last executing test programs:

5.447088713s ago: executing program 3 (id=1099):
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
preadv(r1, &(0x7f0000000600)=[{&(0x7f0000000280)=""/117, 0x75}], 0x1, 0x3f, 0x0)

5.259565588s ago: executing program 1 (id=1100):
socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @dev, 0xd}, 0x1c)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000200), 0x1, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000100)={&(0x7f0000270000/0x2000)=nil, 0x6, 0x3, 0x80})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2(&(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000040)=@gcm_256={{0x304, 0x36}, "1a88ef816c4b42ed", "a5fdeb69a751e94df50ad7e9fb434d1665e9298b01e49419567b443803cf578f", "6d02cd81", "066580001e00"}, 0x38)
close_range(r3, 0xffffffffffffffff, 0x80000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000ff9000/0x4000)=nil, 0x4000}, 0x5})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000300))
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x80000}, 0x10}, 0x90)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x60000, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7d2})

4.679953311s ago: executing program 2 (id=1103):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_emit_ethernet(0xf87, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xf51, 0x0, 0x0, @private2, @local, {[@routing={0x84, 0x0, 0x0, 0x0, 0x11}], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df74"}}}}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500002000000061106000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r1, 0x26}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r4, &(0x7f0000001080)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10)
sendfile(r4, r3, 0x0, 0xffefffff)
mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0xfffffffffffffff7)
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
syz_io_uring_setup(0x239, 0x0, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000008c0)=@newlink={0x20, 0x10, 0x401, 0xfffffffe, 0x0, {0x0, 0x48, 0x0, r7, 0x60e26}}, 0x20}}, 0x0)
openat$rfkill(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
syz_io_uring_setup(0xd2, 0x0, 0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r8, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r9 = getpid()
process_vm_readv(r9, &(0x7f0000008400), 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000001840)=""/4083, 0xff3}], 0x1)
pread64(0xffffffffffffffff, &(0x7f0000000000)=""/16, 0x10, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10)

4.562712199s ago: executing program 3 (id=1104):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
add_key$keyring(&(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0)
add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000180)={0x0, "24f593dd3001f9e44bc11e57b90cfd2b9097d8f23b5908bec2176075de954a8b1fe538e0e81ee12c3179201a06b92b360e2409d87fcbfc6dd4a85d4424b6e17f"}, 0x48, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
creat(&(0x7f0000000080)='./file0/file0\x00', 0x5b)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="00000000000000b7080000000400007b8af8ff6681ac3793d0132a0000000007020000f8f0ffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
munmap(&(0x7f0000132000/0x4000)=nil, 0x4000)
mkdir(&(0x7f0000002200)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, 0x0, 0x0)
chroot(0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x0, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
open(&(0x7f0000000000)='./bus\x00', 0x400141042, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r0, 0x0, 0x0}, 0x20)

3.559809658s ago: executing program 2 (id=1106):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000880)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c00070c000000000000000007000000", @ANYRES32=r1], 0x28}}, 0x0)

3.149491306s ago: executing program 2 (id=1107):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_io_uring_setup(0x23d, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x9c5}, 0x0, &(0x7f0000000140)={0xb}, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1)
r4 = add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000340)={'fscrypt:', @desc2}, &(0x7f0000000480)={0x0, "98bc335a85fcb46e77b4a62df4fb31518b212894e9d3389051ff95768d1a294dfada597557590535bac6b2ecfd55f7bc08e6c0b554af0cedf300f1a450c621b2", 0x27}, 0x48, 0xffffffffffffffff)
r5 = request_key(&(0x7f0000000540)='trusted\x00', &(0x7f0000000580)={'syz', 0x0}, &(0x7f00000005c0)='$\\L{\x00', 0xfffffffffffffff8)
keyctl$instantiate(0xc, r4, &(0x7f00000003c0)=@encrypted_load={'load ', 'default', 0x20, 'user:', '\xbb\xbb\xbb\xbb\xbb\xbb', 0x20, 0xbf60, 0x20, [0x39, 0x30, 0x65, 0x33, 0x32, 0x66]}, 0x35, r5)
remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r8, 0x84, 0x6, 0x0, &(0x7f0000000900))
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETSTEERINGEBPF(r7, 0x800454e0, &(0x7f0000000280)=r9)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000002c0)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r11, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x90)
write$cgroup_devices(r10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e030600f7ff980128846360864666702c1ffe80"], 0xffdd)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)

2.696646637s ago: executing program 1 (id=1109):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6", 0x10)
accept4(r0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfed7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1a, 0x7, 0xfffffffa, 0xf, 0x28, 0xffffffffffffffff, 0xe}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000080000000000000000000001811020092cbd826acc4066c95e101b1dd0dd4a59086704cb55de5480500000044f306061ecf4e326470a7d9e42927", @ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49e1}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='tegra_dma_tx_status\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x141202, 0x0)
write$vga_arbiter(r4, 0x0, 0x9)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r5 = io_uring_setup(0x7e38, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8912, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x12, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32, @ANYRESDEC=r3], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
r7 = socket$unix(0x1, 0x2, 0x0)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg1\x00'})
sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="381d629233e595a6a0", @ANYRES16=r8, @ANYBLOB="200025bd7000fbdbdf250000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb542"], 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
bind$unix(r7, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

2.171916545s ago: executing program 1 (id=1111):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000014c0)=""/4097, 0x1001}], 0x1}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020030000b02d25a806f8c2d94f90424fc602f1a04000a740100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x4000}, 0x0) (fail_nth: 8)

1.92998807s ago: executing program 1 (id=1112):
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4008641c, &(0x7f0000000ec0)={0x0, &(0x7f0000000dc0)=""/207})
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000001240)={0x7, 0x0, &(0x7f0000001200)=[0x0, 0x0, 0x0, <r0=>0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000001280)={&(0x7f0000000f00)=[0x0, 0x0], &(0x7f0000000f40)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000001180)=[0x0, 0x0, 0x0], &(0x7f00000011c0), 0x8, 0x3, 0x2, 0x0, r0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000480)={&(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, <r1=>0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0], 0x5, 0x3, 0x7, 0x1})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000005c0)={&(0x7f00000004c0)=[0x0, <r2=>0x0], &(0x7f0000000500)=[0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x1, 0x3, 0x7})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000640)={r0, r1, r2, 0x0, 0x0, 0x5, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="680000002f299d28bdd7bd75325437d4e6c2aabec254514750df4b903120942fddb50240e539fb71a011f5b6b58bdd7853cc1db2c02824c4fafdd1658d2b6fce0f910be0c096c003e6db23bf5e407a28981722f5e9a18d6fd5a460ef21c9d8988d6a8217096f86357748787963e339554f2541b84f2bd70bb31f23dbd329da7a6accf6c1673c43c46b727d322dc740255a25d131d86cb908596e4be804de296e8f629b355c8434dfb57b15e7c3d62c5196274740cf301617622673e42450c9c35866726fa883a5a42a08889f2abf7f0bb3a8ee28fbcc76c00f9df55da4d64c3f65b72ea0c38f70edfcb3c76c39c046963acf4d750705db60edb153fda1cc8f161a1f6becc193de1f8b26a6967b8005eb7f9d952aa77129b0df64c9631f9ab483cb45074d5262f3f0977f4a5df389e2dd460d90b059b97c1faf4d7fd59b6bc8e57330f0c36e4308b52e8bb1b70d9f90f30ca3f6da42bf91dfd9d20ba910ac3dfb8f8e5c71f30d41785d772cc8bf9f94b79805384e5751d6b1e0d141d8f1c1f96d23f731c431766ea1e919859533739304fc6aa981ebc5cc158ba4769df6853883dd02899c92bd3f91776c3c50e0a8b90ba93520186c1277a0321aceea54bcbe09784f8ed95e77968ace32f773668286c8e8ff8d932e7540bf22f02440a8c91bd7259a8ed397e39ac864872dbd71b74d8d9bb3bf7b046eff0c82f1c1d7d56149f3461af89d04fb07a28f25fd", @ANYRES16=r4, @ANYBLOB="01000000000000000000010000000000000008410000004c00180000000062726f6164636173742d6c696e6b00"/98], 0x68}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='$', @ANYBLOB="00000000000000ff"], 0x24}}, 0x0)
syz_io_uring_setup(0x174a, &(0x7f0000000100), 0x0, 0x0)
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='gfs2\x00', 0x2008044, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
r8 = syz_io_uring_setup(0x24f8, &(0x7f0000000240)={0x0, 0x0, 0x1000}, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
syz_io_uring_setup(0x3f55, &(0x7f0000000740), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r10, &(0x7f0000000180)=ANY=[@ANYRES8=r9], 0x118)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0x10, &(0x7f0000000300)={0xd349, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/51, 0x33}], &(0x7f00000002c0)=[0x3], 0x1}, 0x20)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r10, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r5, 0x2d3e, 0x0, 0x5, 0x0, 0x0)

1.908677432s ago: executing program 1 (id=1114):
openat$adsp1(0xffffffffffffff9c, 0x0, 0x421100, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0000020000000000240012800b0001006d616373656300001400028005000b0000000000050009000000000008000500", @ANYRES32], 0x4c}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x1, 0x3000, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket$rxrpc(0x21, 0x2, 0x2)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
unshare(0x62040200)
sendto$inet(r3, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r3, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x8000009, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r4, 0xc0f8565c, &(0x7f00000001c0)={0x0, 0x3ff, 0x4, {0x1, @win={{}, 0x0, 0xb42d9aa9, 0x0, 0x0, 0x0}}})
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='bic\x00', 0x4)
r5 = eventfd2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r5, &(0x7f0000000b80)={0xa0001011})
io_submit(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xc, r5, &(0x7f0000000180)="80a3bb8d62bc20448b1c41870d4c7bc79be6ede7936767f73df4b478ed8644b26ca902e4d392a993cea9bf0e266edad34f9f84", 0x33, 0x5, 0x0, 0x2, r5}])
syz_open_dev$sg(0x0, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, 0x0)
r6 = mq_open(&(0x7f0000001140)='rmdF\x17\x16\xbc\xec', 0x1, 0x4, &(0x7f0000001180)={0x7, 0x0, 0x8000, 0x1})
mq_notify(r6, &(0x7f0000001200)={0x0, 0x3f, 0x1})

1.389805426s ago: executing program 3 (id=1115):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0xf5ff, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x10}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)

1.32999803s ago: executing program 0 (id=1116):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000340)=""/69, 0x623c41ea}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
shutdown(0xffffffffffffffff, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x101641)
openat$loop_ctrl(0xffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x80041285, &(0x7f0000001080))
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x7, 0x0)
bind$unix(r1, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000400))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death={0x400c630e, 0x3}, @clear_death], 0x0, 0x0, 0x0})
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
lseek(r4, 0x851, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x1}, 0x8, 0x10, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x716}, 0x10}, 0x90)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4401000010001307000000000000000000000000000000000000000000000000e000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8800000000000000000000000000010000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000048000200656362286369706865725f6e756c6c290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ddff07001d000000000008001e0000000000bab339d35fdc973e475f96c4894e8bd0fd22fda352c26ee7cdb5876a8fd7d6c1df350f53aa634996af8070221d88bb10a761428f86820ecf733de86259772d784a662718afe0e07ac39e67c8b823c3f627c5815e2fe3ad4c5e89493d1046965a3259120115786ac2424fefb523f3735dfd4cc47bc2a55a9a1d7d6b069383cf5e7e15d2636229826f78c03683076842f8e6274f2d8b4e0bd4a2a6935645c3a0886040c852704fa3e1b6272b7a1da1cc1038558427a3e50ce76036199f81b55dbe8c1c7bdd6f60bb8ad5d1e178649df7d8a30ea8dc621e11f59d694fca1a6b755b6c18c947fe317551056bfc3f7750a77187900a92ce0960be2fc239124aa385a4cd05ac81a3167130cc7494881a0eaeb039e17b0e49e5aed5f49b83ee43818b268c6c6fe57142956f634510"], 0x144}}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket(0x40000000015, 0x5, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x5392, &(0x7f0000001500)=ANY=[@ANYRES16])
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x4)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')

1.328980037s ago: executing program 3 (id=1117):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0c82, 0x0)
write$FUSE_ATTR(0xffffffffffffffff, 0x0, 0x0)
io_setup(0x0, 0x0)
msgctl$IPC_INFO(0xffffffffffffffff, 0x3, 0x0)
r1 = socket(0x200000100000011, 0x803, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000000)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14)
write$binfmt_aout(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="90030ee7ff072d2203000e2108060001080006040002c6b572da3e9647000000ae515669487147"], 0x120)
ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000000))
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000040))
r4 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_REWIND(r4, 0x4147, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
timer_create(0x0, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

1.209791139s ago: executing program 0 (id=1118):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x30}}, 0x0)

