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  525.079266][ T6107] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  525.084967][ T6107] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  525.092473][ T6107] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  525.120767][ T6107] usb 6-1: config 0 descriptor??
[  526.044837][ T6107] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  526.057021][ T6107] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  526.062170][ T6107] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  526.065582][ T6107] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  526.086953][ T6107] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  526.091538][ T6107] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  526.100450][ T6107] plantronics 0003:047F:FFFF.0017: No inputs registered, leaving
[  526.327803][ T6107] plantronics 0003:047F:FFFF.0017: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  526.370331][ T6107] usb 6-1: USB disconnect, device number 18
[  526.593396][T13087] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2216'.
[  528.013957][T13096] FAULT_INJECTION: forcing a failure.
[  528.013957][T13096] name failslab, interval 1, probability 0, space 0, times 0
[  528.027028][T13096] CPU: 3 UID: 0 PID: 13096 Comm: syz.4.2219 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  528.034453][T13096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  528.041821][T13096] Call Trace:
[  528.044104][T13096]  <TASK>
[  528.047107][T13096]  dump_stack_lvl+0x16c/0x1f0
[  528.060333][T13096]  should_fail_ex+0x497/0x5b0
[  528.062910][T13096]  ? fs_reclaim_acquire+0xae/0x150
[  528.071690][T13096]  should_failslab+0xc2/0x120
[  528.073736][T13096]  __kmalloc_node_track_caller_noprof+0xcf/0x520
[  528.076413][T13096]  ? rxrpc_setsockopt+0x48d/0x8f0
[  528.078506][T13096]  ? lock_release+0x4e2/0x6f0
[  528.080462][T13096]  rxrpc_server_keyring+0xfe/0x2e0
[  528.082595][T13096]  ? __pfx_rxrpc_server_keyring+0x10/0x10
[  528.084855][T13096]  ? rcu_is_watching+0x12/0xc0
[  528.086765][T13096]  ? trace_irq_enable.constprop.0+0xea/0x140
[  528.105426][T13096]  rxrpc_setsockopt+0x48d/0x8f0
[  528.107514][T13096]  ? __pfx_rxrpc_setsockopt+0x10/0x10
[  528.124279][T13096]  ? __pfx_aa_sk_perm+0x10/0x10
[  528.126261][T13096]  ? vfs_write+0x306/0x1150
[  528.128087][T13096]  ? __pfx_rxrpc_setsockopt+0x10/0x10
[  528.130654][T13096]  do_sock_setsockopt+0x222/0x480
[  528.138585][T13096]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  528.141554][T13096]  ? __fget_files+0x40/0x3a0
[  528.143801][T13096]  ? lock_acquire+0x2f/0xb0
[  528.145952][T13096]  __sys_setsockopt+0x1a0/0x230
[  528.148148][T13096]  __ia32_sys_setsockopt+0xbc/0x160
[  528.151786][T13096]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  528.154967][T13096]  __do_fast_syscall_32+0x73/0x120
[  528.157264][T13096]  do_fast_syscall_32+0x32/0x80
[  528.159592][T13096]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  528.162390][T13096] RIP: 0023:0xf7f45579
[  528.164202][T13096] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  528.176815][T13096] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  528.182537][T13096] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000110
[  528.188912][T13096] RDX: 0000000000000002 RSI: 0000000020000140 RDI: 0000000000000003
[  528.195215][T13096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  528.201422][T13096] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  528.207622][T13096] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  528.213783][T13096]  </TASK>
[  528.541046][T13099] syz_tun: left allmulticast mode
[  528.550286][T13099] bridge0: port 1(syz_tun) entered disabled state
[  528.674645][T13099] bond0: (slave bond1): Releasing backup interface
[  529.881736][T13100] ipvlan4: entered promiscuous mode
[  530.680501][ T5969] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  530.721525][T13118] syzkaller0: tun_chr_ioctl cmd 1074025677
[  530.726925][T13118] syzkaller0: linktype set to 0
[  530.731923][T13122] FAULT_INJECTION: forcing a failure.