878.942986ms ago: executing program 0 (id=1119):
syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000cf18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000240)='locks_get_lock_context\x00', r1}, 0x10)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r4)
r5 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'bond_slave_1\x00', <r6=>0x0})
bind$unix(r4, &(0x7f00000001c0)=@abs={0x1}, 0x6e)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000100039a00"/20, @ANYRES32=r6, @ANYBLOB="000020000008000024001200140001006272696467655f736c617665800000000c000500080005"], 0x3}}, 0x0)
splice(r3, 0x0, r4, 0x0, 0x10500, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000140)={0x4000000})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ff1100001f79a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000001a000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffffffff55bb2007ee51050512b5b42128aa090a79507df719af36349f298129da4871307b534bf901115e17392ac66ad022186a8929d1c000006146001e04aeacea799a22a2fa030000c412f6cae80043eb27d53319d0ad229e5752548300000000dbc2777df150dd488318b5790bee7e6c8bd03acdd77b85b941092314fd085f028f4e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b217369ca8b6712f000000001b1df65b3e1b9bf115646914ce53d13d0ccacda1ef16fdcceaede3faedc51d29a47fc813ce3d32cfc7a53ac271d6d6f4ea6bf97f2f1be2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488e40b030166565a097b1b44b451de7940b0000db8db03d4b7745fef1d04ec633dee254a6d491b8496da787e814c4fdf0b4a387b4c8149d18c1020029a18986252a70f8f92eb6f0e8c7db000068fbaa2e2a27efd9104297f2c58159f02d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa909ac06b57479321a0574fb304bc2a1681989328c8ddc20ea011bf5742e0ef94234db1f00000000000000c20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b35f421c3552772ca7f3e2c25a65f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41aad8bda74d66f47cc17d8ba3eec0fd80f82c5f573c6d294d366505000000da0fde0745db06753a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da323947004cacadcaff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4a389469608241730459f012b060e7d23fd39206000000000000eb55d001623258a141bd587cc9dad46de56ef907b059b99a79ae5498f6589880ed6eea7b9c670012f80cd6a1397953ba5870786554df26236ebced9390cb6941b8365d936a7d2120eca291963eb2d537d87cbb54e588ee5d6944ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a0aa9a104e16b3b8c6e64836ac3f32f53c9a2bae513464ca03aff14b9fd8cd9539f5096412b92012e095b84c202060098df3314f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c363000000000223201780200c6ed7966130b547dbf8b497af0a77f52f2cd39000000200000e81c23cf14156951210001c800000000001500000000000928ee53595a779d243a48cea769470424d28804c026ab7f4a5c81921e0128dfd70b438af60b060000000000000056642b49b745f3bf2c01808b6d7d748308eea09f0161b4735efbf3411738d6ee7aebf9ef40662d7836d252c566e1ee938a9a6804ed3a1079b0282a12043408cd60b9e53978c81839be0000000000456f7d2a42cb13da2022f23eaec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea394cd8ffd3d628293e591dc6f71c2710a7ea8a4fdc214e1cc275b26adfa892e6de9200000000e50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab50fe82d5a96b09c68c73de2f04f15d005387577f480000ea65559eb00e014df20fa209bcbb5c252b11a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535447dc0fc9d5f99a145dfcedad69da9cd4b75c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d583f436137a3c5dc714c9402c21d181aae59efb28d4f91652f6750b9195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa80900000000b6638c420eb4304f66e3a37aaf000000c42a570f0e9d76fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284df80e4636c25b96174327d82761c26e329555f9290af40000000000000100000fd3763655500344bae34347f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419a5c16e2055b85058099448430587a49bed2ee9647c5d3bbb47bc00edf5e9020c09ab004321610b857e8717974b633b21cb32f0e03280e09758bd445ab91d201782d656ab09f508bbbaca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92b32af00f191b66b6a6f732a91f0a2e9120be61e58c79d497247d278888901d44bf77e8246605a644e9e3d769db497c3960df05caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f3101985602688888ccb85c87b4f8ffffff7f000000002c331fca0e541b7ca2119ff0d61c5224550346115b43f8b1894c8fa8a14dc4810f61ae01000000000000000000000102000000000000000000000027c9585c0cead5d619d18475ccde2857279a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77a23b0000e49666c464d35ca9b50f3ed3e535b3da8c17a23692759ccf5a205311b7d122532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952b3d42c68a3102fa1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e8918a0d6e2949affcacb5ba0a56aa063b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9448a2ff93060ff073b3a113e47edf76f7d1b8b90bc0df4cfb0b9c8c80158b44ecae9420654f7016b0aac117087406d343e27b372d6027ab2aec2bcad7fe6bb932bc5751d2974e95455a277fa3b472bc7bbdd2ac5a1ea608e8137ace03361607cc1a84be659355629ab13ad49008c3fcfa2423439a3607961d5b59da48a0155e8e42cc13c702cc40c99cf86c2021d72f9f4ab1b00de555a5a39593c93871ff7eb5ecadb64837a2d88723ef65aa5152e3d5864e57581b61f2b0960600000000000000265f091e7bce17d20604c5ab751773a5cf8a719a7ada06ed03832bf274707c7c970edc20f4a1eaa3b610450d2025cae6d2cb639ecd58709b05a20097208d03f7a146a6901913618738679d4e0af53eae997eecfa0dc3dcec19d3d9205450765d659220c92701ee75c8710470d9eb6f62c5c721883f1544ba66271c8dab05a933746c16b6e93294b561c6715a32a394ed1e6c01670c931bfa52c58c6f34d64e758a7a7f7d33c49336d4cba2cbb170ad7539a45774dfcc55257215c8ae719dc1c232fc6699ef01005887d04a543030b4328ab48744ac23ff56fd2da52eb9fb2eefcdd2d92d73ac1b111ea8b5e1fec36a3579879acfe366d393f1fa9cbe08d9ba57a443643e9cd251dc88e91a5e458e66ea1e822d55d4dd919a95eb4c25a08cb6e1070000003a0fd07a4ad9df240e00006aaa2db0dfe416146840d88bd08365e547c970e2983200703864a3b9e1682cb479dad6d34d211b05267eb1355520e9ec0c5014b0832f7fb35782fdbfcbf5e23a7f5d51ea480371748d18d8e10608ab8261fe058d1732f28814a9981d84a04a2bb36c89bdd245e3293a14df1ac567301a79514f103abd387d6ef2d9d94508ac0f6135c8921279573eefd5d4e33b9ef585980789a94d9848906f545559d30000b5040f0776703363249ca984cbb09752f099efbb9e7362e4999594c1086d8958e9469db01d85fb0b9b3148663e9ea2e755d96c70e540b4200e4cf82986712dd733b26d00e947d03c42215118426d548cb2077b43b89e4163d260faea1db53e2cf3427c90aefa2662a1c2b28b0e020e872bda1d39da508de5dbc37d03ee056b2579a1d16799589a2600000000aa00006c94bcaf115fbbcb216e3cb7fd9afe16d1fff2d047e508aa5f6de0ea4e9ec1b3a4ab1f8b5f312fc50000000000000000000000000042709db6de7e969ac0ce18b47280fb1b1b1531648122fed3e25edecb5200f5000000000000166f7d36b2966c19af7ffa6afa69e50821c9aa3ae60fbc196cf8ad2f7f86d79db1bb0ecbf9c3d0d3d407574def838e4def26ed9c7e6c69858f7813be8ffc565583663bebfe7485660b67e1436cbc6d4d3c48ab7b033d7d1195173edb16643f69cb779802839d490a4df94e5ea89c192af2ae83876edd59c9a7140e12ba591f073ec604f7e8f1e100cd414e9237ecfc052d9a73a868cd0e4b06da0435af72fb0d25657e8f5464b19fa83f977e6900000000367871fa37420e7a232ef9b440bb0639994c655d144c5786939d6a187b8182ddd2bec36cd28371b1754cb6c53697fb23576ee0d3fd0a5803c9be9fe384f1a7a9a8eb64d17d238fa3238a001aa8ed040a69e9ec0a627e3b3ca64d4680d819c14c71684581000000000000000000000000000000000000c6a6587715865fe14558960bc936bc83abd1f2a00b17a407457681d0760000000000000040000000000000000000004faeabea6de40ae30291662594c993099ef041c264a64d77d69e0cdfa620a191704cef91e269044acf752b55690075fa844de65a099200265e13c2a8f9b717886dea8e79407e34bc268a17965033ca1d000000000000000046595642f9fc008875ddb7aebda7a16b1d20dd8b65bcdac8cdc75a173fd2e57a9c37bf5a52ea001ec981dd7ad4e5944575ced39233ada8f3c1b856644812828bb79536a5188d14fe537250dc107121534cbbc7598f48aa2335616ae8eb72acf6982048e568e37f1f58e9714343587734c7ec0fa5c44d13165d6384bf9500757b4b0275950d6e7c451eef3fd353d47c54c4c2cf7318e6c24583ba0966225284d1abac80786519c563ddf0e6c023d537ca6e0d6d4e072c98f45415d13f0dcea174f162ebd00b42264f6fa3dccd09f4101dd254e54423b30e06713eccfacb6ffb38afff920980af938a4d78f4b9a6b5c7424e91121cda789104ee490d25843f1622bba93257cc23e45cd7ed42abdb991d51804e674e507dfd53b5ab6944df33f4f494b9ae0d2de410539828e82a939ad82b385e66809d7d4d3630b6f22c2f41fdaa0fadeea09fa4f7005813643c2d6307d55689faf6f656327ac5872a3bd4c11363909a8b9f30e5401993a0f6e1a9b42287542647d1e86b02b7e36319414629ac1f35572a9cc1e98ce1457f922da0c2de76c9e97944efad0a3ad78cda81c5b82709d696e85bbf4595ef9664a6aff8cf96446cb6c26595f4eb659d26c846471f6551dbb24fc6c03a01e33efcd5939472b687d31be9bd9bd1bcda45bd2236f06c000000007d348ebcb9d810d4dc3c55bbe4055ce9c45267daeec7a7d8b498f56ee933cc02fb53c2c28fa09ce5ada5687889357599971a8c794f8ce23c1f7add4f65280ab446ea2d130000000000000000000000d1a0313ff63bc4e4463688db1d6ac7f4595a02c89349a973f118d936f33ea18e69d7739f4532e1b8580ef125b47cf5b402b6f2beffed6cc9afe2b548c4dbc78363118818d9473f29d52444685c41620eeaeb1f8786e87aeaf287fb9b63b30e6761507503dcd47b64f0b6157d970a989844f9b7dbe83211cd7999c82bd151bee0c67f3e6642ef1772d759df9ec9b4197383f9a66217e180e434e650dd560aa3ed42acddd44d6f45807a3c63e15929cfbebc7eef1a219d3147a6c06bd974168ac689392fa851ebdf524ca2331148ff7e855cccc106074ca92153734d5c5e3f9efc6592b08e0c07c7b5d42ec71484bb2a4c0f4293138369f39f9fa4a9cc607b42ba6102f918ce4e76d66fba450e94849962fae5059bda419fd2a170ea387c10a4ada5893f38486069ef1bfdbb432ab322ce87d7a94fa967135833157bafbed3b48bb267fc3aa56d1e5b66417a673b40884fc91ec9558eab6a08222dfe37767095b2d94cda881290d6017137595cdd53972353f485adfde8015cac0e1acd64ca97d67023f75a54b1ebe55053652ad16292a15e79dc58ba080f795f1a753d1c5c85475e286c548da6f669e5c34afc272e5a32f27264d9210acec3b65a264fd5e85d5f44979431eab3fcd8d33d5476e070d2e20e6156ad9c964ebbfe7d9096461b72530295b3603bf85b0c8f9921e9ca95d744bf5c03d60f7364f3fd9d98f7acc80cabd02d061818d028056c68805ee4783aa4b90d39e9b29085429de28c615668e4b4f4dd77b3a55a8058b99f3adff03294e01da549dd64cacd59382466e562a3f67ef5d042426659574ed041bc19ed625b7c0633154a290f69437f43065795d3ae5b11ee8e935b9969f5291a32ce3adca268162efcee3898e823affe0f50f7efe763d47288004a2b310e2a79115160b8e0e09067f26a7653a3a0886691fe44a307f8f344eb9512b632bc132c26220ec86dbf788f4fadd493c37e38f782fc1c0e64f7d3e6a04aa1918796fa53353ab58cfc4505147ed35624871b085e507c90b991a675bf2b6393a732f4a69c3859dbeca89140ba5b3f47d457877d327fa9b936"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffff1e}, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000280), 0x6)
write(r7, &(0x7f0000000340)="050000", 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$sysctl(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYBLOB="010000d500000000000001000000080001000c00000008000200030000002c0004"], 0x50}}, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

815.555211ms ago: executing program 0 (id=1120):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0)
r1 = dup(r0)
io_setup(0x19, &(0x7f00000009c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f0000000240)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}}, 0xfe93)
syz_io_uring_setup(0x109, &(0x7f0000000440)={0x0, 0x1bbd, 0x400, 0x0, 0x4}, &(0x7f0000000380), &(0x7f0000000280))
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00000000000000000000110000001c000380d0060700000000000600070000c6a1567e137a647bc394620000000500080000000000"], 0x30}}, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
unshare(0x400)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="500000000202010400000000000000000a0000003c0002802c00018014"], 0x50}}, 0x0)
r4 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x40086602, &(0x7f0000000040)={0x6b})
fcntl$setstatus(r4, 0x4, 0x400)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x490, 0x320, 0x6affffff, 0x3403000b, 0x320, 0x7, 0x3f8, 0x230, 0x230, 0x3f8, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0x2d8, 0x320, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}]}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4f0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r6, 0x89f8, &(0x7f0000000800)={'syztnl2\x00', &(0x7f0000000740)={'sit0\x00', 0x0, 0x0, 0x8000, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x7, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, {[@generic={0x88, 0x12, "988df0f003b4cfa9f6c3f9ed111adfcc"}, @timestamp_prespec={0x44, 0x2c, 0x69, 0x3, 0x0, [{@rand_addr=0x64010101, 0x44d9}, {@dev={0xac, 0x14, 0x14, 0x7}, 0x6}, {@loopback, 0x7fff}, {@remote, 0x8b}, {@private}]}]}}}}})
getsockname$packet(r4, &(0x7f0000000840)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000880)=0x14)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000009c0)={r6, 0x58, &(0x7f0000000940)}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, 0x0, 0x0}, 0x20)
close(0xffffffffffffffff)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x48)

414.531979ms ago: executing program 3 (id=1121):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000080)='GPL\x00'}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x90)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='sched_process_wait\x00', r5}, 0x10)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r7, r4, 0x0, r7}, 0x10)

286.199139ms ago: executing program 3 (id=1122):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x88}, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$netlink(0x10, 0x3, 0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
open$dir(0x0, 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000980)=@urb_type_bulk={0x3, {0x5, 0x1}, 0x600c, 0xc7, &(0x7f00000007c0)="68924ac614e07886a2bb2b00602eab62cb1908cf34c40aea9fc0223338648d5fae9790709fca03760074f49bc226420041ed7e80eeeeeb825271e7769edca4ef6d35cade8f8faf48d048b424201955d90a1354ae6be9f880a60b19171e30fe409ebdbc4058240c7df57a9b8257b7966d3af76cedb64597b3f651c9598c1302c4e81d83f1cf1b7c7d118f636fb669cf8cf05249723e268cb176d3313246cde296946dab605e135dd2b93042d3f9cecf55d34173befee87d43ee05c6cca73a189058eeb084b235d89767ddd4a12b9918ccd1a4d263bf8806c63f3d57444231bc2795b26b236addd8915079240ebb3f395d", 0xf0, 0x0, 0xffffc38f, 0x8, 0x8, 0x5, &(0x7f00000004c0)="6d25f92cd8a9a63198ed059414b5afbeadc9c1b3ef1d8ba2c0bf5dd8ba2846fa6eb600db6e523de838c3872dc94b9c370e7fb0035c8a446adf302b31a8f7d324495128bc9ea457e351e8db0edf034fd835419e95d00c34f857367aba197a8e87582265"})
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4008af21, &(0x7f00000001c0)={0x0, 0x4000000, 0x0, 0x0, 0x0})
syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x10, &(0x7f0000000340)=@ready={0x0, 0x0, 0x8, '\x00', {0x1, 0x7, 0xff, 0x9f, 0x2}})
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000000c0)={@loopback, @empty, @mcast1, 0xfffffffa, 0x7ffc, 0x9, 0x100, 0x7, 0x100, r5})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000780), 0x4)
unshare(0x16020100)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x7}, 0x4)
syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x8, &(0x7f0000000080)=ANY=[])
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r7, 0x0, 0xd2, &(0x7f0000000040)={@remote, @local, 0x0, "5bc124a9f61874ca47cb07b9f68686573b0df3fe51604f4e7dfb79dbf5bcda2e", 0x4, 0x40, 0x1000, 0x550}, 0x3c)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@mcast1, @mcast1, @private1, 0x0, 0x6})
syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x8, &(0x7f0000000240)=ANY=[])
socket$nl_route(0x10, 0x3, 0x0)

285.666972ms ago: executing program 0 (id=1123):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet(r1, &(0x7f00000006c0)={0x2, 0x0, @dev}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
sendmmsg$inet(r1, &(0x7f00000019c0)=[{{0x0, 0x11, &(0x7f0000001880)=[{&(0x7f0000000540)="de", 0x1}], 0x218}}], 0x1, 0x4008440)
r2 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2e0003, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r2, 0x4161, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x0, 0x0)
mknodat$loop(r3, &(0x7f0000000100)='./file0\x00', 0x2000, 0x1)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x18, r4, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x18}}, 0x0)
sendmsg$IPVS_CMD_SET_SERVICE(r3, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x38, r4, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffffffff}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1000}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3ff}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$packet_buf(r3, 0x107, 0x0, &(0x7f0000000280)="6b5706f02a937cc8bbfe5523b28b1f0c3c36d730448a826b4e42584c0b8ba0589d3f91303818d2fb710a9dab434f80b5dc25412dd763ccefe3e12928c112921916623ccdb702514f2ad6095cf469e49eb12b5df093738951c00b5bf3c895e3f5b9919cd30c80db046d486ba6e66dbfb9c4", 0x71)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x6)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/16], 0x0}, 0x90)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000040)={0x0, 0x0, 0xfa00, {0x0, &(0x7f0000000000), 0x13f}}, 0x20)

285.127784ms ago: executing program 2 (id=1124):
capset(&(0x7f0000000480)={0x20071026}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff})
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000cf700)={0xdb6, [{}, {}, {}, {}, {}, {}, {<r1=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r2=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r3=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r4=>0x0}], 0xe, "7418147a6bf097"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000d0700)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r5=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r6=>0x0}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}], 0x40, "50262ad261edf3"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81e8943c, &(0x7f00000d1700)={0x0, ""/256, 0x0, <r7=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000d1900)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1, r6}, {0x0, r7}], 0x2, "f741c8f60af371"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81e8943c, &(0x7f00000c3e80))
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f00000c4080)={0x0, 0x0, "6c25f158481f84d51e78b363b0c52eb388f853d1e6164371b16f4143d750b669f9957f4512bd7702397729239d4d66bb49f4f89e7e91bb5e6af383766d9d8f0bd888e706abbc61865563d74aa8b60306bb51177a3526d8bada2e227fa0e7cda4031b44328a7f39e12daf973574b8930894e583fb00af9b692b2baad018f99cb4dbfe3361322cfb2b92d6a42804ee5ae2f209d3d8bdbda815bbc29351445cf77352fd86b9a2e4463ae0410aef723ef07732918afefd971da993a9827eddeaf80018480d7e9465b1ad90bf1682f281aed0c1c1ce8dee77ee46fd1cf3712f6a78c1eeecc15e7c34bba8db31519fe6b0fabf1c34213e341124c2e770387cd2d4328a", "bd96c7e72c022df27f7120efe2a74596deddbca7dede0b9a04f7d2f3d0fd4581491379d56ab8d15aa2036b613554bd7268e9185178bb269db007e645536f4215d6eac340d8de067c7d8721ba0d82ab5e786e912774b4fe3978c2e0fcda529eaef067850ebd4fcd0d66303d0efb1ee33d3e4d04a6df6007482597475c6dc9e838ccaf5101fb9049bbe9502d8654404a8f5a91242ce60a6bc49817763e9ab9def3dea1fb486e89b4d57e0f93234f9e346ea1c268714ea3da05f732414c5762a36666fb2922ee371b70a1acbff63894ce012c5cb521c116c0bc4c24dc343aed46c80097dcbbd397d4d6ef78927f99b6d02e6c9a0e53a7a4103eee93eaf8196ffb75bc6bd56198c588f06044e985e3a2c4484d73bdb6abb7bf502a271261b9a422b4bf89fcb74b0e32a5431c0839233abe1c40aa6ceb69d3fe518c14998bb645dfb0b4f004a05f530d16ee27449d43eef504faba13fde88d1c0bd920471c26327404a798f36745ed6762e93ef09384d3a5709506abf6bf2d9111e5b7e6a608919e284ffbc407df578a2ae572fe02a561c286b75d6aaf6cee14c02886df385fdd28503b17f2ab824ae1b66c4f1a7df9ebd058280579b6239cab347566dc38266be366f820fc499efd3b1079b0c549e03de69e671696934e19e2eb889a4974d136c730345957e0b498bae8c13a7fbe2744c01f86be3ff177952b251a4c6f05d1963d89d050e04833e9aeffb02d84612baaf9fa7254897ef4424807cd4b3de99d2caf42ddb2246a476bce4243acd6e2237a72b0a3367742b56802a4d5ad95c9270ffb1d98746515c69a259d383c0e59a8eb661ee5c615c687d08b8ae8c259cfe0adccb29bc2a240ff157f9c7dfa0f29c46bc853e1633fd24551876c5abc31c091ca55ef830edb15af9188341451191bfac5040611674c3dc206f43a31cbb85172e87698707b9e428d736b92474941edbb0a3ca0becc3f675f81835a784d4cf5cf979ac1c0ae143706f1a91264b274d8560aa821b4fdc7dcaaa64560a7c00c3313c976b24eb918922498d5cb3bb5219eb51bc622c258853eeb205c53003878197706379fc08106ae7a2b6baa35ad6fbfa40604df4c38c22eec0eeea532f279dbc4cf1160f69c7677b60fb2eab38d41757e6c2ddb9f92d4e68107281a671fe110d06a4373477ff24bda893ef21c682d2e80f83e67b7a6c80db9d6d91431223527c9a3602289ba27ae8c10c1eccfd2473c71a4f5192659794ef7bf66aac48f5cc9cee62087dcdd1a8be078f7cb8962f654fa4fe6959aeffa44e9ade21448aedcd061da76b8f61607ac90d01de2617669fb3f68ed7153847986d0aa7e45b28e66681f2f0ee338b1338454c7e46d9868e0d0c975082fc76ca5d46597028fc94b597d69f533f71d7804a63334d12ad2a5c3b295d5502e10b86884813858fd521bed807bdd6c0139b4040788ccd6c9a21bb57205485f60a53a382a4a265fe11012e5962a886cfdff4982612c271e6855f83b5a18ab6d79768c30c59198fa3b85fc0213ac459c6134f672887e3bf0e955e6dd09559189c931877169e106af583f8c6dfec5be810eb898effcf768d68a41b58460d2c39ed27712391bf0d5178f370cbce56820e7d2cc4bc4c0b9c602a9569a727f444096c3be5420cff3e31ccd791e2c1e64f66c7e0a0005c0df0e4a1b51560884bbc7f85b7e0bdd8f7d1c5a05a5bb4649a80c1b8933f6c4789c4f46fc3fc2b82ad3e783ef47788378d6dc333e2aca29719b1e658b3ea3825465edcb17e0e36754436efb445f6ab6c7ad286e03f68bf6369a0c6ec0a9aefbf6f8eccaa0479308a98bb87d2bcd781b63880c274f17ee11850a9f09200fb9723e1bf438c49385eb3ca0d2a920fbc7252c087287c629612b4f238f5dbc328f1f545d666336f0a79ab72e72685ebaba355ea8db8ef021ceff550f8d304a4b3835ec954cb0e505ae4b1205ca9dce477bc7db0ae50e087cbb91492fe323946fed8aef2aa3bfcb1c79823a5196fc8664a03145c7e1e169c838ab42e988b4de43b1a0fb5931d53935a64cad16a25d2425d20dbe97b8227b3d867ed1281bea8215a6b969a03e0929d8edf8b7ee9e2541e2ac44bc3802fa0a8c9b8c8611f46f60cd620364f1cda7bda1201f24c181b4ff7b38e86b01480213c6bcb3c82eb926f15b67164797ca0bd07a5f86369e887ec2452235cba176317d2fadfb28d99a9cb6dc00fd702b6c7ac0b8f7bfdafb12cfd18cb48ed8d51d840210ed025531d3cac699006d5960d99d5a6bed14c02473bd6d749b13a08db663b652de2716949b73a113bec1be2a7fa5310bd740049d6eeed68583628012f42dc1f8eb45759a72c79d17c9ddf302294e6300b816a9f49d5d9a219fb31b8725de44c81e8c2e80eef7317dd729b080b7cb364fa64100d37352e565b41a8102098a15c5a3a5116b97b116bc14ce04276e426431c2e75094c7ee61954ec1aa3fb8cd403694d261d8d571f28ca66dfe823aab51a5fe1bd0c7a7b72eb5ee31f7470d9a20dbce3f841a2e00beff80f9c87a4c63536ace416e902714a5fd38f79464f2d0b08cc0a92f42b911b1b8099bd21be8737140e8d8cf0f5c8ae32e6079d34c5faba48ae1695af9619e0d740e09f3c5a13564e5774146c32c18293150c71b82cfdd93e56223aecd9334661c70920b8d5856ab4a5b88b3cf12c6401a2f214aca52cebc201c5c4aa4a68efd8ff8c17d754ab9c146e327e6484493c3643cf5e5668af078c52c073a3851598f2940f41081eb5ccfeb63d6bba0e84db2ebb335d18c0fa7ec044ffb518d03be9d1d9aa0afcdb2ef90c410b5aadb0965f99284f0d9ea3577be1fc20b1634b85c5e4f1f3eec4efe84eabab8ce24f7d55cd692beec34df63a47489504005597b85fbdf55ea8b281d47d0c7287b5526785225900d3f91809dc8a1d9e8a06a8a7ba92a4bb7a297d26d1ca89e847897ce68fbf35efdc6d4d415f3ff0dcd6ee9c37fbc574631c56aa1f31c4cc5a9052bdcad6019465d7a0b3cc7b5fb2198406f00e91e749048985fe58da057f36c98c1374b557a89513b3382bed686594583614d6bc8a341179f4cb7451286b4e0f6585d73781bb21dd0979bf94cc9ae493859ba120b2dc4d29656bf03e45b65d9ed2badf6bfce2a3de181c7e5a2aeae137a6b56138a6070ac7160503141b3c4455499bf7bda44217f1bb3a4fb74e77b0986501ca3a67dc26f78f30339997876366bffb491527dfd023ac5112c434c0946e64f12ef06daaebc6f6cecaa9af31acb511378ab61eaaff9d6ec94b3330c736c3ae7edd88f0f3a5e1266ffc301f963c138353279dc3e790d62e150a0ae523c71e6516d3f5a879accfb480f806698fd289d36917bad714677290d783c14f71a042d2059dc6b609a3f25f4579f1b1fca6307d096148f1cac87dcfc51b53e2d189d9bdb7b48fd0e832524561bf630166e311593bdd84ff704baebecac62e99c671e3bf0b9fb81ec2abb119639d05e3240ef90fb85d33b3c7d8bed18269d97cabd8888babee25cdb3ebd496eda1e91ec0936c7497d1c54a49092f73cb21fee61cf2090f83f4e79693ce3fc90fe5dbcbacaa3f0ce94af670bbab855de7df3b15ea47d70a4510d207cbef113bcb16efc2fafdf0287375fa1f18de38dfb7c94979f43161cdf1737487e8550a9a39f8343f71d291716f053d121942a38fd9b768221bb6ed76ced8ed72c5db7f9b0dfd48a680b0b95dd26ca16ed468600dbacb3f5f0e93e2df7b217768dc63003522bbf0cdb1f965a5498ac01fc6edad0a5912041f5086bcd924b403fdbd44f1faf6a6d5edcb191356a44763c5c0c4afaf86c0ff53de3dc1bd91279309528c9258ddfc8afaf466d49179d1a15c749a4c64e5eefcb7fcb805f90e5a447cc8415ead3a6c7f58a36564abf05145de62d7af0cc2db0a4ea318c9715b546c096bc30dfae81c4a5a241c679ed6cb86a2b870c7a988a4a276a0403fcaae09fdc2bdd500f14e1614e163892a91e9a11dc4bba9f73dba1531caa42294a589ac2c0119eff44de2dbd475be597afdc5bf17b6afea0034e9e136bbe00a37933ba97d094910c1d3b3635eff957276e8cfe400cd52f987d0bdd232093aff15aa7cc2ca4c4a9b5f3ec8547a70fbb3a52a6a2130126879c1c98055ecb8048597d472d27bb3c5b8040d0699319a4b640a0000b287eb8e83630704f18c09b4d97e2a2aa9ffed62807930979d3a7f3658113ac54c0eb760d52d79dc9f4bfc9b3748ea2f3097baf076f981eed790f96e2d251f6a575c1f35460123c89e5f40d28d232c5080322e10c51d00cc25dc7121c472054ed053dc451a81c8b116b610dc17cb732e9eea494e699a3b468e87d675a94ff827d1cdc5ab7cb6936b2782b0c9fc14c6800f7ed1a08030e4df9333f26e10a72c875ef6650a4953bf7fd1c1e177c7590ef2ad45bb84dfb3101ac5bcd3662f1710ee321a38a4de6ea9a2ee7939377c7ccc09a1ebdcac743552f79d952d073b17892076e1e32a837b170811de7ea25d71969ddeb9287773040bb1c4855e9a95f6f6e9aff494f66937edc47ebb4d4138dad8e8ee354dc70e1e71044da81cba6e375086cc08c445d28e240bc6ec390319278c5c3cb4eb1a711a4025dd6d0df5f0ec9264ef505e989d8152a3e2f6e1701b0659c36e450954373107ca9e7c2a69e5d3c763c445f2e2b064a3d1bb89aabef372033ce1d9b668e7635fc53c01aa77a0a93544cfeb6ee39ade701a3336748e8ba24e526c4e86070a29e10fda7036262e981527c5dde1b94f9d03bfd9d1d71b3781f280e358523808344bdbba3bf60def563fda79500e3c4c893bb4cd3c6d2395e9b52adbf4d81db5cfbcbfc7dfdcc2520e567d1766a776a3a1ef683968495f9be0a1354c780bc31ec16df2dc878cc82d5b3755b595590287a7fdfce8707568c229329066b93da5c84ceb41136e50cfc811aabce9ab98475eeedc433656e30bd008a4234118436fa51156887647e7fcb83381bd9c5f2d54ec3aaa96129561939dd55f64e0a32616acaa87ebd57d32458a1b071c5b59d38cb73e35f956a820f3d80ffe6153a1a8736be0fc410c3ab002c02e475f4b993a9b86514fff0138ace1c08ac875ec7adbd5dd2cbd57ab2ca4a1b3ab0c95be7b83cc182df28f5f1b42c3494af89559f3eea6c65059398c4af39b9d3cd0c2d4cf9d6cb9d0e55281db080dd95284deb4b29e67d677cfba3ca3b206639e0196e8919054c4592ad4428899c8e7288e65ebf90737b7888172ac2bc669f6c867f03ba1824526ce314fb4cdff54212c4de49b711a28c597c2b3a9cbe6947fd30764ba9f6e0c1461ffd9ba5c95cd3c842b4ca8b6580c7ca1d669e8635e1e2369292b052432c6eabc196856e4fa456e5ed16066b4d69068e7fc6f2b7120079a94bf0f5975a98"})
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f00000017c0)=ANY=[], &(0x7f0000000140)='GPL\x00'}, 0x90)
syz_init_net_socket$llc(0x1a, 0x3, 0x0)
syz_emit_ethernet(0x49b, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaa00aa"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000280)='./file0\x00')
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8924, &(0x7f0000000100)={'veth0_to_bond\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r9, &(0x7f0000000440)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r9, 0x0)
r10 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r10, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
dup3(r10, r9, 0x0)
listen(r9, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r11 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r11, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303034303030302c757365725f69643d07d694a9d9b3ab0308f77739ec7ddf79187f2056ef81f7319b0b85dc20e9caa965a492c923f6670471ac4f106fd592f4e3a8ce391f5d9aa00cf59cbf1add8dae28a216086f3fa57a05e80f137f35a3338330378996c32c440d96220399c458026780b1a9fa649ddc4321b6192b85c6c7cee1b34008482f3df440a357611655020c81f98df7f20f15d77005ce1c9bff6ea55e32574ac08fd4fcdc2cd5d60d60b096415c09aee0e7948c960568820d4b05bee4707a16a1185644aa66593018b19ae015e84446b832ea6d257b8272d91d362c64dc", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r11, &(0x7f00000021c0)={0x2020}, 0x2020)