[  530.731923][T13122] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  530.742215][T13122] CPU: 3 UID: 0 PID: 13122 Comm: syz.4.2228 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  530.748690][T13122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  530.755879][T13122] Call Trace:
[  530.757710][T13122]  <TASK>
[  530.759317][T13122]  dump_stack_lvl+0x16c/0x1f0
[  530.762153][T13122]  should_fail_ex+0x497/0x5b0
[  530.765056][T13122]  _copy_from_user+0x2e/0xd0
[  530.768004][T13122]  get_compat_msghdr+0xa8/0x170
[  530.770923][T13122]  ? __pfx_get_compat_msghdr+0x10/0x10
[  530.773835][T13122]  ? rcu_is_watching+0x12/0xc0
[  530.776847][T13122]  ? lock_release+0x4e2/0x6f0
[  530.779662][T13122]  ? get_pid_task+0xfc/0x250
[  530.782366][T13122]  ___sys_sendmsg+0x1b0/0x1e0
[  530.785253][T13122]  ? get_pid_task+0x35/0x250
[  530.788343][T13122]  ? __pfx____sys_sendmsg+0x10/0x10
[  530.791727][T13122]  ? lock_release+0x4e2/0x6f0
[  530.795084][T13122]  ? __pfx_lock_release+0x10/0x10
[  530.798133][T13122]  ? trace_lock_acquire+0x14e/0x1f0
[  530.801631][T13122]  ? __fget_files+0x206/0x3a0
[  530.804492][T13122]  __sys_sendmsg+0x16e/0x220
[  530.807226][T13122]  ? __pfx___sys_sendmsg+0x10/0x10
[  530.810206][T13122]  ? rcu_is_watching+0x12/0xc0
[  530.812929][T13122]  __do_fast_syscall_32+0x73/0x120
[  530.816133][T13122]  do_fast_syscall_32+0x32/0x80
[  530.818953][T13122]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  530.822624][T13122] RIP: 0023:0xf7f45579
[  530.824963][T13122] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  530.836065][T13122] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  530.840854][T13122] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  530.845475][T13122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  530.850665][T13122] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  530.856000][T13122] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  530.861175][T13122] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  530.866250][T13122]  </TASK>
[  530.868625][ T5978] IPVS: starting estimator thread 0...
[  530.968050][T13123] IPVS: using max 32 ests per chain, 76800 per kthread
[  531.063109][ T5969] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  531.067374][ T5969] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  531.071791][ T5969] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  531.092008][ T5969] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  531.095357][ T5969] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.099798][ T5969] usb 6-1: config 0 descriptor??
[  531.451689][T13133] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2232'.
[  531.552533][ T5969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  531.556728][ T5969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  531.589877][ T5969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  531.593822][ T5969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  531.602570][ T5969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  531.605968][ T5969] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0
[  531.613166][ T5969] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving
[  531.619323][ T5969] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  531.833662][ T5969] usb 6-1: USB disconnect, device number 19
[  532.895870][    C3] vkms_vblank_simulate: vblank timer overrun
[  532.975167][T13147] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2238'.
[  533.002022][T13147] bond2: entered promiscuous mode
[  533.004748][T13147] bond2: entered allmulticast mode
[  533.019063][T13147] 8021q: adding VLAN 0 to HW filter on device batadv1
[  533.039267][T13147] batadv1: entered promiscuous mode
[  533.041761][T13147] batadv1: entered allmulticast mode
[  533.044269][T13147] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  533.757424][ T2297] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  533.930418][ T2297] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  533.935346][ T2297] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  533.945020][ T2297] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  533.964014][ T2297] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  533.981604][ T2297] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.027841][ T2297] usb 6-1: config 0 descriptor??
[  534.271697][T13161] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2242'.
[  534.296632][T13161] bond1: entered promiscuous mode
[  534.315337][T13161] bond1: entered allmulticast mode
[  534.319314][T13161] FAULT_INJECTION: forcing a failure.
[  534.319314][T13161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  534.325887][T13161] CPU: 3 UID: 0 PID: 13161 Comm: syz.3.2242 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  534.340586][T13161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  534.345867][T13161] Call Trace:
[  534.349715][T13161]  <TASK>
[  534.351285][T13161]  dump_stack_lvl+0x16c/0x1f0
[  534.361342][T13161]  should_fail_ex+0x497/0x5b0
[  534.364037][T13161]  _copy_from_user+0x2e/0xd0
[  534.366676][T13161]  get_compat_msghdr+0xa8/0x170
[  534.369893][T13161]  ? __pfx_get_compat_msghdr+0x10/0x10
[  534.381820][T13161]  ? rcu_is_watching+0x12/0xc0
[  534.384422][T13161]  ? lock_release+0x4e2/0x6f0
[  534.386925][T13161]  ? get_pid_task+0xfc/0x250
[  534.389412][T13161]  ___sys_sendmsg+0x1b0/0x1e0
[  534.400916][T13161]  ? get_pid_task+0x35/0x250
[  534.403715][T13161]  ? __pfx____sys_sendmsg+0x10/0x10
[  534.406842][T13161]  ? lock_release+0x4e2/0x6f0
[  534.409740][T13161]  ? __pfx_lock_release+0x10/0x10
[  534.420986][T13161]  ? trace_lock_acquire+0x14e/0x1f0
[  534.424125][T13161]  ? __fget_files+0x206/0x3a0
[  534.426929][T13161]  __sys_sendmsg+0x16e/0x220
[  534.429788][T13161]  ? __pfx___sys_sendmsg+0x10/0x10
[  534.441952][T13161]  ? rcu_is_watching+0x12/0xc0
[  534.444913][T13161]  __do_fast_syscall_32+0x73/0x120
[  534.447783][ T2297] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  534.447947][T13161]  do_fast_syscall_32+0x32/0x80
[  534.451595][ T2297] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  534.451613][ T2297] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  534.451629][ T2297] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  534.451645][ T2297] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  534.451662][ T2297] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  534.451902][ T2297] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving
[  534.458363][ T2297] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  534.517265][T13161]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  534.529670][T13161] RIP: 0023:0xf7f82579
[  534.532234][T13161] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  534.544074][T13161] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  534.550341][T13161] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  534.555445][T13161] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  534.560550][T13161] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  534.565411][T13161] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  534.571467][T13161] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  534.576091][T13161]  </TASK>
[  534.578098][    C3] vkms_vblank_simulate: vblank timer overrun
[  534.668956][    C3] vkms_vblank_simulate: vblank timer overrun
[  534.686344][T13169] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2243'.