157.934318ms ago: executing program 2 (id=1125):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x2, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000040)={0x3, 0x4745504d, 0x1, @discrete={0x40}})
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(r1, &(0x7f00000014c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001480)={&(0x7f0000000100)={0x137c, r2, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_WOL_SOPASS={0x1004, 0x3, "e82dac7601afee707f130dc0b07ef2ee5d6c8b03fcbe552fc5c74b21408383d152f755f6881f300f394a2bc85fcb261deedc64a5ae05241857890b0361b6dc640e8e134f577a4fe41603f1f2c105479ff5bcf29ff45b1a759b79c5194474aca77e3e06a3ec28321c3a3aad9c11374c6f0237ad2577aaf23b894f23bd61c69791247d3aef0710da6757988ff1346cfc41e98b77a9265a112d489f1fbb485317c5e08b70611717e0cdf38b0308cfdcdb51789d6f74d816cb0af8c9a5def7895231dc07bad2fc4d4dbde91267e59e3976916e85e2dacb0e781845d14f5aebca3cd7ec5f45128ef4b4a0a82b4b5c21fdc078d793c35a5cc3903e5bd06afb2bf90e3cad4359278cc13eaa7167f97eeb77fb411b0f4de96e829a0a5b13f9bf318c5899529ea87c3f87c20a64de0c3ecb949c3922a3db9d1f3abae4d40bc01cda078fcacc2ffe2180bae10b6da0fb96bc5fde8a0e3baad75387be5b8fd410786e0b039ac405288543b61c4687b4524b5967039723c55ee315aed92b8c84c0a899500b8198e5c6b874105513b01a48bd752f029c2757bf3348e0ab9a14ec0f7233a0254f710776da174a4d7123680b5f075baffe471108870bfb4c935c00c0a41f6381b6d1c4d33b31d09a4899cc857a57ee9825831f6b3558d600c87186d41f411cd2586f5dc4a657e3767ea0534ce7033206b6affdd2e61cac70a5020b31e777b327bbe8a4b4316d0af2d58d4d2462ec262e90d613ab84bc51cf9e12d7d031dfbd375faec03d06f5975027d050e1ac4c3a7502b6935870f985fe675c281ddbb3c78f968149b7c298800ea96c0195ef6914808bed85ed04dbe62c7ae85be3571ea7c7c7b7bbb2ac8742f73d6e9d95c0f761fa60065008244399e6e20dd3d592cfdc39558e78bbe70246be1276b84d1f73c06ef95efc8a74be9929ad9dbc1daa735193102b3aa616ad97c5c29d06ded0777a401b0b63a76a3531bfe9ebe88150d3b4022d3d4eb4f4af3d1786cd0a9dd1db6bd384ed7fe94be5240c2497bd8ae741ee80bda3bd0e7346333d58610078098b3e5ebce3e607eb006810bf1dbf0f953a1af7e7411f5feafefc796330051301c35304a05857198d473915eb9e332b1beb3f570a9790e6a7d1090eb8b079bc6e6b554fa6e4919a08146daf96f81fabcd7788126261fba6e764ae26a692a7853ed8733f662944a4148529be697ad6fcc1e978502ece46ad79c51a919de2e1dacecf1ae8e3d705a5202e224d5250685dc64d4ffa4cffafcc48ac05a34ac01911a0276b165cf96a16da21bd2b931e36d42726038b3b285d1e0a2f9fa5974e9852da0952dca24cd612fa9e6bf25496ae7f4ddc7b15052033e9ea215277479d3d34dab8d74b26f39c31caa38869a40b8eb33722e7ed6b69b3375e5c3b38bc3ee07a0016438ba81462f05753f2cd52447073abaab18dd0c359c01e354eda3327281f16f0ea193ff84aa66ae54b90d664f1aa33644509d5652c934a5de281aeb824ae820a8464da2a03c63e7ed2d17f3f8599fe8b3eadbe03a837f1ec8beb50ea4506afff7d3fc15f34e2c393d45429b2c48efdf2002e280bdd76121e78fe4cb69e38e8e7170827417aca69cb95b8a374b213ba8b067996a3140b9ab87f491ea33214a901c352b1e05820c6ceaa6cff73def4c468b60198a6b02caf5a30669794b3263e3ca78f78c01561faf15b1a8df231f07181d119945efe829a3c95a961f22c6e76aed6dc1b5529582c830735851a72cf03b7f12dda9fae843410629adf5c59ae27f891e14c68f428f6f885e9d5795b8bee52aa54b6e3bb799eee18b46b592341ea26eacd98336ac4f650f538c51ba878f2caf318568dac3e55a8fdd25ee101c3859f37caf6544f77786f6906196b420bef718b41079839760c72bc2b3280b88e253ceafa91a40b94385afc4a090ff9db41c9f76481e0bf1ee0c00d38842ec5c55250f6a0877f246abd4b33639d7fe2ba24273f22a0b728229c72d94e691d31217e0fdaac5e273e1d20086815423d4fff8c321325b4ad863f8475f550ffa6f81dcc38a81c2bdd4bc5b1d8199ae16e90750fb68cd55ebf6e8f261483f9fc6fcdffbf8b6ab5f099031fb1bc8ae8f9c94ff2bcc6a923dccb217204322752f69e2c13f66fce4d2644b589a5f13cf5b8163081d52a83cc09a986ff57959d1c376dcb3694402e4da08cf5b5170ae16d4b19d9711e663bf0eecc1d55e548c83cd502508330ca16190bf3bf77e2dd11a1deec9438e56d8da333aa8caed3b4a72644fae6432232fc33556a8990c9fe3f0f70a3f36338d7cababeea642aca87342f71322e0fcb2ce2375ccb872a042b50e49d76d8f929985acb06b3136fc89fcce21bc22d64c5a88c1a4da47e67a06e44598deeb730adbcbd98b0075f2f09abf3b9ff8844feff0971d485e88f49d359c91e02c335f60fcc67d02709535de32ad6665180a7795c27bfb417d889d75abccd266daf83878bc505015905a59dd83006a88c2cdef9f47f185a0434ebe840ae9f27c5d493f17cac7166f4d77064e4d558d38a6c3c6ebd7cb9fb8d1f0a81f1b3af2b0e685d3cb7665ac2ab9e0f90f2adb3436077884f1ff5435645172449d9ed7d4d5748d2533b22f7f1b8ba77f3884478f1fd379abb30774ed90c28d382a6589d7c9fa085d495cc86b21611e3287ee2b3aa6993e5de8923a462ee29af5a7abfbff94b19aa21dabf4439c5090adcd201feaec59e395e9861625120552a8bde32a5e64d5ece1dd550e994b2861a8ad95d9a77da457cdc6d97b74e3dbb9b988a05f5fcc8f86386c8f66ef3b54407700ae0924e4cc8898846056dee504c7411a8178d74e5333acba19b4a606c3ffa264a340a36449fd00197657263299722c5a5404648e6dc2b6a2c08a4cc078b74705d35ff9fcebef15f2924c99c443f9c223cfe7039421ae14c254a5217bafbaf319574acab9bdc671cc8211b4a5caebec14c7d96ad0cb06a4515c8191f226789287c013f73eb835cc8c309701e356e431de4c43a31072db96fe6b443588293272b184474d4ea6bd61a15c319273f0cc6fb325f50ffc342040445c413922f0b7e95a342fc95fc9c9ddbebf0d8502d8481ecbae4a3dc9b5ad71ecc250596fcad03fd408559eae034a1f04fd1833ffe3b16e489186c0a1bcea9b5b337527539a1e5651fbe35662ef7082fb2ab2ecbbe3c6e0b9c5ac42fc425c1b321a1d173a263bb3db175f9a9361397ff742eb69704eaa69b958f8e9724fbd07ebe54fe226a88c72b7099f946d02adb2a749ddd29b597d547ca2653026203b4012c90f4f1a6989c804d1364c1b9ea943e73e5fe69f044d209ed629b1a5b1e63f2e2ce237450014b96f1532522d9eba95fc42d231d540d4fcad71b2805487e74d875347064f5a6d227f33c98c49e449c77ec9fb0d0788d1418dec770833d47a88e816f86c5c64f9cb9a8e6a2b0764c9124f9881b59a953555882209053ddceefd8fee3e1910aa478093133d5a014351508951afe12becf2faa56dd01f98a660937bdd6849951e16494c63dc2d59d00ad32d8579a409ee9fc6025dfb88180d918e2eef7e5f3d5c819400d9a098acefd84591584f2f2c9ccef9970575b470704306d505ec2681d1e747ff82f0669dda0d83d1675a33cdd062151316696c23f34b1a321e391926ebd07df275d75a0caeb8cfb069a7f443d1aa94597da884af4f4b536dabd456ba8ea6a1d3ef898dfba2b20fb5854324c0b72c6f1d7389c0bff0556d56869fa2aa8c97eacffd6baf6c339de9efc3ed1b4a491c90e266376dbdf7f90c2c13eb76acc27bfaa8d8b730c5fa46471b09cbae2738410e9363e94af61e191a6ed12a83dc0337cd159c2947cd73a97b3e16f0217ff4dc25dce6b64ddcecda5fbbcd97281a5e6fa47efcab2eb6461811efad7fdc4a518dc96f4173c8617a204f2f7ece9c94b1d7e9fa32274b51d1eb504d3c747127756b5d424b076a4e4a51c507f1a1aee9fcdca2f1ec9413c7ca8f5803fd39dc0a43303fe976539213786558b7468ebddddc36c410f67cdc5b94763644e4fae4fcfdcc8a439ec8d39c68c9fad9cd80e21a7f8575aba9183be5e8cf32a6490544a554f86ffaccd8fbcdb8aaade4f57769cd5d39e378ad17e6d36da2fcb734593afc27d1048d353d81dfa783a0b2ef130774c411116228a242fc573be04a7c0a8a7af9f31ad0c28a5ce2ac397473fd3110ae3bf1a023c5c616d9b0a4156d41030fd4b0ffd53ed81c7dcfb4c120de751d4f7bed275b59a662f02226a44929b6caaea0eb9fed90f604eef330cef028e819cc31342d1857d97c8b3d2a9c7fe7b1345931da07501bf337552830df6b4e8b45951b7ef60e607fa518ad9faadb26a7d2cd9bece77200c20c2cca385dfb256c36defa208c8ca3b5a3ad722e4b92ee30fa889c7d9249120c8e84e9fd22a515b33428318e81dd63e42765b364ae6b4318fcbd7ee9692c7b115d98bc38ef9438827f97268cace7e2fb3366c5db3c7c054f39354a3f624cf9d2193bda1e87d51ae04d8016dc95d38a548f4a309877341a6ae356d92f686a9f1aad418237aaa99c1ec2b51921abc6fa5a50760fa4bbef09b711f1d7daab0f13ad8686072f2e0a9bfcf3bd9c6c9bcfd2aa7788b16daea0f4bb906788887e19b1810410e82b22c06d152d77612ce638b64836cae94987d9f9f48630f47232b08c4114729946450b510245105c79972cec354af4d8c1bc0d823eacb589f794c2e526cd71f587ff66a8bddfed2bfb81667ebbe0c272d24a4da8a548813077f9fbce177e1527a27d6b01acdd8f4a74579c7b3947d066c55d6fd19a346badacebc4287b5e65a01539a65ce4c7e6aa4b8c5b191f3515534b90f381726e79da56cc866e368d56df3b33f3c293fd171180f3733366ae64c05044ccca05d54a7de356d96243381ba2fa834101ab4cfdc66e950403a756932a417a50f29163680a0181a693c3462e3eaa52a0e48120ef4f01be23bc2b9459f3ba2bd54ee527ffd56d6128f5003c5730451e519007c3152b99a9e03263d40068241b7d4c679fa8616437b70b40a5197722cdfbd72b05347ce62266764257fe233d6ba24c541219d15c4ed5f508b30aa999f28a82af7e1892a152ee695816ffa8a9c1191d636c80d8bbe9225c73aad40341c27325b26189b55d8041c54a92bb4fb412552c45f60f5941c4738fa29e601146209beb272f4fdaa3ab5c43cd840c055ae0505e2fb253c391cd9d2d254bff5da136c66fc841589a66e3604c01e3ff751ace1224bd1c9984b3ca157fc1fb9851f2f56a800e3e06d90fb0cacd99a8eb805155c66a0e58cbd73f8b1025613002dc19e5b2d3622889f4b6e97491c73a1c096b2667f02dc67b1eb14eb7f5d5676e787b8f36c59c654ecc7b40eb8d745a6cffa78938cc736e9c348404390aefa5563812dda79c0f2ca8ca1d2b32016bc6a4ce2301c7b2f91cdd0f17f546140cc86f1d5147f79f4011ae767d1c11707c817468484ae746230706a110bb147f7d790f1acb7a2e3e4adacdadbef4af6a833e841d8b2bbc67bbf365fbf80e0c82e9bd2c0184bf736761564278f06eb0a8daa77721cd53b2da97eca9476f669073014f898404b1891e3e1cde5f54f83c590de7cec197eeef6ba84971c09452a187ca171ba1f285dfbef24c671dec40355ec792625daf52c6f4b469dbb3b4c3d9361c0f58f0ba07a2bb21f50317639aa42f5a76834e6d1d772531ec02e0b13d47bb1f1e09473d6ee8fbed34e7fc1224822ea43a37bebd48594c9ae6e3222354a33eb5900d6782e89ad40961250ac"}, @ETHTOOL_A_WOL_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_WOL_SOPASS={0x40, 0x3, "f055789f54f10d3f658d3d86bdecd3bb171a866bc19492696ecc73ff71be7961121bcc3b1b986a9daff093832a04b00fd78437dd1233648b695cdf34"}, @ETHTOOL_A_WOL_MODES={0x318, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0xce, 0x5, "5a6db8702e76ce0605c2e6e845eead7e0696d270bd7897b379ec7c653c96bd541012447e65258a07f5aaa5ddfe899f0e823552ddefc7abef59a387754aff3e1eb00941b04a1dd320ecf50d627fc1a7556cfc457a215a501a5a8e25fdfe7ed27a3a88e4b4dfe1404347f6f1117a6ca2814a3e11a65d27d85c894e4f0b7c97b49d43485237d4f769a8669c42179599f1e9324055f83a61886c99bc627a4441a3c8c2ab427c8578aa1bfe2d2ee124ce7a1206ecd4952993cd5486495e9cd6910644ef99d75473261897bed9"}, @ETHTOOL_A_BITSET_BITS={0xe0, 0x3, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x10, 0x2, '/dev/video#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x10, 0x2, '/dev/video#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x475}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xda99}, @ETHTOOL_A_BITSET_BIT_NAME={0x10, 0x2, '!$+$&{5\\\\:,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '$W[::+$\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x10, 0x2, '/dev/video#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0x2f, 0x5, "c0704aa891e746a3d1aeb7b649448bac0cf5e74a159075b09419f93e5c100c59c7001dc870a35381fc7001"}, @ETHTOOL_A_BITSET_VALUE={0x69, 0x4, "1cd937fbf82a0365ebc646d400d516867c116c44ce911091d2c1ccef5abf38bacbf0c1dc46018bcb412e61ae7e3733e6848418d8be033e94acc0af3941c99c443270a97418c0f9c91033710cb32dc41fc54092a1d237a321a9ec7e194842eeafd3f37dfb0f"}, @ETHTOOL_A_BITSET_MASK={0xc8, 0x5, "3d999bfd4029b0f489ea396426c7b6c648fd0657db8d2836e865a17e601c5e82e19ce76f1473466a342e4f60d94f1c14da7ac3aaf7728266c5797b7abf0e461c3b8d77a74dd5bfab387882876f5bbe363938a251876cb793080f5d5c495ce52fe5660f482f4cc42820a56d4d1aca7038461b3d847ef74441113a4de3e5e94351a83376cc01052f48d3812a31120e5e3be225d3b79b448595728ca180b0de94cf98a45e84e9fa466c044f7e736102c2574d19ef6eeddaef3885db8d6b4d962a25c32990c6"}]}]}, 0x137c}, 0x1, 0x0, 0x0, 0x4000812}, 0x20008041)
r3 = open(&(0x7f0000001500)='./file0\x00', 0x20000, 0x1)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000001540)={0x7, 0x2, 0x1ff, 0x4, 0x10001}) (async)
statx(r3, &(0x7f0000001600)='./file0\x00', 0x400, 0x1, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
mount$cgroup2(0x0, &(0x7f0000001580)='.\x00', &(0x7f00000015c0), 0x1140000, &(0x7f0000001740)={[{}, {@subsystem='freezer'}, {@memory_localevents}, {@memory_recursiveprot}], [{@seclabel}, {@subj_user={'subj_user', 0x3d, '/'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@smackfshat={'smackfshat', 0x3d, '$W[::+$\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@uid_gt={'uid>', r4}}, {@subj_type}, {@measure}]})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000001840), r5) (async)
syz_open_dev$cec(&(0x7f0000001880), 0x0, 0x40) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000001b80)={'syztnl0\x00', &(0x7f0000001ac0)={'syztnl1\x00', <r6=>0x0, 0x8, 0x700, 0x7, 0x6, {{0x26, 0x4, 0x0, 0x1, 0x98, 0x68, 0x0, 0x6, 0x2f, 0x0, @private=0xa010100, @empty, {[@generic={0x94, 0xd, "aa403dcfb279e15c2ab81b"}, @timestamp_addr={0x44, 0x14, 0xbe, 0x1, 0x5, [{@loopback, 0x1aa8000}, {@local, 0x6}]}, @end, @ssrr={0x89, 0x27, 0xa6, [@local, @dev={0xac, 0x14, 0x14, 0x24}, @broadcast, @loopback, @broadcast, @empty, @empty, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @cipso={0x86, 0x15, 0x0, [{0x5, 0xd, "0ec2a7237995bc6daf6449"}, {0xd3ad9f56c1396be3, 0x2}]}, @timestamp_prespec={0x44, 0x24, 0xf3, 0x3, 0x6, [{@remote, 0x2}, {@loopback, 0x7}, {@multicast2, 0x6}, {@rand_addr=0x64010100, 0x2}]}]}}}}})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001c40)=@bpf_tracing={0x1a, 0x26, &(0x7f00000018c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xc0000, 0x0, 0x0, 0x0, 0x8000}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x39}}, @map_fd={0x18, 0x7, 0x1, 0x0, r3}, @printk={@lli}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x7}, @exit, @map_val={0x18, 0x5, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0xff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001a00)='GPL\x00', 0x4, 0x51, &(0x7f0000001a40)=""/81, 0x0, 0x4, '\x00', r6, 0x1a, r3, 0x8, &(0x7f0000001bc0)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x2a654, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000001c00)=[{0x0, 0x2, 0xc, 0x2}, {0x3, 0x2, 0x7, 0xc}], 0x10, 0xfff}, 0x90)
ioctl$PTP_EXTTS_REQUEST2(r3, 0x40103d0b, &(0x7f0000001d00)={0xff, 0x1b}) (async)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000001e00)={&(0x7f0000001d40)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001dc0)={&(0x7f0000001d80)={0x1c, 0x0, 0x800, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x41084}, 0x20000004)
r7 = openat$udambuf(0xffffff9c, &(0x7f0000001e40), 0x2)
ioctl$AUTOFS_IOC_CATATONIC(r7, 0x9362, 0x0) (async)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r8, &(0x7f0000001e80)={0x2, 0x4e23, @broadcast}, 0x10) (async)
ioctl$SIOCRSGCAUSE(r3, 0x89e0, &(0x7f0000001ec0)) (async, rerun: 64)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000001f00)={{0x1, 0x1, 0x18, <r9=>r8}, './file0\x00'}) (async, rerun: 64)
r10 = socket$inet6_dccp(0xa, 0x6, 0x0)
sendfile(r9, r10, &(0x7f0000001f40)=0x7, 0xfffffffe) (async)
r11 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001fc0), r3)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000002000)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r11, &(0x7f0000002240)={&(0x7f0000001f80)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000002200)={&(0x7f0000002040)={0x1a8, r12, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r13}, @void}}, [@fils_params=[@NL80211_ATTR_FILS_ERP_USERNAME={0x8, 0xf9, "014d565e"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x7f}], @NL80211_ATTR_IE={0x17a, 0x2a, [@fast_bss_trans={0x37, 0x73, {0xfe, 0x2, "09b741d7963e53704c017fdf87466d59", "802286aa5afe597fbb84e9f3038c3f9dec222f5535ca808888120ad2272ace7b", "30155e6dbb794136c44c915b8d17a96b14a02bc615e6a591e7d31862ec6c4ce2", [{0x1, 0x1b, "0e12887fac78c1947a3bc1ab2e740226d46240d8fa8eab54a98142"}, {0x4, 0x2, "8896"}]}}, @chsw_timing={0x68, 0x4, {0x7, 0x1ff}}, @preq={0x82, 0x5c, {{0x1, 0x1}, 0xff, 0x8, 0x2, @broadcast, 0x4, @void, 0xa, 0xd, 0x6, [{{0x1, 0x0, 0x1}, @device_b, 0xc8}, {{0x0, 0x0, 0x1}, @broadcast, 0xd7}, {{}, @broadcast, 0x9}, {{0x1}, @device_b, 0x3}, {{}, @device_a, 0xd}, {{}, @device_b, 0x1000}]}}, @sec_chan_ofs={0x3e, 0x1, 0x1}, @mesh_chsw={0x76, 0x6, {0x2, 0x5, 0x1d, 0xfffe}}, @preq={0x82, 0x88, {{0x1, 0x0, 0x1}, 0x10, 0x7, 0x0, @device_a, 0x40, @void, 0x8001, 0x5e, 0xa, [{{0x1}, @device_b, 0x1}, {{}, @broadcast, 0x17}, {{0x0, 0x0, 0x1}, @device_b, 0x800}, {{0x0, 0x0, 0x1}, @device_a, 0x4}, {{0x1}, @device_b, 0xff}, {{0x0, 0x0, 0x1}, @device_b, 0xd}, {{}, @device_b, 0x7fffffff}, {{0x1, 0x0, 0x1}, @device_a, 0xffff0fb8}, {{}, @broadcast, 0x5}, {{0x0, 0x0, 0x1}, @broadcast, 0x3}]}}, @cf={0x4, 0x6, {0x7, 0x6, 0xa, 0x5}}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x8000}, 0x810) (async, rerun: 32)
ioctl$mixer_OSS_GETVERSION(r9, 0x80044d76, &(0x7f0000002280)) (async, rerun: 32)
getsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x11, &(0x7f00000022c0)={{{@in=@broadcast, @in=@multicast2}}, {{@in6=@local}, 0x0, @in=@broadcast}}, &(0x7f00000023c0)=0xe4)

128.294599ms ago: executing program 2 (id=1126):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000340)=""/69, 0x623c41ea}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
shutdown(0xffffffffffffffff, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x101641)
openat$loop_ctrl(0xffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x80041285, &(0x7f0000001080))
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x7, 0x0)
bind$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000400))
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death={0x400c630e, 0x3}, @clear_death], 0x0, 0x0, 0x0})
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
lseek(r5, 0x851, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x1}, 0x8, 0x10, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x716}, 0x10}, 0x90)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4401000010001307000000000000000000000000000000000000000000000000e000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8800000000000000000000000000010000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000048000200656362286369706865725f6e756c6c290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ddff07001d000000000008001e0000000000bab339d35fdc973e475f96c4894e8bd0fd22fda352c26ee7cdb5876a8fd7d6c1df350f53aa634996af8070221d88bb10a761428f86820ecf733de86259772d784a662718afe0e07ac39e67c8b823c3f627c5815e2fe3ad4c5e89493d1046965a3259120115786ac2424fefb523f3735dfd4cc47bc2a55a9a1d7d6b069383cf5e7e15d2636229826f78c03683076842f8e6274f2d8b4e0bd4a2a6935645c3a0886040c852704fa3e1b6272b7a1da1cc1038558427a3e50ce76036199f81b55dbe8c1c7bdd6f60bb8ad5d1e178649df7d8a30ea8dc621e11f59d694fca1a6b755b6c18c947fe317551056bfc3f7750a77187900a92ce0960be2fc239124aa385a4cd05ac81a3167130cc7494881a0eaeb039e17b0e49e5aed5f49b83ee43818b268c6c6fe57142956f634510"], 0x144}}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket(0x40000000015, 0x5, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x5392, &(0x7f0000001500)=ANY=[@ANYRES16])
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x4)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')

107.795138ms ago: executing program 0 (id=1127):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x30}}, 0x0)

0s ago: executing program 1 (id=1128):
creat(&(0x7f0000000280)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r1, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x1}}, 0x40)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r2, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x1}}, 0x40) (fail_nth: 8)

kernel console output (not intermixed with test programs):