[  534.710941][ T6107] usb 6-1: USB disconnect, device number 20
[  534.721752][T13169] bond2: entered promiscuous mode
[  534.726750][T13169] bond2: entered allmulticast mode
[  534.768945][T13171] 8021q: adding VLAN 0 to HW filter on device batadv1
[  534.782567][T13171] batadv1: entered promiscuous mode
[  534.785630][T13171] batadv1: entered allmulticast mode
[  534.788711][T13171] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  535.956287][T13188] FAULT_INJECTION: forcing a failure.
[  535.956287][T13188] name failslab, interval 1, probability 0, space 0, times 0
[  535.964946][T13188] CPU: 2 UID: 0 PID: 13188 Comm: syz.4.2249 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  535.971867][T13188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  535.979239][T13188] Call Trace:
[  535.981853][T13188]  <TASK>
[  535.984185][T13188]  dump_stack_lvl+0x16c/0x1f0
[  535.987689][T13188]  should_fail_ex+0x497/0x5b0
[  535.990836][T13188]  ? fs_reclaim_acquire+0xae/0x150
[  535.992961][T13188]  should_failslab+0xc2/0x120
[  535.995424][T13188]  __kmalloc_noprof+0xce/0x4f0
[  535.998141][T13188]  ? tomoyo_realpath_from_path+0xbf/0x710
[  536.001361][T13188]  tomoyo_realpath_from_path+0xbf/0x710
[  536.004791][T13188]  ? tomoyo_path_number_perm+0x235/0x5b0
[  536.008410][T13188]  tomoyo_path_number_perm+0x248/0x5b0
[  536.012131][T13188]  ? tomoyo_path_number_perm+0x235/0x5b0
[  536.015803][T13188]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  536.019888][T13188]  ? rcu_is_watching+0x12/0xc0
[  536.022684][T13188]  ? preempt_count_add+0x76/0x150
[  536.025934][T13188]  ? __pfx_lock_release+0x10/0x10
[  536.029336][T13188]  ? trace_lock_acquire+0x14e/0x1f0
[  536.032419][T13188]  ? __fget_files+0x40/0x3a0
[  536.035376][T13188]  ? lock_acquire+0x2f/0xb0
[  536.037964][T13188]  ? __fget_files+0x40/0x3a0
[  536.040141][T13188]  ? __fget_files+0x206/0x3a0
[  536.042512][T13188]  security_file_ioctl_compat+0x9b/0x240
[  536.044788][T13188]  __do_compat_sys_ioctl+0x4e/0x2c0
[  536.047371][T13188]  __do_fast_syscall_32+0x73/0x120
[  536.050084][T13188]  do_fast_syscall_32+0x32/0x80
[  536.052223][T13188]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  536.055199][T13188] RIP: 0023:0xf7f45579
[  536.057681][T13188] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  536.068342][T13188] RSP: 002b:00000000f505455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  536.072416][T13188] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045009
[  536.076363][T13188] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  536.080577][T13188] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  536.084539][T13188] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  536.088354][T13188] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  536.092883][T13188]  </TASK>
[  536.096302][T13188] ERROR: Out of memory at tomoyo_realpath_from_path.
[  538.697514][ T2297] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  538.849134][ T2297] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  538.854121][ T2297] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  538.858818][ T2297] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  538.864600][ T2297] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  538.881959][ T2297] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  538.899941][ T2297] usb 6-1: config 0 descriptor??