1 - 0
[  175.562246][ T6956] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.587226][ T5355] Bluetooth: hci2: command tx timeout
[  175.648210][ T1155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.651552][ T1155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.686498][ T1155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.692523][ T1155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.889708][ T7074] overlayfs: missing 'lowerdir'
[  176.829819][   T39] audit: type=1326 audit(1723873629.055:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.0.398" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x0
[  177.255064][ T7086] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.274320][ T7086] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.656897][ T5355] Bluetooth: hci2: command tx timeout
[  178.233590][ T7101] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  178.236397][ T7101] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  178.241612][ T7101] vhci_hcd vhci_hcd.0: Device attached
[  178.246509][ T7102] vhci_hcd: connection closed
[  178.247013][ T1155] vhci_hcd: stop threads
[  178.251199][ T1155] vhci_hcd: release socket
[  178.253163][ T1155] vhci_hcd: disconnect device
[  179.643103][ T7114] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.649278][ T7114] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.205534][ T7134] Bluetooth: MGMT ver 1.23
[  181.258571][ T7136] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  181.261304][ T7136] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  181.298846][ T7136] vhci_hcd vhci_hcd.0: Device attached
[  181.303876][ T7138] vhci_hcd: connection closed
[  181.304055][ T1111] vhci_hcd: stop threads
[  181.310063][ T1111] vhci_hcd: release socket
[  181.312018][ T1111] vhci_hcd: disconnect device
[  181.726733][   T30] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  181.896814][   T30] usb 7-1: device descriptor read/64, error -71
[  182.187726][   T30] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  182.281558][ T7158] FAULT_INJECTION: forcing a failure.
[  182.281558][ T7158] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.285654][ T7158] CPU: 2 UID: 0 PID: 7158 Comm: syz.1.421 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  182.288979][ T7158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.292292][ T7158] Call Trace:
[  182.293530][ T7158]  <TASK>
[  182.294631][ T7158]  dump_stack_lvl+0x16c/0x1f0
[  182.296411][ T7158]  should_fail_ex+0x497/0x5b0
[  182.297956][ T7158]  _copy_to_user+0x30/0xc0
[  182.299442][ T7158]  bpf_test_finish.isra.0+0x582/0x6b0
[  182.301409][ T7158]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  182.303591][ T7158]  ? __might_fault+0xe3/0x190
[  182.305438][ T7158]  ? _copy_from_user+0x5d/0xf0
[  182.307268][ T7158]  bpf_prog_test_run_xdp+0xa1f/0x1530
[  182.309327][ T7158]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  182.311488][ T7158]  ? fput+0x32/0x390
[  182.312804][ T7158]  ? __bpf_prog_get+0xa0/0x2f0
[  182.314336][ T7158]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  182.316483][ T7158]  __sys_bpf+0x1af6/0x55e0
[  182.318114][ T7158]  ? __pfx___sys_bpf+0x10/0x10
[  182.319830][ T7158]  ? ksys_write+0x12f/0x260
[  182.321630][ T7158]  ? find_held_lock+0x2d/0x110
[  182.323501][ T7158]  ? ksys_write+0x21c/0x260
[  182.325128][ T7158]  ? __pfx_lock_release+0x10/0x10
[  182.327032][ T7158]  ? vfs_write+0x14d/0x1140
[  182.328611][ T7158]  ? __mutex_unlock_slowpath+0x164/0x650
[  182.330549][ T7158]  ? fput+0x32/0x390
[  182.331858][ T7158]  ? ksys_write+0x1ab/0x260
[  182.333393][ T7158]  ? __pfx_ksys_write+0x10/0x10
[  182.334932][ T7158]  __ia32_sys_bpf+0x76/0xe0
[  182.336467][ T7158]  __do_fast_syscall_32+0x73/0x120
[  182.338190][ T7158]  do_fast_syscall_32+0x32/0x80
[  182.340110][ T7158]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.342277][ T7158] RIP: 0023:0xf748e579
[  182.343644][ T7158] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  182.347703][   T30] usb 7-1: device descriptor read/64, error -71
[  182.350121][ T7158] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  182.350142][ T7158] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000180
[  182.350153][ T7158] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  182.350164][ T7158] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  182.364116][ T7158] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  182.366796][ T7158] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  182.369711][ T7158]  </TASK>
[  182.477099][   T30] usb usb7-port1: attempt power cycle
[  182.906893][   T30] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  182.937427][   T30] usb 7-1: device descriptor read/8, error -71
[  183.029387][ T7172] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  183.032261][ T7172] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  183.035788][ T7172] vhci_hcd vhci_hcd.0: Device attached
[  183.040193][ T7173] vhci_hcd: connection closed
[  183.040532][ T1104] vhci_hcd: stop threads
[  183.044660][ T1104] vhci_hcd: release socket
[  183.048121][ T1104] vhci_hcd: disconnect device
[  183.206818][   T30] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  183.251610][   T30] usb 7-1: device descriptor read/8, error -71
[  183.372167][   T30] usb usb7-port1: unable to enumerate USB device
[  184.699479][ T7201] netlink: 20 bytes leftover after parsing attributes in process `syz.2.434'.
[  184.712638][ T7200] netlink: 148 bytes leftover after parsing attributes in process `syz.1.432'.
[  185.269118][ T7207] vivid-000: disconnect
[  185.308518][ T7207] vivid-000: reconnect
[  191.677549][ T7296] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  191.680357][ T7296] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  191.699877][ T7296] vhci_hcd vhci_hcd.0: Device attached
[  191.710683][ T7299] vhci_hcd: connection closed
[  191.711981][ T4496] vhci_hcd: stop threads
[  191.716275][ T4496] vhci_hcd: release socket
[  191.718549][ T4496] vhci_hcd: disconnect device
[  192.419444][ T7305] vivid-006: disconnect
[  192.431537][ T7304] vivid-006: reconnect
[  194.282617][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  194.285179][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[  197.618217][ T7333] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  197.620761][ T7333] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  197.628733][ T7333] vhci_hcd vhci_hcd.0: Device attached
[  197.686771][ T7334] vhci_hcd: connection closed
[  197.689443][ T4496] vhci_hcd: stop threads
[  197.695761][ T4496] vhci_hcd: release socket
[  197.697732][ T4496] vhci_hcd: disconnect device
[  198.497549][   T57] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  198.693639][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  198.698714][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  198.702978][   T57] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  198.726698][   T57] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  198.730824][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.745299][   T57] usb 6-1: config 0 descriptor??
[  199.002506][ T7355] veth1_macvtap: entered allmulticast mode
[  199.250655][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.253981][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.260597][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.263927][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.268823][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.272385][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.275582][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.278473][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.281333][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.284617][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.288230][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.291378][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.294444][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.298111][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.301977][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.305105][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.308151][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.311031][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.313910][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.317332][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.320792][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.324116][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.328703][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.331547][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.334722][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.337914][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.340836][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.343911][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.347234][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.350438][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.353639][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.356385][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.359652][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.362633][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.365462][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.368404][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.372603][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.375748][   T57] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  199.383658][   T57] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  199.408125][   T57] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  199.456312][   T57] usb 6-1: USB disconnect, device number 10
[  199.899587][ T7363] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  199.902440][ T7363] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  199.917112][ T7363] vhci_hcd vhci_hcd.0: Device attached
[  199.938208][ T7365] vhci_hcd: connection closed
[  199.938578][ T1155] vhci_hcd: stop threads
[  199.942435][ T1155] vhci_hcd: release socket
[  199.944319][ T1155] vhci_hcd: disconnect device
[  202.180142][ T7401] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  202.182997][ T7401] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  202.186429][ T7401] vhci_hcd vhci_hcd.0: Device attached
[  202.191728][ T7403] vhci_hcd: connection closed
[  202.200181][ T4496] vhci_hcd: stop threads
[  202.203875][ T4496] vhci_hcd: release socket
[  202.205723][ T4496] vhci_hcd: disconnect device
[  204.251683][ T7422] 9pnet_fd: Insufficient options for proto=fd
[  204.592756][ T7431] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  204.595538][ T7431] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  204.625371][ T7431] vhci_hcd vhci_hcd.0: Device attached
[  204.638058][ T7432] vhci_hcd: connection closed
[  204.638310][ T1111] vhci_hcd: stop threads
[  204.641825][ T1111] vhci_hcd: release socket
[  204.643736][ T1111] vhci_hcd: disconnect device
[  204.836500][ T7423] [U] 
[  204.847121][ T7436] FAULT_INJECTION: forcing a failure.
[  204.847121][ T7436] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.852027][ T7436] CPU: 3 UID: 0 PID: 7436 Comm: syz.3.504 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  204.856106][ T7436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.860093][ T7436] Call Trace:
[  204.861394][ T7436]  <TASK>
[  204.862543][ T7436]  dump_stack_lvl+0x16c/0x1f0
[  204.864398][ T7436]  should_fail_ex+0x497/0x5b0
[  204.866267][ T7436]  _copy_from_user+0x30/0xf0
[  204.868251][ T7436]  get_compat_sigset+0x21/0x50
[  204.870044][ T7436]  __ia32_compat_sys_signalfd4+0x121/0x1e0
[  204.871990][ T7436]  ? __pfx___ia32_compat_sys_signalfd4+0x10/0x10
[  204.874486][ T7436]  __do_fast_syscall_32+0x73/0x120
[  204.876423][ T7436]  do_fast_syscall_32+0x32/0x80
[  204.878251][ T7436]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.881049][ T7436] RIP: 0023:0xf7f57579
[  204.882719][ T7436] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.890260][ T7436] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 0000000000000147
[  204.893560][ T7436] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  204.896675][ T7436] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000
[  204.899765][ T7436] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.902874][ T7436] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.905990][ T7436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.909151][ T7436]  </TASK>
[  205.362053][ T7444] netlink: 56 bytes leftover after parsing attributes in process `syz.0.507'.
[  205.379170][ T7444] netlink: 12 bytes leftover after parsing attributes in process `syz.0.507'.
[  206.099896][   T39] audit: type=1326 audit(1723873658.335:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7fc00000
[  206.660790][ T7470] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  206.663699][ T7470] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  206.756123][ T7470] vhci_hcd vhci_hcd.0: Device attached
[  206.773818][ T7471] vhci_hcd: connection closed
[  206.774075][ T4496] vhci_hcd: stop threads
[  206.778181][ T4496] vhci_hcd: release socket
[  206.779935][ T4496] vhci_hcd: disconnect device
[  207.477616][ T7479] fuse: Bad value for 'group_id'
[  207.479547][ T7479] fuse: Bad value for 'group_id'
[  208.582984][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.586017][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.597409][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.600593][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.606267][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.618768][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.626714][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.639459][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.648784][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.657624][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.660746][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.663916][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.668394][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.672247][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.675369][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.681120][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.684245][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.688148][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.691177][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.694220][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.699291][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.702388][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.705412][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.709037][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.712080][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.715114][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.720662][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.723789][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.727112][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.730458][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.733693][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.737588][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.741147][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.744955][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.748664][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.752031][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.755302][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.758323][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.760543][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.763448][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.767945][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.771219][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.774547][    T8] hid-generic 0001:0000:0000.0007: unknown main item tag 0x0
[  208.781575][    T8] hid-generic 0001:0000:0000.0007: hidraw1: <UNKNOWN> HID v7.f7 Device [syz1] on syz1
[  208.888414][ T7492] FAULT_INJECTION: forcing a failure.
[  208.888414][ T7492] name failslab, interval 1, probability 0, space 0, times 0
[  208.893136][ T7492] CPU: 3 UID: 0 PID: 7492 Comm: syz.1.519 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  208.896650][ T7492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.900486][ T7492] Call Trace:
[  208.901656][ T7492]  <TASK>
[  208.902841][ T7492]  dump_stack_lvl+0x16c/0x1f0
[  208.904842][ T7492]  should_fail_ex+0x497/0x5b0
[  208.906823][ T7492]  should_failslab+0xc2/0x120
[  208.908537][ T7492]  kmem_cache_alloc_node_noprof+0x71/0x310
[  208.910540][ T7492]  ? __alloc_skb+0x2b3/0x380
[  208.912183][ T7492]  __alloc_skb+0x2b3/0x380
[  208.913736][ T7492]  ? __pfx___alloc_skb+0x10/0x10
[  208.915746][ T7492]  ? kasan_save_stack+0x30/0x60
[  208.917899][ T7492]  ? kasan_save_stack+0x33/0x60
[  208.920053][ T7492]  ? __kasan_slab_alloc+0x89/0x90
[  208.922249][ T7492]  ? kmem_cache_alloc_noprof+0x121/0x2f0
[  208.924665][ T7492]  ndisc_alloc_skb+0x135/0x330
[  208.926635][ T7492]  ndisc_ns_create+0x165/0x7d0
[  208.928604][ T7492]  ? __ipv6_chk_addr_and_flags+0x4f7/0x7b0
[  208.931237][ T7492]  ? __pfx_ndisc_ns_create+0x10/0x10
[  208.933126][ T7492]  ndisc_send_ns+0xaa/0x150
[  208.934889][ T7492]  ? __pfx_ndisc_send_ns+0x10/0x10
[  208.937134][ T7492]  ? ipv6_chk_addr_and_flags+0x3b/0x60
[  208.938939][ T7492]  ndisc_solicit+0x2f7/0x510
[  208.940503][ T7492]  ? __pfx_ndisc_solicit+0x10/0x10
[  208.942213][ T7492]  ? __pfx_ndisc_solicit+0x10/0x10
[  208.943936][ T7492]  neigh_probe+0xc2/0x110
[  208.945431][ T7492]  __neigh_event_send+0xaa7/0x13b0
[  208.947251][ T7492]  neigh_resolve_output+0x5ed/0x950
[  208.949311][ T7492]  ? __pfx____neigh_create+0x10/0x10
[  208.951641][ T7492]  ip6_finish_output2+0x673/0x1890
[  208.953613][ T7492]  ip6_finish_output+0x3f9/0x1300
[  208.955396][ T7492]  ip6_output+0x1f8/0x540
[  208.957253][ T7492]  ? __pfx_ip6_output+0x10/0x10
[  208.959157][ T7492]  ip6_local_out+0xcd/0x4a0
[  208.960682][ T7492]  ip6_send_skb+0xcd/0x2d0
[  208.962173][ T7492]  ip6_push_pending_frames+0xe0/0x110
[  208.964055][ T7492]  rawv6_sendmsg+0x2fa0/0x43e0
[  208.965694][ T7492]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  208.967439][ T7492]  ? __pfx_tomoyo_check_inet_address+0x10/0x10
[  208.969531][ T7492]  ? __pfx_lock_release+0x10/0x10
[  208.971553][ T7492]  ? __pfx___might_resched+0x10/0x10
[  208.973580][ T7492]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  208.976102][ T7492]  ? __import_iovec+0x1fd/0x6e0
[  208.977839][ T7492]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  208.979529][ T7492]  ? inet_sendmsg+0x119/0x140
[  208.981158][ T7492]  inet_sendmsg+0x119/0x140
[  208.982959][ T7492]  ____sys_sendmsg+0x90d/0xb50
[  208.984729][ T7492]  ? __pfx_____sys_sendmsg+0x10/0x10
[  208.986745][ T7492]  ? get_compat_msghdr+0x11b/0x170
[  208.988970][ T7492]  ? __pfx___lock_acquire+0x10/0x10
[  208.990771][ T7492]  ___sys_sendmsg+0x135/0x1e0
[  208.992456][ T7492]  ? __pfx____sys_sendmsg+0x10/0x10
[  208.994656][ T7492]  ? __pfx_lock_release+0x10/0x10
[  208.996457][ T7492]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  208.998334][ T7492]  ? __fget_light+0x173/0x210
[  208.999903][ T7492]  __sys_sendmmsg+0x2a5/0x450
[  209.001537][ T7492]  ? __pfx___sys_sendmmsg+0x10/0x10
[  209.003367][ T7492]  ? vfs_write+0x14d/0x1140
[  209.004993][ T7492]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  209.007051][ T7492]  ? fput+0x32/0x390
[  209.008355][ T7492]  ? ksys_write+0x1ab/0x260
[  209.009917][ T7492]  ? __pfx_ksys_write+0x10/0x10
[  209.011513][ T7492]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  209.013681][ T7492]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  209.016512][ T7492]  __do_fast_syscall_32+0x73/0x120
[  209.018561][ T7492]  do_fast_syscall_32+0x32/0x80
[  209.020160][ T7492]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.022235][ T7492] RIP: 0023:0xf748e579
[  209.023650][ T7492] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.030447][ T7492] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  209.033211][ T7492] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  209.036420][ T7492] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  209.039748][ T7492] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.042997][ T7492] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.046047][ T7492] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.048667][ T7492]  </TASK>
[  209.049996][ T7492] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb
[  210.919128][ T7519] FAULT_INJECTION: forcing a failure.
[  210.919128][ T7519] name failslab, interval 1, probability 0, space 0, times 0
[  210.925662][ T7519] CPU: 3 UID: 0 PID: 7519 Comm: syz.2.525 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  210.930498][ T7519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.935268][ T7519] Call Trace:
[  210.936799][ T7519]  <TASK>
[  210.938172][ T7519]  dump_stack_lvl+0x16c/0x1f0
[  210.940321][ T7519]  should_fail_ex+0x497/0x5b0
[  210.942461][ T7519]  ? fs_reclaim_acquire+0xae/0x160
[  210.944778][ T7519]  should_failslab+0xc2/0x120
[  210.946894][ T7519]  kmem_cache_alloc_node_noprof+0x71/0x310
[  210.949484][ T7519]  ? __alloc_skb+0x2b3/0x380
[  210.951595][ T7519]  __alloc_skb+0x2b3/0x380
[  210.953309][ T7519]  ? __pfx___alloc_skb+0x10/0x10
[  210.955012][ T7519]  ? genl_rcv_msg+0x520/0x800
[  210.957101][ T7519]  ? genl_rcv_msg+0x4bd/0x800
[  210.959174][ T7519]  netlink_ack+0x164/0xb20
[  210.961169][ T7519]  netlink_rcv_skb+0x327/0x410
[  210.963253][ T7519]  ? __pfx_genl_rcv_msg+0x10/0x10
[  210.965508][ T7519]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  210.967841][ T7519]  ? down_read+0xc9/0x330
[  210.969747][ T7519]  ? __pfx_down_read+0x10/0x10
[  210.971887][ T7519]  ? netlink_deliver_tap+0x1ae/0xcf0
[  210.974166][ T7519]  genl_rcv+0x28/0x40
[  210.975874][ T7519]  netlink_unicast+0x53c/0x7f0
[  210.977893][ T7519]  ? __pfx_netlink_unicast+0x10/0x10
[  210.980169][ T7519]  ? __phys_addr_symbol+0x30/0x80
[  210.982260][ T7519]  ? __check_object_size+0x497/0x720
[  210.984697][ T7519]  netlink_sendmsg+0x8b8/0xd70
[  210.986800][ T7519]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.989166][ T7519]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  210.991512][ T7519]  ____sys_sendmsg+0x9b4/0xb50
[  210.993640][ T7519]  ? __pfx_____sys_sendmsg+0x10/0x10
[  210.995985][ T7519]  ? get_compat_msghdr+0x11b/0x170
[  210.998259][ T7519]  ? __pfx___lock_acquire+0x10/0x10
[  211.000633][ T7519]  ___sys_sendmsg+0x135/0x1e0
[  211.002721][ T7519]  ? __pfx____sys_sendmsg+0x10/0x10
[  211.005060][ T7519]  ? ksys_write+0x21c/0x260
[  211.007116][ T7519]  ? __fget_light+0x173/0x210
[  211.009209][ T7519]  __sys_sendmsg+0x117/0x1f0
[  211.011272][ T7519]  ? __pfx___sys_sendmsg+0x10/0x10
[  211.013683][ T7519]  __do_fast_syscall_32+0x73/0x120
[  211.015865][ T7519]  do_fast_syscall_32+0x32/0x80
[  211.018026][ T7519]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  211.020857][ T7519] RIP: 0023:0xf7f43579
[  211.022638][ T7519] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  211.031018][ T7519] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  211.034638][ T7519] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[  211.038071][ T7519] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  211.041546][ T7519] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  211.045015][ T7519] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  211.048458][ T7519] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.051908][ T7519]  </TASK>
[  211.536384][ T7526] netlink: 'syz.2.527': attribute type 6 has an invalid length.
[  212.425077][ T7528] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  212.427637][ T7528] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  212.440848][ T7528] vhci_hcd vhci_hcd.0: Device attached
[  212.450358][ T7529] vhci_hcd: connection closed
[  212.450564][ T1104] vhci_hcd: stop threads
[  212.456767][ T1104] vhci_hcd: release socket
[  212.470835][ T1104] vhci_hcd: disconnect device
[  212.980909][ T7538] FAULT_INJECTION: forcing a failure.
[  212.980909][ T7538] name failslab, interval 1, probability 0, space 0, times 0
[  212.986399][ T7538] CPU: 0 UID: 0 PID: 7538 Comm: syz.1.531 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  212.990962][ T7538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.995868][ T7538] Call Trace:
[  212.997345][ T7538]  <TASK>
[  212.998985][ T7538]  dump_stack_lvl+0x16c/0x1f0
[  213.001046][ T7538]  should_fail_ex+0x497/0x5b0
[  213.003642][ T7538]  ? fs_reclaim_acquire+0xae/0x160
[  213.006094][ T7538]  should_failslab+0xc2/0x120
[  213.008261][ T7538]  kmem_cache_alloc_node_noprof+0x71/0x310
[  213.010526][ T7538]  ? __alloc_skb+0x2b3/0x380
[  213.012630][ T7538]  __alloc_skb+0x2b3/0x380
[  213.014642][ T7538]  ? __pfx___alloc_skb+0x10/0x10
[  213.016654][ T7538]  ? __pfx___might_resched+0x10/0x10
[  213.018747][ T7538]  netlink_alloc_large_skb+0x69/0x130
[  213.020898][ T7538]  netlink_sendmsg+0x689/0xd70
[  213.023294][ T7538]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.025687][ T7538]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  213.028165][ T7538]  ____sys_sendmsg+0x9b4/0xb50
[  213.030363][ T7538]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.032833][ T7538]  ? get_compat_msghdr+0x11b/0x170
[  213.035121][ T7538]  ? __pfx___lock_acquire+0x10/0x10
[  213.037468][ T7538]  ___sys_sendmsg+0x135/0x1e0
[  213.039594][ T7538]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.041933][ T7538]  ? ksys_write+0x21c/0x260
[  213.043848][ T7538]  ? __fget_light+0x173/0x210
[  213.045757][ T7538]  __sys_sendmsg+0x117/0x1f0
[  213.047627][ T7538]  ? __pfx___sys_sendmsg+0x10/0x10
[  213.049800][ T7538]  __do_fast_syscall_32+0x73/0x120
[  213.052148][ T7538]  do_fast_syscall_32+0x32/0x80
[  213.054425][ T7538]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.056947][ T7538] RIP: 0023:0xf748e579
[  213.058733][ T7538] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  213.067364][ T7538] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  213.070908][ T7538] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200003c0
[  213.074413][ T7538] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  213.077965][ T7538] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  213.081067][ T7538] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  213.084776][ T7538] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  213.088334][ T7538]  </TASK>
[  213.372758][   T39] audit: type=1326 audit(1723873665.605:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7542 comm="syz.1.533" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x0
[  213.751410][ T7550] mmap: syz.0.535 (7550) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  214.542799][ T7567] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  214.545595][ T7567] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  214.550435][ T7567] vhci_hcd vhci_hcd.0: Device attached
[  214.554336][ T7568] vhci_hcd: connection closed
[  214.554886][   T13] vhci_hcd: stop threads
[  214.559819][   T13] vhci_hcd: release socket
[  214.561884][   T13] vhci_hcd: disconnect device
[  216.658595][ T7599] netlink: 'syz.2.549': attribute type 29 has an invalid length.
[  219.282422][ T7616] tmpfs: Bad value for 'mpol'
[  219.446342][ T7619] FAULT_INJECTION: forcing a failure.
[  219.446342][ T7619] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.452852][ T7619] CPU: 0 UID: 0 PID: 7619 Comm: syz.1.555 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  219.457961][ T7619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  219.462698][ T7619] Call Trace:
[  219.464384][ T7619]  <TASK>
[  219.465723][ T7619]  dump_stack_lvl+0x16c/0x1f0
[  219.467931][ T7619]  should_fail_ex+0x497/0x5b0
[  219.470100][ T7619]  _copy_from_user+0x30/0xf0
[  219.472537][ T7619]  __do_compat_sys_socketcall+0x14f/0x700
[  219.475130][ T7619]  ? __pfx___do_compat_sys_socketcall+0x10/0x10
[  219.477985][ T7619]  ? fput+0x32/0x390
[  219.479648][ T7619]  ? ksys_write+0x1ab/0x260
[  219.481631][ T7619]  ? __pfx_ksys_write+0x10/0x10
[  219.483572][ T7619]  __do_fast_syscall_32+0x73/0x120
[  219.485693][ T7619]  do_fast_syscall_32+0x32/0x80
[  219.488030][ T7619]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  219.490819][ T7619] RIP: 0023:0xf748e579
[  219.492608][ T7619] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  219.500893][ T7619] RSP: 002b:00000000f5795440 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[  219.504621][ T7619] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f5795454
[  219.508301][ T7619] RDX: 0000000000000000 RSI: 00000000f5795570 RDI: 00000000f7480ff4
[  219.511830][ T7619] RBP: 00000000f5795570 R08: 0000000000000000 R09: 0000000000000000
[  219.515842][ T7619] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  219.520003][ T7619] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  219.523111][ T7619]  </TASK>
[  220.622910][ T7647] netlink: 'syz.0.564': attribute type 29 has an invalid length.
[  221.299122][ T7652] netlink: 'syz.2.565': attribute type 29 has an invalid length.
[  221.633058][ T7658] FAULT_INJECTION: forcing a failure.
[  221.633058][ T7658] name failslab, interval 1, probability 0, space 0, times 0
[  221.638023][ T7658] CPU: 2 UID: 0 PID: 7658 Comm: syz.1.567 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  221.642121][ T7658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.646269][ T7658] Call Trace:
[  221.647594][ T7658]  <TASK>
[  221.648758][ T7658]  dump_stack_lvl+0x16c/0x1f0
[  221.650608][ T7658]  should_fail_ex+0x497/0x5b0
[  221.652162][ T7659] input: syz0 as /devices/virtual/input/input12
[  221.652465][ T7658]  ? fs_reclaim_acquire+0xae/0x160
[  221.656801][ T7658]  should_failslab+0xc2/0x120
[  221.658178][ T7658]  kmem_cache_alloc_node_noprof+0x71/0x310
[  221.660100][ T7658]  ? __alloc_skb+0x2b3/0x380
[  221.661522][ T7658]  __alloc_skb+0x2b3/0x380
[  221.663233][ T7658]  ? __pfx___alloc_skb+0x10/0x10
[  221.664902][ T7658]  ? genl_rcv_msg+0x520/0x800
[  221.666522][ T7658]  ? genl_rcv_msg+0x4bd/0x800
[  221.668301][ T7658]  netlink_ack+0x164/0xb20
[  221.669760][ T7658]  netlink_rcv_skb+0x327/0x410
[  221.671507][ T7658]  ? __pfx_genl_rcv_msg+0x10/0x10
[  221.673516][ T7658]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  221.675601][ T7658]  ? down_read+0xc9/0x330
[  221.677290][ T7658]  ? __pfx_down_read+0x10/0x10
[  221.678761][ T7658]  ? netlink_deliver_tap+0x1ae/0xcf0
[  221.680421][ T7658]  genl_rcv+0x28/0x40
[  221.681697][ T7658]  netlink_unicast+0x53c/0x7f0
[  221.683164][ T7658]  ? __pfx_netlink_unicast+0x10/0x10
[  221.684987][ T7658]  ? __phys_addr_symbol+0x30/0x80
[  221.686696][ T7658]  ? __check_object_size+0x497/0x720
[  221.688568][ T7658]  netlink_sendmsg+0x8b8/0xd70
[  221.690396][ T7658]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.692468][ T7658]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  221.694503][ T7658]  ____sys_sendmsg+0x9b4/0xb50
[  221.696206][ T7658]  ? __pfx_____sys_sendmsg+0x10/0x10
[  221.697959][ T7658]  ? get_compat_msghdr+0x11b/0x170
[  221.699667][ T7658]  ? __pfx___lock_acquire+0x10/0x10
[  221.701681][ T7658]  ___sys_sendmsg+0x135/0x1e0
[  221.703371][ T7658]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.705420][ T7658]  ? ksys_write+0x21c/0x260
[  221.707196][ T7658]  ? __fget_light+0x173/0x210
[  221.709025][ T7658]  __sys_sendmsg+0x117/0x1f0
[  221.710831][ T7658]  ? __pfx___sys_sendmsg+0x10/0x10
[  221.712829][ T7658]  __do_fast_syscall_32+0x73/0x120
[  221.714810][ T7658]  do_fast_syscall_32+0x32/0x80
[  221.716707][ T7658]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.719174][ T7658] RIP: 0023:0xf748e579
[  221.720777][ T7658] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.728226][ T7658] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  221.731450][ T7658] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  221.734581][ T7658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  221.737737][ T7658] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.740814][ T7658] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  221.743875][ T7658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.746881][ T7658]  </TASK>
[  222.972496][ T7687] netlink: 'syz.0.577': attribute type 29 has an invalid length.
[  223.014206][   T39] audit: type=1326 audit(1723873675.225:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7685 comm="syz.3.578" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x0
[  223.641460][ T7695] FAULT_INJECTION: forcing a failure.
[  223.641460][ T7695] name failslab, interval 1, probability 0, space 0, times 0
[  223.647658][ T7695] CPU: 2 UID: 0 PID: 7695 Comm: syz.2.579 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  223.652408][ T7695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  223.657202][ T7695] Call Trace:
[  223.658725][ T7695]  <TASK>
[  223.660085][ T7695]  dump_stack_lvl+0x16c/0x1f0
[  223.662234][ T7695]  should_fail_ex+0x497/0x5b0
[  223.664390][ T7695]  ? fs_reclaim_acquire+0xae/0x160
[  223.666705][ T7695]  should_failslab+0xc2/0x120
[  223.668829][ T7695]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[  223.671663][ T7695]  ? dh_data_from_key+0x17c/0x2d0
[  223.673905][ T7695]  kmemdup_noprof+0x29/0x60
[  223.675948][ T7695]  dh_data_from_key+0x17c/0x2d0
[  223.678123][ T7695]  __keyctl_dh_compute+0x3d0/0xf50
[  223.680410][ T7695]  ? __pfx___lock_acquire+0x10/0x10
[  223.682742][ T7695]  ? __pfx_lock_release+0x10/0x10
[  223.685017][ T7695]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  223.687569][ T7695]  ? __pfx___keyctl_dh_compute+0x10/0x10
[  223.690078][ T7695]  ? __pfx_lock_release+0x10/0x10
[  223.692354][ T7695]  compat_keyctl_dh_compute+0x161/0x1d0
[  223.694782][ T7695]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[  223.697486][ T7695]  ? ksys_write+0x1ab/0x260
[  223.699519][ T7695]  ? __pfx_ksys_write+0x10/0x10
[  223.701704][ T7695]  __do_compat_sys_keyctl+0x27b/0x440
[  223.704109][ T7695]  __do_fast_syscall_32+0x73/0x120
[  223.706438][ T7695]  do_fast_syscall_32+0x32/0x80
[  223.708632][ T7695]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  223.711466][ T7695] RIP: 0023:0xf7f43579
[  223.713277][ T7695] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  223.721768][ T7695] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[  223.725486][ T7695] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000020000140
[  223.728989][ T7695] RDX: 0000000020000480 RSI: 0000000000000074 RDI: 00000000200005c0
[  223.732499][ T7695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  223.735996][ T7695] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  223.739502][ T7695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.743053][ T7695]  </TASK>
[  224.131365][ T7704] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  224.450696][ T7711] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  224.694566][ T7713] FAULT_INJECTION: forcing a failure.
[  224.694566][ T7713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.711794][ T7713] CPU: 3 UID: 0 PID: 7713 Comm: syz.1.585 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  224.715613][ T7713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  224.719653][ T7713] Call Trace:
[  224.721091][ T7713]  <TASK>
[  224.722381][ T7713]  dump_stack_lvl+0x16c/0x1f0
[  224.724456][ T7713]  should_fail_ex+0x497/0x5b0
[  224.726492][ T7713]  strncpy_from_user+0x38/0x320
[  224.728553][ T7713]  bpf_prog_load+0x1c3f/0x2670
[  224.730663][ T7713]  ? __pfx_bpf_prog_load+0x10/0x10
[  224.732878][ T7713]  ? find_held_lock+0x2d/0x110
[  224.734960][ T7713]  ? security_bpf+0x8c/0xc0
[  224.736642][ T7713]  __sys_bpf+0x9e0/0x55e0
[  224.738090][ T7713]  ? __pfx___sys_bpf+0x10/0x10
[  224.739770][ T7713]  ? ksys_write+0x12f/0x260
[  224.741595][ T7713]  ? find_held_lock+0x2d/0x110
[  224.743512][ T7713]  ? ksys_write+0x21c/0x260