[  538.915360][T13214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2254'.
[  539.322163][ T2297] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  539.325449][ T2297] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  539.330190][ T2297] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  539.333714][ T2297] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  539.340108][ T2297] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  539.344516][ T2297] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  539.349551][ T2297] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving
[  539.356675][ T2297] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  539.614797][ T2297] usb 6-1: USB disconnect, device number 21
[  543.958862][T13236] FAULT_INJECTION: forcing a failure.
[  543.958862][T13236] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  543.964346][T13236] CPU: 2 UID: 0 PID: 13236 Comm: syz.3.2262 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  543.969116][T13236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  543.983534][T13236] Call Trace:
[  543.986093][T13236]  <TASK>
[  543.987407][T13236]  dump_stack_lvl+0x16c/0x1f0
[  543.999844][T13236]  should_fail_ex+0x497/0x5b0
[  544.002799][T13236]  _copy_from_user+0x2e/0xd0
[  544.005538][T13236]  get_compat_msghdr+0xa8/0x170
[  544.012105][T13236]  ? __pfx_get_compat_msghdr+0x10/0x10
[  544.019118][T13236]  ? rcu_is_watching+0x12/0xc0
[  544.027942][T13236]  ? lock_release+0x4e2/0x6f0
[  544.031189][T13236]  ? get_pid_task+0xfc/0x250
[  544.037174][T13236]  ___sys_sendmsg+0x1b0/0x1e0
[  544.044990][T13236]  ? get_pid_task+0x35/0x250
[  544.051703][T13236]  ? __pfx____sys_sendmsg+0x10/0x10
[  544.058520][T13236]  ? lock_release+0x4e2/0x6f0
[  544.065901][T13236]  ? __pfx_lock_release+0x10/0x10
[  544.069209][T13236]  ? trace_lock_acquire+0x14e/0x1f0
[  544.079057][T13236]  ? __fget_files+0x206/0x3a0
[  544.082569][T13236]  __sys_sendmsg+0x16e/0x220
[  544.089172][T13236]  ? __pfx___sys_sendmsg+0x10/0x10
[  544.100431][T13236]  ? rcu_is_watching+0x12/0xc0
[  544.102863][T13236]  __do_fast_syscall_32+0x73/0x120
[  544.106270][T13236]  do_fast_syscall_32+0x32/0x80
[  544.110460][T13236]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  544.120365][T13236] RIP: 0023:0xf7f82579
[  544.123546][T13236] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  544.136308][T13236] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  544.140578][T13236] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  544.144536][T13236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  544.149609][T13236] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  544.155833][T13236] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  544.163172][T13236] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  544.169580][T13236]  </TASK>
[  544.234348][   T40] audit: type=1326 audit(1735449599.969:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.292116][   T40] audit: type=1326 audit(1735449599.979:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.358133][   T40] audit: type=1326 audit(1735449600.099:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.368720][   T40] audit: type=1326 audit(1735449600.099:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.388797][ T5969] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  544.401323][   T40] audit: type=1326 audit(1735449600.139:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13246 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.449774][   T40] audit: type=1326 audit(1735449600.189:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.459552][   T40] audit: type=1326 audit(1735449600.189:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.474551][   T40] audit: type=1326 audit(1735449600.189:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.486209][   T40] audit: type=1326 audit(1735449600.199:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=241 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.498834][   T40] audit: type=1326 audit(1735449600.199:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13242 comm="syz.3.2264" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  544.609927][ T5969] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.624914][ T5969] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  544.629601][ T5969] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  544.640622][ T5969] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  544.644674][ T5969] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.657984][ T5969] usb 6-1: config 0 descriptor??
[  544.692184][T13252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2266'.
[  544.836708][    C0] ==================================================================
[  544.840380][    C0] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x271/0x2c0
[  544.843312][    C0] Read of size 4 at addr ffff88801192f804 by task syz.3.2264/13242
[  544.864560][    C0] 
[  544.865689][    C0] CPU: 0 UID: 0 PID: 13242 Comm: syz.3.2264 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  544.874573][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  544.892832][    C0] Call Trace:
[  544.894434][    C0]  <IRQ>
[  544.895812][    C0]  dump_stack_lvl+0x116/0x1f0
[  544.898050][    C0]  print_report+0xc3/0x620
[  544.900126][    C0]  ? __virt_addr_valid+0x5e/0x590
[  544.902495][    C0]  ? __phys_addr+0xc6/0x150
[  544.904438][    C0]  kasan_report+0xd9/0x110
[  544.920847][    C0]  ? do_raw_spin_lock+0x271/0x2c0
[  544.922849][    C0]  ? do_raw_spin_lock+0x271/0x2c0
[  544.924867][    C0]  do_raw_spin_lock+0x271/0x2c0
[  544.926710][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  544.928764][    C0]  ? p9_req_put+0xaf/0x250
[  544.930899][    C0]  ? lock_acquire+0x2f/0xb0
[  544.934047][    C0]  ? p9_req_put+0xaf/0x250
[  544.937204][    C0]  _raw_spin_lock_irqsave+0x42/0x60
[  544.940561][    C0]  ? p9_req_put+0xaf/0x250
[  544.942846][    C0]  p9_req_put+0xaf/0x250
[  544.944971][    C0]  req_done+0x1e7/0x2f0
[  544.947484][    C0]  ? __pfx_req_done+0x10/0x10
[  544.950368][    C0]  ? rcu_is_watching+0x12/0xc0
[  544.952497][    C0]  ? lock_release+0x4e2/0x6f0
[  544.956093][    C0]  ? __pfx_req_done+0x10/0x10
[  544.958851][    C0]  vring_interrupt+0x31b/0x400
[  544.961077][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  544.963809][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[  544.967431][    C0]  handle_irq_event+0xab/0x1e0
[  544.969721][    C0]  handle_edge_irq+0x263/0xd10
[  544.971799][    C0]  __common_interrupt+0xdf/0x250
[  544.983911][    C0]  common_interrupt+0xba/0xe0
[  544.985754][    C0]  </IRQ>
[  544.986883][    C0]  <TASK>
[  544.988027][    C0]  asm_common_interrupt+0x26/0x40
[  544.990021][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[  544.992702][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 e6 91 59 f6 48 89 df e8 1e 11 5a f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 45 01 4b f6 65 8b 05 b6 24 e7 74 85 c0 74 16 5b
[  545.012225][    C0] RSP: 0018:ffffc90026a7fb78 EFLAGS: 00000246
[  545.014174][    C0] RAX: 0000000000000046 RBX: ffff888022512e40 RCX: 1ffffffff203a2fa
[  545.016881][    C0] RDX: 0000000000000000 RSI: ffffffff8bb16fc0 RDI: ffffffff8b1cb5a2
[  545.036142][    C0] RBP: 0000000000000202 R08: 0000000000000000 R09: 0000000000000000
[  545.039866][    C0] R10: ffffffff901ce4d7 R11: 0000000000000000 R12: ffff888022512454
[  545.042946][    C0] R13: ffff888022512e40 R14: ffff888022512440 R15: ffffc90026a7fbd8
[  545.046008][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  545.048551][    C0]  try_to_wake_up+0x949/0x1490
[  545.050764][    C0]  ? __pfx_try_to_wake_up+0x10/0x10
[  545.059683][    C0]  ? __pfx_lock_release+0x10/0x10
[  545.062836][    C0]  ? plist_check_head+0xa3/0x150
[  545.065105][    C0]  wake_up_q+0x91/0x140
[  545.067011][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  545.077190][ T5969] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  545.083939][    C0]  futex_wake+0x43e/0x4e0
[  545.083972][    C0]  ? __pfx_futex_wake+0x10/0x10
[  545.083990][    C0]  ? __pfx___handle_mm_fault+0x10/0x10
[  545.107651][    C0]  ? __pfx_down_read_trylock+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  545.110260][    C0]  do_futex+0x1e5/0x350
[  545.129365][    C0]  ? __pfx_do_futex+0x10/0x10
[  545.131130][    C0]  ? rcu_is_watching+0x12/0xc0
[  545.133014][    C0]  __ia32_sys_futex_time32+0x1da/0x460
[  545.134945][    C0]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  545.137135][    C0]  ? rcu_is_watching+0x12/0xc0
[  545.138922][    C0]  __do_fast_syscall_32+0x73/0x120
[  545.160961][    C0]  do_fast_syscall_32+0x32/0x80
[  545.162780][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  545.165001][    C0] RIP: 0023:0xf7f82579
[  545.184842][    C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  545.188562][ T5969] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  545.191807][    C0] RSP: 002b:00000000ffe36d5c EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[  545.213663][ T5969] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  545.221231][    C0] RAX: ffffffffffffffda RBX: 00000000f7445018 RCX: 0000000000000081