[  224.745526][ T7713]  ? __pfx_lock_release+0x10/0x10
[  224.747697][ T7713]  ? vfs_write+0x14d/0x1140
[  224.749601][ T7713]  ? __mutex_unlock_slowpath+0x164/0x650
[  224.751650][ T7713]  ? fput+0x32/0x390
[  224.752980][ T7713]  ? ksys_write+0x1ab/0x260
[  224.754587][ T7713]  ? __pfx_ksys_write+0x10/0x10
[  224.756422][ T7713]  __ia32_sys_bpf+0x76/0xe0
[  224.757994][ T7713]  __do_fast_syscall_32+0x73/0x120
[  224.759842][ T7713]  do_fast_syscall_32+0x32/0x80
[  224.761920][ T7713]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  224.764737][ T7713] RIP: 0023:0xf748e579
[  224.766474][ T7713] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  224.774794][ T7713] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  224.778452][ T7713] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0
[  224.781393][ T7713] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  224.784517][ T7713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  224.787169][ T7713] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  224.789787][ T7713] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  224.793004][ T7713]  </TASK>
[  224.794229][    C3] vkms_vblank_simulate: vblank timer overrun
[  225.436217][ T7723] netlink: 'syz.1.589': attribute type 29 has an invalid length.
[  225.462621][ T7724] netlink: 9 bytes leftover after parsing attributes in process `syz.3.588'.
[  225.477902][ T7724] 0·: renamed from hsr_slave_1 (while UP)
[  225.518342][ T7724] 0·: entered allmulticast mode
[  225.562795][ T7724] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  225.692949][ T7727] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  225.695991][ T7727] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  225.767375][ T7727] vhci_hcd vhci_hcd.0: Device attached
[  225.782786][ T7728] vhci_hcd: connection closed
[  225.792230][   T64] vhci_hcd: stop threads
[  225.805556][   T64] vhci_hcd: release socket
[  225.810943][   T64] vhci_hcd: disconnect device
[  226.424581][ T7742] netlink: 76 bytes leftover after parsing attributes in process `syz.3.596'.
[  226.428082][ T7740] FAULT_INJECTION: forcing a failure.
[  226.428082][ T7740] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.433054][ T7740] CPU: 0 UID: 0 PID: 7740 Comm: syz.1.595 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  226.437637][ T7740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  226.442229][ T7740] Call Trace:
[  226.443752][ T7740]  <TASK>
[  226.445073][ T7740]  dump_stack_lvl+0x16c/0x1f0
[  226.447325][ T7740]  should_fail_ex+0x497/0x5b0
[  226.449590][ T7740]  _copy_to_user+0x30/0xc0
[  226.451489][ T7740]  bpf_test_finish.isra.0+0x551/0x6b0
[  226.453632][ T7740]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  226.456063][ T7740]  ? krealloc_noprof+0xa7/0x100
[  226.458083][ T7740]  bpf_prog_test_run_skb+0x11bb/0x2140
[  226.459948][ T7740]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  226.461862][ T7740]  ? fput+0x32/0x390
[  226.463503][ T7740]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  226.466058][ T7740]  __sys_bpf+0x1af6/0x55e0
[  226.467690][ T7740]  ? __pfx___sys_bpf+0x10/0x10
[  226.469391][ T7740]  ? ksys_write+0x12f/0x260
[  226.471383][ T7740]  ? find_held_lock+0x2d/0x110
[  226.473431][ T7740]  ? ksys_write+0x21c/0x260
[  226.475398][ T7740]  ? __pfx_lock_release+0x10/0x10
[  226.477243][ T7740]  ? vfs_write+0x14d/0x1140
[  226.479324][ T7740]  ? __mutex_unlock_slowpath+0x164/0x650
[  226.481642][ T7740]  ? fput+0x32/0x390
[  226.483408][ T7740]  ? ksys_write+0x1ab/0x260
[  226.485467][ T7740]  ? __pfx_ksys_write+0x10/0x10
[  226.487363][ T7740]  __ia32_sys_bpf+0x76/0xe0
[  226.488990][ T7740]  __do_fast_syscall_32+0x73/0x120
[  226.490739][ T7740]  do_fast_syscall_32+0x32/0x80
[  226.492445][ T7740]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.495022][ T7740] RIP: 0023:0xf748e579
[  226.496680][ T7740] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  226.503189][ T7740] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  226.506462][ T7740] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240
[  226.509838][ T7740] RDX: 000000000000004c RSI: 0000000000000000 RDI: 0000000000000000
[  226.513317][ T7740] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.516808][ T7740] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  226.519860][ T7740] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.522828][ T7740]  </TASK>
[  226.617662][ T7757] bridge_slave_0: default FDB implementation only supports local addresses
[  226.717974][ T7763] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  226.721004][ T7763] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  226.725010][ T7763] vhci_hcd vhci_hcd.0: Device attached
[  226.730154][ T7764] vhci_hcd: connection closed
[  226.730666][   T13] vhci_hcd: stop threads
[  226.735528][   T13] vhci_hcd: release socket
[  226.739940][   T13] vhci_hcd: disconnect device
[  226.901410][ T7771] netlink: 'syz.1.604': attribute type 29 has an invalid length.
[  228.043912][ T7789] FAULT_INJECTION: forcing a failure.
[  228.043912][ T7789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.052051][ T7789] CPU: 2 UID: 0 PID: 7789 Comm: syz.0.609 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  228.057070][ T7789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  228.062164][ T7789] Call Trace:
[  228.063751][ T7789]  <TASK>
[  228.065109][ T7789]  dump_stack_lvl+0x16c/0x1f0
[  228.066772][ T7789]  should_fail_ex+0x497/0x5b0
[  228.068851][ T7789]  _copy_to_user+0x30/0xc0
[  228.070768][ T7789]  simple_read_from_buffer+0xd0/0x160
[  228.073213][ T7789]  proc_fail_nth_read+0x19e/0x280
[  228.075454][ T7789]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  228.077941][ T7789]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  228.080303][ T7789]  vfs_read+0x1d4/0xbd0
[  228.082138][ T7789]  ? __fdget_pos+0xeb/0x180
[  228.084397][ T7789]  ? __pfx_vfs_read+0x10/0x10
[  228.087391][ T7789]  ? __pfx___mutex_lock+0x10/0x10
[  228.091777][ T7789]  ? __fget_files+0x256/0x400
[  228.094542][ T7789]  ksys_read+0x12f/0x260
[  228.097224][ T7789]  ? __pfx_ksys_read+0x10/0x10
[  228.100290][ T7789]  __do_fast_syscall_32+0x73/0x120
[  228.103035][ T7789]  do_fast_syscall_32+0x32/0x80
[  228.105455][ T7789]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.108295][ T7789] RIP: 0023:0xf7f9f579
[  228.110042][ T7789] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  228.118364][ T7789] RSP: 002b:00000000f57465a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  228.122456][ T7789] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5746620
[  228.126211][ T7789] RDX: 000000000000000f RSI: 00000000f7430ff4 RDI: 0000000000000000
[  228.129694][ T7789] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  228.132664][ T7789] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  228.135676][ T7789] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  228.138750][ T7789]  </TASK>
[  228.379480][ T7798] netlink: 'syz.2.613': attribute type 49 has an invalid length.
[  228.433992][   T39] audit: type=1804 audit(1723873680.665:13): pid=7799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.612" name="/newroot/79/file0" dev="fuse" ino=1 res=1 errno=0
[  228.484767][ T7801] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  228.487557][ T7801] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  228.491571][ T7801] vhci_hcd vhci_hcd.0: Device attached
[  228.495118][ T7802] vhci_hcd: connection closed
[  228.495487][   T13] vhci_hcd: stop threads
[  228.499703][   T13] vhci_hcd: release socket
[  228.501704][   T13] vhci_hcd: disconnect device
[  229.366324][ T7812] netlink: 'syz.1.616': attribute type 29 has an invalid length.
[  230.099166][ T7818] FAULT_INJECTION: forcing a failure.
[  230.099166][ T7818] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.104331][ T7818] CPU: 1 UID: 0 PID: 7818 Comm: syz.2.618 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  230.108343][ T7818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  230.112332][ T7818] Call Trace:
[  230.113625][ T7818]  <TASK>
[  230.114763][ T7818]  dump_stack_lvl+0x16c/0x1f0
[  230.116548][ T7818]  should_fail_ex+0x497/0x5b0
[  230.118369][ T7818]  _copy_from_user+0x30/0xf0
[  230.120143][ T7818]  __sys_bpf+0x239/0x55e0
[  230.121764][ T7818]  ? __pfx___sys_bpf+0x10/0x10
[  230.123590][ T7818]  ? ksys_write+0x12f/0x260
[  230.125349][ T7818]  ? find_held_lock+0x2d/0x110
[  230.127181][ T7818]  ? ksys_write+0x21c/0x260
[  230.128926][ T7818]  ? __pfx_lock_release+0x10/0x10
[  230.130862][ T7818]  ? vfs_write+0x14d/0x1140
[  230.132597][ T7818]  ? __mutex_unlock_slowpath+0x164/0x650
[  230.134720][ T7818]  ? fput+0x32/0x390
[  230.136218][ T7818]  ? ksys_write+0x1ab/0x260
[  230.137995][ T7818]  ? __pfx_ksys_write+0x10/0x10
[  230.139898][ T7818]  __ia32_sys_bpf+0x76/0xe0
[  230.141635][ T7818]  __do_fast_syscall_32+0x73/0x120
[  230.143553][ T7818]  do_fast_syscall_32+0x32/0x80
[  230.145450][ T7818]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  230.147900][ T7818] RIP: 0023:0xf7f43579
[  230.149464][ T7818] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  230.156635][ T7818] RSP: 002b:00000000f56c556c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  230.159795][ T7818] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000c40
[  230.162765][ T7818] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  230.165815][ T7818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  230.168805][ T7818] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  230.171815][ T7818] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  230.174789][ T7818]  </TASK>
[  230.312035][ T7821] warning: `syz.1.619' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  230.838537][ T7834] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  230.841436][ T7834] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  230.844912][ T7834] vhci_hcd vhci_hcd.0: Device attached
[  230.849159][ T7835] vhci_hcd: connection closed
[  230.849412][ T1111] vhci_hcd: stop threads
[  230.852812][ T1111] vhci_hcd: release socket
[  230.854532][ T1111] vhci_hcd: disconnect device
[  231.510804][ T7847] FAULT_INJECTION: forcing a failure.
[  231.510804][ T7847] name failslab, interval 1, probability 0, space 0, times 0
[  231.519791][ T7847] CPU: 1 UID: 0 PID: 7847 Comm: syz.1.629 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  231.524178][ T7847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  231.529051][ T7847] Call Trace:
[  231.531579][ T7847]  <TASK>
[  231.532788][ T7847]  dump_stack_lvl+0x16c/0x1f0
[  231.534815][ T7847]  should_fail_ex+0x497/0x5b0
[  231.536827][ T7847]  ? fs_reclaim_acquire+0xae/0x160
[  231.538985][ T7847]  should_failslab+0xc2/0x120
[  231.540942][ T7847]  __kmalloc_noprof+0xcb/0x410
[  231.542954][ T7847]  ? kasan_quarantine_put+0x10a/0x240
[  231.545226][ T7847]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  231.548234][ T7847]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  231.550562][ T7847]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  231.553201][ T7847]  ? ns_capable+0xd7/0x110
[  231.555125][ T7847]  genl_rcv_msg+0x565/0x800
[  231.557090][ T7847]  ? __pfx_genl_rcv_msg+0x10/0x10
[  231.559256][ T7847]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  231.561763][ T7847]  netlink_rcv_skb+0x165/0x410
[  231.563829][ T7847]  ? __pfx_genl_rcv_msg+0x10/0x10
[  231.566001][ T7847]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  231.568288][ T7847]  ? down_read+0xc9/0x330
[  231.570149][ T7847]  ? __pfx_down_read+0x10/0x10
[  231.572225][ T7847]  ? netlink_deliver_tap+0x1ae/0xcf0
[  231.574487][ T7847]  genl_rcv+0x28/0x40
[  231.576138][ T7847]  netlink_unicast+0x53c/0x7f0
[  231.578211][ T7847]  ? __pfx_netlink_unicast+0x10/0x10
[  231.580481][ T7847]  ? __phys_addr_symbol+0x30/0x80
[  231.582633][ T7847]  ? __check_object_size+0x497/0x720
[  231.584871][ T7847]  netlink_sendmsg+0x8b8/0xd70
[  231.586967][ T7847]  ? __pfx_netlink_sendmsg+0x10/0x10
[  231.589243][ T7847]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  231.591525][ T7847]  ____sys_sendmsg+0x9b4/0xb50
[  231.593574][ T7847]  ? __pfx_____sys_sendmsg+0x10/0x10
[  231.595832][ T7847]  ? get_compat_msghdr+0x11b/0x170
[  231.598020][ T7847]  ? __pfx___lock_acquire+0x10/0x10
[  231.600264][ T7847]  ___sys_sendmsg+0x135/0x1e0
[  231.602278][ T7847]  ? __pfx____sys_sendmsg+0x10/0x10
[  231.604529][ T7847]  ? ksys_write+0x21c/0x260
[  231.606475][ T7847]  ? __fget_light+0x173/0x210
[  231.608539][ T7847]  __sys_sendmsg+0x117/0x1f0
[  231.610508][ T7847]  ? __pfx___sys_sendmsg+0x10/0x10
[  231.612734][ T7847]  __do_fast_syscall_32+0x73/0x120
[  231.614902][ T7847]  do_fast_syscall_32+0x32/0x80
[  231.616980][ T7847]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  231.619686][ T7847] RIP: 0023:0xf748e579
[  231.621421][ T7847] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  231.629272][ T7847] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  231.632832][ T7847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  231.636175][ T7847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  231.639564][ T7847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  231.642896][ T7847] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  231.646259][ T7847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  231.649348][ T7847]  </TASK>
[  231.734671][ T7855] netlink: 8 bytes leftover after parsing attributes in process `syz.1.632'.
[  231.738729][ T7855] netlink: 24 bytes leftover after parsing attributes in process `syz.1.632'.
[  231.754686][ T7848] overlay: Unknown parameter 'pcr'
[  232.020204][ T7851] netlink: 4 bytes leftover after parsing attributes in process `syz.0.630'.
[  232.251939][ T7868] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  232.255062][ T7868] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  232.262455][ T7868] vhci_hcd vhci_hcd.0: Device attached
[  232.270394][ T7869] vhci_hcd: connection closed
[  232.270735][   T13] vhci_hcd: stop threads
[  232.274265][   T13] vhci_hcd: release socket
[  232.276137][   T13] vhci_hcd: disconnect device
[  232.660379][ T7876] overlayfs: failed to resolve './file0': -2
[  232.677715][ T7876] macvlan2: entered allmulticast mode
[  232.680784][ T7876] mac80211_hwsim hwsim14 wlan0: entered promiscuous mode
[  232.685314][ T7876] mac80211_hwsim hwsim14 wlan0: entered allmulticast mode
[  232.695821][ T7876] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  232.739820][ T7876] bond0: entered promiscuous mode
[  232.746833][ T7876] bond_slave_0: entered promiscuous mode
[  232.749628][ T7876] bond_slave_1: entered promiscuous mode
[  232.759593][ T7876] macvlan2: entered promiscuous mode
[  233.030815][ T7885] syz.0.640: attempt to access beyond end of device
[  233.030815][ T7885] loop0: rw=2048, sector=2, nr_sectors = 1 limit=0
[  233.054007][ T7887] FAULT_INJECTION: forcing a failure.
[  233.054007][ T7887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.057032][ T7885] hfsplus: unable to find HFS+ superblock
[  233.059572][ T7887] CPU: 0 UID: 0 PID: 7887 Comm: syz.3.642 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  233.059593][ T7887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  233.059602][ T7887] Call Trace:
[  233.059623][ T7887]  <TASK>
[  233.059629][ T7887]  dump_stack_lvl+0x16c/0x1f0
[  233.059658][ T7887]  should_fail_ex+0x497/0x5b0
[  233.059681][ T7887]  _copy_from_user+0x30/0xf0
[  233.059703][ T7887]  get_compat_msghdr+0xa8/0x170
[  233.059725][ T7887]  ? __pfx_get_compat_msghdr+0x10/0x10
[  233.059747][ T7887]  ? __pfx___lock_acquire+0x10/0x10
[  233.059772][ T7887]  ___sys_sendmsg+0x1b0/0x1e0
[  233.059796][ T7887]  ? __pfx____sys_sendmsg+0x10/0x10
[  233.089401][ T7887]  ? ksys_write+0x21c/0x260
[  233.091397][ T7887]  ? __fget_light+0x173/0x210
[  233.093428][ T7887]  __sys_sendmsg+0x117/0x1f0
[  233.095434][ T7887]  ? __pfx___sys_sendmsg+0x10/0x10
[  233.097655][ T7887]  __do_fast_syscall_32+0x73/0x120
[  233.099884][ T7887]  do_fast_syscall_32+0x32/0x80
[  233.101952][ T7887]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  233.104613][ T7887] RIP: 0023:0xf7f57579
[  233.106298][ T7887] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  233.114138][ T7887] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  233.117528][ T7887] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  233.120824][ T7887] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  233.124071][ T7887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  233.127367][ T7887] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  233.130577][ T7887] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  233.133848][ T7887]  </TASK>
[  233.310984][ T7890] netlink: 156 bytes leftover after parsing attributes in process `syz.3.643'.
[  233.322396][ T7890] fuse: Bad value for 'fd'
[  234.395962][ T7895] No control pipe specified
[  234.447818][ T7905] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  234.450799][ T7905] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  234.457218][ T7905] vhci_hcd vhci_hcd.0: Device attached
[  234.462867][ T7906] vhci_hcd: connection closed
[  234.463261][   T13] vhci_hcd: stop threads
[  234.485125][   T13] vhci_hcd: release socket
[  234.493914][   T13] vhci_hcd: disconnect device
[  234.849842][ T7921] overlay: Unknown parameter 'fscontext'
[  235.863787][ T7934] netlink: 20 bytes leftover after parsing attributes in process `syz.1.653'.
[  236.358680][ T7946] FAULT_INJECTION: forcing a failure.
[  236.358680][ T7946] name failslab, interval 1, probability 0, space 0, times 0
[  236.364759][ T7946] CPU: 0 UID: 0 PID: 7946 Comm: syz.2.655 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  236.369140][ T7946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  236.373844][ T7946] Call Trace:
[  236.375310][ T7946]  <TASK>
[  236.376496][ T7946]  dump_stack_lvl+0x16c/0x1f0
[  236.378470][ T7946]  should_fail_ex+0x497/0x5b0
[  236.380541][ T7946]  ? fs_reclaim_acquire+0xae/0x160
[  236.382770][ T7946]  should_failslab+0xc2/0x120
[  236.384846][ T7946]  __kmalloc_noprof+0xcb/0x410