[  545.221250][    C0] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000000000000000
[  545.221260][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  545.221269][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  545.221278][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  545.221292][    C0]  </TASK>
[  545.221298][    C0] 
[  545.221302][    C0] Allocated by task 13244:
[  545.221310][    C0]  kasan_save_stack+0x33/0x60
[  545.221331][    C0]  kasan_save_track+0x14/0x30
[  545.221346][    C0]  __kasan_kmalloc+0xaa/0xb0
[  545.221361][    C0]  p9_client_create+0xc8/0x11a0
[  545.221377][    C0]  v9fs_session_init+0x1f8/0x1a80
[  545.221395][    C0]  v9fs_mount+0xc6/0xa30
[  545.221407][    C0]  legacy_get_tree+0x109/0x220
[  545.221423][    C0]  vfs_get_tree+0x8f/0x380
[  545.221436][    C0]  path_mount+0x6e1/0x1f10
[  545.221452][    C0]  __ia32_sys_mount+0x292/0x310
[  545.221467][    C0]  __do_fast_syscall_32+0x73/0x120
[  545.221484][    C0]  do_fast_syscall_32+0x32/0x80
[  545.221500][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  545.221519][    C0] 
[  545.221523][    C0] Freed by task 13244:
[  545.221529][    C0]  kasan_save_stack+0x33/0x60
[  545.221543][    C0]  kasan_save_track+0x14/0x30
[  545.221559][    C0]  kasan_save_free_info+0x3b/0x60
[  545.221574][    C0]  __kasan_slab_free+0x51/0x70
[  545.221592][    C0]  kfree+0x14f/0x4b0
[  545.221608][    C0]  p9_client_create+0x97d/0x11a0
[  545.221623][    C0]  v9fs_session_init+0x1f8/0x1a80
[  545.221642][    C0]  v9fs_mount+0xc6/0xa30
[  545.221656][    C0]  legacy_get_tree+0x109/0x220
[  545.221671][    C0]  vfs_get_tree+0x8f/0x380
[  545.221686][    C0]  path_mount+0x6e1/0x1f10
[  545.221702][    C0]  __ia32_sys_mount+0x292/0x310
[  545.221719][    C0]  __do_fast_syscall_32+0x73/0x120
[  545.221736][    C0]  do_fast_syscall_32+0x32/0x80
[  545.221753][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  545.221775][    C0] 
[  545.221779][    C0] The buggy address belongs to the object at ffff88801192f800
[  545.221779][    C0]  which belongs to the cache kmalloc-512 of size 512
[  545.221791][    C0] The buggy address is located 4 bytes inside of
[  545.221791][    C0]  freed 512-byte region [ffff88801192f800, ffff88801192fa00)
[  545.221804][    C0] 
[  545.221807][    C0] The buggy address belongs to the physical page:
[  545.221813][    C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88801192d400 pfn:0x1192c
[  545.221828][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  545.221840][    C0] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  545.271978][ T5969] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  545.273149][    C0] page_type: f5(slab)
[  545.274056][ T5969] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  545.275949][    C0] raw: 00fff00000000040 ffff88801ac42c80 0000000000000000 dead000000000001
[  545.281424][ T5969] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  545.308643][    C0] raw: ffff88801192d400 000000008010000c 00000001f5000000 0000000000000000
[  545.308664][    C0] head: 00fff00000000040 ffff88801ac42c80 0000000000000000 dead000000000001
[  545.308678][    C0] head: ffff88801192d400 000000008010000c 00000001f5000000 0000000000000000
[  545.308692][    C0] head: 00fff00000000002 ffffea0000464b01 ffffffffffffffff 0000000000000000
[  545.308706][    C0] head: ffff888000000004 0000000000000000 00000000ffffffff 0000000000000000
[  545.308714][    C0] page dumped because: kasan: bad access detected
[  545.308723][    C0] page_owner tracks the page as allocated
[  545.308728][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 13196, tgid 13194 (syz.1.2251), ts 537556333824, free_ts 536771897979
[  545.308759][    C0]  post_alloc_hook+0x2d1/0x350
[  545.308783][    C0]  get_page_from_freelist+0xfce/0x2f80
[  545.308803][    C0]  __alloc_pages_noprof+0x223/0x25b0
[  545.308821][    C0]  alloc_pages_mpol_noprof+0x2c9/0x610
[  545.308844][    C0]  new_slab+0x2c9/0x410
[  545.308859][    C0]  ___slab_alloc+0xce2/0x1650
[  545.308874][    C0]  __slab_alloc.constprop.0+0x56/0xb0
[  545.308891][    C0]  __kmalloc_cache_noprof+0xf6/0x420
[  545.308908][    C0]  sctp_endpoint_new+0x7c/0xc90
[  545.308926][    C0]  sctp_init_sock+0xe2c/0x1330
[  545.308941][    C0]  sctp_v6_init_sock+0x16/0x70
[  545.308956][    C0]  inet6_create+0xb53/0x1320
[  545.308971][    C0]  __sock_create+0x335/0x8d0
[  545.308987][    C0]  __sys_socket+0x14f/0x260
[  545.309002][    C0]  __ia32_sys_socket+0x72/0xb0
[  545.309017][    C0]  __do_fast_syscall_32+0x73/0x120
[  545.309036][    C0] page last free pid 13191 tgid 13190 stack trace:
[  545.309045][    C0]  free_unref_page+0x661/0x1080
[  545.309063][    C0]  __put_partials+0x14c/0x170
[  545.309079][    C0]  qlist_free_all+0x4e/0x120
[  545.309096][    C0]  kasan_quarantine_reduce+0x195/0x1e0
[  545.309114][    C0]  __kasan_slab_alloc+0x69/0x90
[  545.309133][    C0]  kmem_cache_alloc_node_noprof+0x1ca/0x3b0
[  545.309150][    C0]  __alloc_skb+0x2b3/0x380
[  545.309168][    C0]  alloc_skb_with_frags+0xe4/0x850
[  545.309190][    C0]  sock_alloc_send_pskb+0x7f1/0x980
[  545.309208][    C0]  unix_dgram_sendmsg+0x46c/0x1940
[  545.309228][    C0]  ____sys_sendmsg+0x9ae/0xb40
[  545.309243][    C0]  ___sys_sendmsg+0x135/0x1e0
[  545.309262][    C0]  __sys_sendmmsg+0x2fa/0x420
[  545.309281][    C0]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  545.309297][    C0]  __do_fast_syscall_32+0x73/0x120
[  545.309315][    C0]  do_fast_syscall_32+0x32/0x80
[  545.309335][    C0] 
[  545.309339][    C0] Memory state around the buggy address:
[  545.309354][    C0]  ffff88801192f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  545.309366][    C0]  ffff88801192f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  545.309376][    C0] >ffff88801192f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  545.309385][    C0]                    ^
[  545.309394][    C0]  ffff88801192f880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  545.309405][    C0]  ffff88801192f900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  545.309414][    C0] ==================================================================
[  545.309424][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  545.309434][    C0] CPU: 0 UID: 0 PID: 13242 Comm: syz.3.2264 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  545.309454][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  545.309464][    C0] Call Trace:
[  545.309475][    C0]  <IRQ>
[  545.309484][    C0]  dump_stack_lvl+0x3d/0x1f0
[  545.309505][    C0]  panic+0x71d/0x800
[  545.309528][    C0]  ? __pfx_panic+0x10/0x10
[  545.309548][    C0]  ? rcu_is_watching+0x12/0xc0
[  545.309567][    C0]  ? __pfx_lock_release+0x10/0x10
[  545.309585][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  545.309608][    C0]  check_panic_on_warn+0xab/0xb0
[  545.309630][    C0]  end_report+0x117/0x180
[  545.309651][    C0]  kasan_report+0xe9/0x110
[  545.309673][    C0]  ? do_raw_spin_lock+0x271/0x2c0
[  545.309692][    C0]  ? do_raw_spin_lock+0x271/0x2c0
[  545.309713][    C0]  do_raw_spin_lock+0x271/0x2c0
[  545.309730][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  545.309747][    C0]  ? p9_req_put+0xaf/0x250
[  545.309766][    C0]  ? lock_acquire+0x2f/0xb0
[  545.309780][    C0]  ? p9_req_put+0xaf/0x250
[  545.309799][    C0]  _raw_spin_lock_irqsave+0x42/0x60
[  545.309817][    C0]  ? p9_req_put+0xaf/0x250
[  545.309834][    C0]  p9_req_put+0xaf/0x250
[  545.309853][    C0]  req_done+0x1e7/0x2f0
[  545.309890][    C0]  ? __pfx_req_done+0x10/0x10
[  545.309903][    C0]  ? rcu_is_watching+0x12/0xc0
[  545.309921][    C0]  ? lock_release+0x4e2/0x6f0
[  545.309937][    C0]  ? __pfx_req_done+0x10/0x10
[  545.309951][    C0]  vring_interrupt+0x31b/0x400
[  545.309972][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  545.309990][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[  545.310015][    C0]  handle_irq_event+0xab/0x1e0
[  545.310035][    C0]  handle_edge_irq+0x263/0xd10
[  545.310056][    C0]  __common_interrupt+0xdf/0x250
[  545.310081][    C0]  common_interrupt+0xba/0xe0
[  545.310103][    C0]  </IRQ>
[  545.310109][    C0]  <TASK>
[  545.310116][    C0]  asm_common_interrupt+0x26/0x40
[  545.310137][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[  545.310156][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 e6 91 59 f6 48 89 df e8 1e 11 5a f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 45 01 4b f6 65 8b 05 b6 24 e7 74 85 c0 74 16 5b
[  545.310171][    C0] RSP: 0018:ffffc90026a7fb78 EFLAGS: 00000246
[  545.310187][    C0] RAX: 0000000000000046 RBX: ffff888022512e40 RCX: 1ffffffff203a2fa
[  545.310198][    C0] RDX: 0000000000000000 RSI: ffffffff8bb16fc0 RDI: ffffffff8b1cb5a2
[  545.310210][    C0] RBP: 0000000000000202 R08: 0000000000000000 R09: 0000000000000000
[  545.310220][    C0] R10: ffffffff901ce4d7 R11: 0000000000000000 R12: ffff888022512454
[  545.310231][    C0] R13: ffff888022512e40 R14: ffff888022512440 R15: ffffc90026a7fbd8
[  545.310247][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  545.310266][    C0]  try_to_wake_up+0x949/0x1490
[  545.310283][    C0]  ? __pfx_try_to_wake_up+0x10/0x10
[  545.310297][    C0]  ? __pfx_lock_release+0x10/0x10
[  545.310312][    C0]  ? plist_check_head+0xa3/0x150
[  545.310330][    C0]  wake_up_q+0x91/0x140
[  545.310351][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  545.310371][    C0]  futex_wake+0x43e/0x4e0
[  545.310389][    C0]  ? __pfx_futex_wake+0x10/0x10
[  545.310406][    C0]  ? __pfx___handle_mm_fault+0x10/0x10
[  545.310428][    C0]  ? __pfx_down_read_trylock+0x10/0x10
[  545.310448][    C0]  do_futex+0x1e5/0x350
[  545.310470][    C0]  ? __pfx_do_futex+0x10/0x10
[  545.310492][    C0]  ? rcu_is_watching+0x12/0xc0
[  545.310513][    C0]  __ia32_sys_futex_time32+0x1da/0x460
[  545.310539][    C0]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  545.310565][    C0]  ? rcu_is_watching+0x12/0xc0
[  545.310585][    C0]  __do_fast_syscall_32+0x73/0x120
[  545.310607][    C0]  do_fast_syscall_32+0x32/0x80
[  545.310627][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  545.310650][    C0] RIP: 0023:0xf7f82579
[  545.310664][    C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  545.310679][    C0] RSP: 002b:00000000ffe36d5c EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[  545.310696][    C0] RAX: ffffffffffffffda RBX: 00000000f7445018 RCX: 0000000000000081
[  545.310707][    C0] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000000000000000
[  545.310718][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  545.310728][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  545.310739][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  545.310757][    C0]  </TASK>
[  545.319678][    C0] Kernel Offset: disabled

VM DIAGNOSIS:
05:20:00  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85142ed5 RDI=ffffffff9a667240 RBP=ffffffff9a667200 RSP=ffffc90000007730
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3130383838666666
R12=0000000000000000 R13=0000000000000066 R14=ffffffff85142e70 R15=0000000000000000
RIP=ffffffff85142eff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73ba73c CR3=000000006ed02000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000066a800000000 000001b600000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000139def4 RBX=0000000000000001 RCX=ffffffff8b1a3819 RDX=ffffed10056a6fee
RSI=ffffffff8bb16fc0 RDI=ffffffff81702e79 RBP=ffffed10039dc910 RSP=ffffc9000047fe08
R8 =0000000000000000 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000001
R12=0000000000000001 R13=ffff88801cee4880 R14=ffffffff901ce4d0 R15=0000000000000000
RIP=ffffffff8b1a4bff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f72669c0 CR3=000000004cbba000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffffc900071a0000 RBX=0000000000000000 RCX=ffff888021bc1070 RDX=000000000000009d
RSI=ffffffff86568f86 RDI=ffff888021bc1268 RBP=0000000000000001 RSP=ffffc90000548b70
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=ffffffff816b5c4e
R12=0000000000000001 R13=0000000000004e20 R14=ffff888021bc1070 R15=0000000000000001
RIP=ffffffff86568fc3 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020049000 CR3=0000000078442000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000002 RBX=ffff88802b3f6c00 RCX=0000000080000000 RDX=ffff888021d30000
RSI=ffffffff8a1625d4 RDI=ffff88802b3f6c00 RBP=0000000000000000 RSP=ffffc900258477f0
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff901ce4d7 R11=ffffc900005f8ff8
R12=dffffc0000000000 R13=ffffc90025847d60 R14=0000000080000000 R15=ffff888012f74012
RIP=ffffffff81994f96 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 000fffff 00000000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 000fffff 00000000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020051000 CR3=0000000078442000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000