[  236.386956][ T7946]  ? __pfx_lock_acquire+0x10/0x10
[  236.388984][ T7946]  tomoyo_realpath_from_path+0xbf/0x710
[  236.391314][ T7946]  ? tomoyo_profile+0x47/0x60
[  236.393403][ T7946]  tomoyo_path_number_perm+0x245/0x5b0
[  236.395845][ T7946]  ? tomoyo_path_number_perm+0x232/0x5b0
[  236.398356][ T7946]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  236.400902][ T7946]  ? __pfx_lock_release+0x10/0x10
[  236.403133][ T7946]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  236.405714][ T7946]  ? __fget_files+0x256/0x400
[  236.407829][ T7946]  security_file_ioctl_compat+0x75/0xc0
[  236.410289][ T7946]  __do_compat_sys_ioctl+0x5d/0x330
[  236.412424][ T7946]  __do_fast_syscall_32+0x73/0x120
[  236.414555][ T7946]  do_fast_syscall_32+0x32/0x80
[  236.416522][ T7946]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  236.418943][ T7946] RIP: 0023:0xf7f43579
[  236.420511][ T7946] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  236.427696][ T7946] RSP: 002b:00000000f569c56c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  236.431286][ T7946] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000000054a0
[  236.434764][ T7946] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  236.437816][ T7946] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  236.441202][ T7946] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  236.444789][ T7946] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  236.448108][ T7946]  </TASK>
[  236.455571][ T7946] ERROR: Out of memory at tomoyo_realpath_from_path.
[  236.558755][ T7950] netlink: 'syz.0.656': attribute type 29 has an invalid length.
[  236.849400][ T7952] FAULT_INJECTION: forcing a failure.
[  236.849400][ T7952] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.854536][ T7952] CPU: 3 UID: 0 PID: 7952 Comm: syz.3.657 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  236.858656][ T7952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  236.862867][ T7952] Call Trace:
[  236.864224][ T7952]  <TASK>
[  236.865409][ T7952]  dump_stack_lvl+0x16c/0x1f0
[  236.867295][ T7952]  should_fail_ex+0x497/0x5b0
[  236.869004][ T7952]  _copy_from_user+0x30/0xf0
[  236.870616][ T7952]  get_compat_msghdr+0xa8/0x170
[  236.872274][ T7952]  ? __pfx_get_compat_msghdr+0x10/0x10
[  236.874232][ T7952]  ? __pfx___lock_acquire+0x10/0x10
[  236.876296][ T7952]  ___sys_sendmsg+0x1b0/0x1e0
[  236.878160][ T7952]  ? __pfx____sys_sendmsg+0x10/0x10
[  236.880119][ T7952]  ? ksys_write+0x21c/0x260
[  236.881748][ T7952]  ? __fget_light+0x173/0x210
[  236.883425][ T7952]  __sys_sendmsg+0x117/0x1f0
[  236.885093][ T7952]  ? __pfx___sys_sendmsg+0x10/0x10
[  236.886921][ T7952]  __do_fast_syscall_32+0x73/0x120
[  236.888916][ T7952]  do_fast_syscall_32+0x32/0x80
[  236.890793][ T7952]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  236.893229][ T7952] RIP: 0023:0xf7f57579
[  236.894810][ T7952] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  236.902019][ T7952] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  236.905324][ T7952] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  236.908385][ T7952] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  236.911488][ T7952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  236.914618][ T7952] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  236.917530][ T7952] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  236.920205][ T7952]  </TASK>
[  237.877322][ T7967] netlink: 28 bytes leftover after parsing attributes in process `syz.1.660'.
[  239.287239][ T7986] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  239.289918][ T7986] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  239.293203][ T7986] vhci_hcd vhci_hcd.0: Device attached
[  239.298467][ T7987] vhci_hcd: connection closed
[  239.298836][ T1155] vhci_hcd: stop threads
[  239.302734][ T1155] vhci_hcd: release socket
[  239.305631][ T1155] vhci_hcd: disconnect device
[  242.357010][ T8008] evm: overlay not supported
[  242.365792][ T8008] FAULT_INJECTION: forcing a failure.
[  242.365792][ T8008] name failslab, interval 1, probability 0, space 0, times 0
[  242.371249][ T8008] CPU: 1 UID: 0 PID: 8008 Comm: syz.1.670 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  242.375795][ T8008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.380060][ T8008] Call Trace:
[  242.381464][ T8008]  <TASK>
[  242.382709][ T8008]  dump_stack_lvl+0x16c/0x1f0
[  242.384726][ T8008]  should_fail_ex+0x497/0x5b0
[  242.386565][ T8008]  ? fs_reclaim_acquire+0xae/0x160
[  242.388610][ T8008]  should_failslab+0xc2/0x120
[  242.390421][ T8008]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  242.392553][ T8008]  ? getname_flags.part.0+0x4c/0x550
[  242.394631][ T8008]  getname_flags.part.0+0x4c/0x550
[  242.396756][ T8008]  getname_flags+0x93/0xf0
[  242.398216][ T8008]  __ia32_sys_mkdirat+0x75/0xb0
[  242.400072][ T8008]  __do_fast_syscall_32+0x73/0x120
[  242.402018][ T8008]  do_fast_syscall_32+0x32/0x80
[  242.404061][ T8008]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.406408][ T8008] RIP: 0023:0xf748e579
[  242.408170][ T8008] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.416023][ T8008] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000128
[  242.419264][ T8008] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000340
[  242.422391][ T8008] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  242.425917][ T8008] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  242.429417][ T8008] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  242.432907][ T8008] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.436317][ T8008]  </TASK>
[  242.642621][   T39] audit: type=1326 audit(1723873694.875:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8009 comm="syz.1.671" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf748e579 code=0x0
[  243.000247][ T8025] syz.1.671: attempt to access beyond end of device
[  243.000247][ T8025] nbd1: rw=0, sector=16, nr_sectors = 8 limit=0
[  243.026753][ T8025] REISERFS warning (device nbd1): sh-2006 read_super_block: bread failed (dev nbd1, block 2, size 4096)
[  243.042282][ T8025] syz.1.671: attempt to access beyond end of device
[  243.042282][ T8025] nbd1: rw=0, sector=128, nr_sectors = 8 limit=0
[  243.053457][ T8025] REISERFS warning (device nbd1): sh-2006 read_super_block: bread failed (dev nbd1, block 16, size 4096)
[  243.078688][ T8025] REISERFS warning (device nbd1): sh-2021 reiserfs_fill_super: can not find reiserfs on nbd1
[  243.338626][ T8022] netlink: 20 bytes leftover after parsing attributes in process `syz.3.672'.
[  243.905331][ T8035] veth1_macvtap: entered allmulticast mode
[  245.246427][ T8045] netlink: 'syz.1.677': attribute type 29 has an invalid length.
[  245.341572][ T8047] netlink: 'syz.0.678': attribute type 29 has an invalid length.
[  245.469927][ T8044] wg2: entered promiscuous mode
[  245.474151][ T8044] wg2: entered allmulticast mode
[  246.504071][ T8066] FAULT_INJECTION: forcing a failure.
[  246.504071][ T8066] name failslab, interval 1, probability 0, space 0, times 0
[  246.509802][ T8066] CPU: 1 UID: 0 PID: 8066 Comm: syz.1.684 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  246.513902][ T8066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  246.518210][ T8066] Call Trace:
[  246.519695][ T8066]  <TASK>
[  246.520864][ T8066]  dump_stack_lvl+0x16c/0x1f0
[  246.522696][ T8066]  should_fail_ex+0x497/0x5b0
[  246.524587][ T8066]  ? fs_reclaim_acquire+0xae/0x160
[  246.526570][ T8066]  should_failslab+0xc2/0x120
[  246.528434][ T8066]  __kmalloc_noprof+0xcb/0x410
[  246.530269][ T8066]  ? __pfx_lock_acquire+0x10/0x10
[  246.532383][ T8066]  tomoyo_realpath_from_path+0xbf/0x710
[  246.534744][ T8066]  ? tomoyo_profile+0x47/0x60
[  246.536758][ T8066]  tomoyo_path_number_perm+0x245/0x5b0
[  246.539110][ T8066]  ? tomoyo_path_number_perm+0x232/0x5b0
[  246.541498][ T8066]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  246.544099][ T8066]  ? __pfx_lock_release+0x10/0x10
[  246.546280][ T8066]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  246.548840][ T8066]  ? __fget_files+0x256/0x400
[  246.550610][ T8066]  security_file_ioctl_compat+0x75/0xc0
[  246.552815][ T8066]  __do_compat_sys_ioctl+0x5d/0x330
[  246.555017][ T8066]  __do_fast_syscall_32+0x73/0x120
[  246.557084][ T8066]  do_fast_syscall_32+0x32/0x80
[  246.558894][ T8066]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  246.561682][ T8066] RIP: 0023:0xf748e579
[  246.563438][ T8066] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  246.571514][ T8066] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  246.574664][ T8066] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008038550a
[  246.578220][ T8066] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  246.581647][ T8066] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  246.584897][ T8066] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  246.588148][ T8066] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  246.591430][ T8066]  </TASK>
[  246.755146][ T8066] ERROR: Out of memory at tomoyo_realpath_from_path.
[  246.759572][ T8066] usb usb8: usbfs: process 8066 (syz.1.684) did not claim interface 0 before use
[  246.839413][ T8069] Context (ID=0x10) not attached to queue pair (handle=0x2:0x0)
[  246.887412][ T8071] FAULT_INJECTION: forcing a failure.
[  246.887412][ T8071] name failslab, interval 1, probability 0, space 0, times 0
[  246.893311][ T8071] CPU: 0 UID: 0 PID: 8071 Comm: syz.1.686 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  246.898046][ T8071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  246.902689][ T8071] Call Trace:
[  246.904209][ T8071]  <TASK>
[  246.905450][ T8071]  dump_stack_lvl+0x16c/0x1f0
[  246.909461][ T8071]  should_fail_ex+0x497/0x5b0
[  246.911714][ T8071]  ? fs_reclaim_acquire+0xae/0x160
[  246.914022][ T8071]  should_failslab+0xc2/0x120
[  246.916036][ T8071]  __kmalloc_noprof+0xcb/0x410
[  246.918403][ T8071]  ? __pfx_lock_acquire+0x10/0x10
[  246.920588][ T8071]  tomoyo_realpath_from_path+0xbf/0x710
[  246.922718][ T8071]  ? tomoyo_profile+0x47/0x60
[  246.924582][ T8071]  tomoyo_path_number_perm+0x245/0x5b0
[  246.926707][ T8071]  ? tomoyo_path_number_perm+0x232/0x5b0
[  246.928850][ T8071]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  246.931140][ T8071]  ? __pfx_lock_release+0x10/0x10
[  246.933086][ T8071]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  246.935620][ T8071]  ? __fget_files+0x256/0x400
[  246.937491][ T8071]  security_file_ioctl_compat+0x75/0xc0
[  246.939644][ T8071]  __do_compat_sys_ioctl+0x5d/0x330
[  246.941789][ T8071]  __do_fast_syscall_32+0x73/0x120
[  246.943943][ T8071]  do_fast_syscall_32+0x32/0x80
[  246.945809][ T8071]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  246.948417][ T8071] RIP: 0023:0xf748e579
[  246.950090][ T8071] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  246.957542][ T8071] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  246.960449][ T8071] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000000007a9
[  246.963461][ T8071] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  246.966948][ T8071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  246.970412][ T8071] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  246.973657][ T8071] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  246.976504][ T8071]  </TASK>
[  246.983088][ T8071] ERROR: Out of memory at tomoyo_realpath_from_path.
[  246.988243][ T8071] Context (ID=0x11) not attached to queue pair (handle=0x69662f2e:0x30656c)
[  248.055770][ T8074] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  248.375415][ T8087] FAULT_INJECTION: forcing a failure.
[  248.375415][ T8087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.386500][ T8087] CPU: 3 UID: 0 PID: 8087 Comm: syz.0.692 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  248.390968][ T8087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.395601][ T8087] Call Trace:
[  248.397017][ T8087]  <TASK>
[  248.398278][ T8087]  dump_stack_lvl+0x16c/0x1f0
[  248.400301][ T8087]  should_fail_ex+0x497/0x5b0
[  248.402333][ T8087]  _copy_from_user+0x30/0xf0
[  248.404404][ T8087]  get_compat_msghdr+0xa8/0x170
[  248.406514][ T8087]  ? __pfx_get_compat_msghdr+0x10/0x10
[  248.408917][ T8087]  ? __pfx___lock_acquire+0x10/0x10
[  248.410931][ T8087]  ___sys_sendmsg+0x1b0/0x1e0
[  248.412884][ T8087]  ? __pfx____sys_sendmsg+0x10/0x10
[  248.415208][ T8087]  ? ksys_write+0x21c/0x260
[  248.417190][ T8087]  ? __fget_light+0x173/0x210
[  248.419232][ T8087]  __sys_sendmsg+0x117/0x1f0
[  248.421290][ T8087]  ? __pfx___sys_sendmsg+0x10/0x10
[  248.423261][ T8087]  __do_fast_syscall_32+0x73/0x120
[  248.425418][ T8087]  do_fast_syscall_32+0x32/0x80
[  248.427542][ T8087]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  248.430114][ T8087] RIP: 0023:0xf7f9f579
[  248.431715][ T8087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  248.439351][ T8087] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  248.442775][ T8087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  248.446000][ T8087] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  248.449314][ T8087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  248.452623][ T8087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  248.455716][ T8087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  248.459029][ T8087]  </TASK>
[  248.519459][ T8088] netlink: 'syz.3.690': attribute type 29 has an invalid length.
[  249.414366][ T8093] netlink: 8 bytes leftover after parsing attributes in process `syz.3.694'.
[  249.433751][ T8093] bond1: entered promiscuous mode
[  249.683059][ T8098] FAULT_INJECTION: forcing a failure.
[  249.683059][ T8098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.688962][ T8098] CPU: 2 UID: 0 PID: 8098 Comm: syz.3.695 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  249.693562][ T8098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  249.698247][ T8098] Call Trace:
[  249.699722][ T8098]  <TASK>
[  249.701027][ T8098]  dump_stack_lvl+0x16c/0x1f0
[  249.703122][ T8098]  should_fail_ex+0x497/0x5b0
[  249.705240][ T8098]  _copy_from_user+0x30/0xf0
[  249.707343][ T8098]  io_submit_one+0xbc/0x1db0
[  249.709433][ T8098]  ? __pfx_io_submit_one+0x10/0x10
[  249.711589][ T8098]  ? __might_fault+0x13b/0x190
[  249.713658][ T8098]  ? __pfx___might_resched+0x10/0x10
[  249.716034][ T8098]  ? __ia32_compat_sys_io_submit+0x1af/0x390
[  249.718709][ T8098]  __ia32_compat_sys_io_submit+0x1af/0x390
[  249.721296][ T8098]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  249.724110][ T8098]  __do_fast_syscall_32+0x73/0x120
[  249.726056][ T8098]  do_fast_syscall_32+0x32/0x80
[  249.728111][ T8098]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  249.730895][ T8098] RIP: 0023:0xf7f57579
[  249.732721][ T8098] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  249.741154][ T8098] RSP: 002b:00000000f569356c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  249.744860][ T8098] RAX: ffffffffffffffda RBX: 00000000f56b5000 RCX: 0000000000000002
[  249.748320][ T8098] RDX: 0000000020000540 RSI: 0000000000000000 RDI: 0000000000000000
[  249.751758][ T8098] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  249.755249][ T8098] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  249.758692][ T8098] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  249.762188][ T8098]  </TASK>
[  250.778984][ T8102] netlink: 8 bytes leftover after parsing attributes in process `syz.3.696'.
[  250.849035][ T8102] netlink: 64 bytes leftover after parsing attributes in process `syz.3.696'.
[  251.196921][ T8108] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  251.200879][ T8108] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  251.204477][ T8108] vhci_hcd vhci_hcd.0: Device attached
[  251.236100][ T8109] vhci_hcd: connection closed
[  251.240748][   T64] vhci_hcd: stop threads
[  251.244871][   T64] vhci_hcd: release socket
[  251.257595][   T64] vhci_hcd: disconnect device
[  251.814580][ T8116] Bluetooth: MGMT ver 1.23
[  251.835006][ T8116] netlink: 24 bytes leftover after parsing attributes in process `syz.3.700'.
[  251.902527][ T8120] FAULT_INJECTION: forcing a failure.
[  251.902527][ T8120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.908521][ T8120] CPU: 2 UID: 0 PID: 8120 Comm: syz.1.701 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  251.913046][ T8120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.917797][ T8120] Call Trace:
[  251.919277][ T8120]  <TASK>
[  251.920594][ T8120]  dump_stack_lvl+0x16c/0x1f0
[  251.922670][ T8120]  should_fail_ex+0x497/0x5b0
[  251.924736][ T8120]  _copy_from_iter+0x27a/0xfc0
[  251.926812][ T8120]  ? find_held_lock+0x2d/0x110
[  251.928867][ T8120]  ? __pfx__copy_from_iter+0x10/0x10
[  251.931169][ T8120]  ? hlock_class+0x4e/0x130
[  251.933143][ T8120]  ? __lock_acquire+0xbdd/0x3cb0
[  251.935297][ T8120]  tun_get_user+0x245/0x3c20
[  251.937341][ T8120]  ? __pfx_tun_get_user+0x10/0x10
[  251.939542][ T8120]  ? find_held_lock+0x2d/0x110
[  251.941627][ T8120]  ? __pfx_lock_release+0x10/0x10
[  251.943870][ T8120]  tun_chr_write_iter+0xe8/0x210
[  251.946061][ T8120]  vfs_write+0x6b6/0x1140
[  251.947988][ T8120]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  251.950416][ T8120]  ? __pfx_vfs_write+0x10/0x10
[  251.952515][ T8120]  ? __fget_files+0x256/0x400
[  251.954595][ T8120]  ? __fget_light+0x173/0x210
[  251.956708][ T8120]  ksys_write+0x12f/0x260
[  251.958707][ T8120]  ? __pfx_ksys_write+0x10/0x10
[  251.960919][ T8120]  __do_fast_syscall_32+0x73/0x120
[  251.963190][ T8120]  do_fast_syscall_32+0x32/0x80
[  251.965364][ T8120]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  251.967903][ T8120] RIP: 0023:0xf748e579
[  251.969695][ T8120] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  251.977340][ T8120] RSP: 002b:00000000f577556c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  251.981064][ T8120] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000240
[  251.984569][ T8120] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[  251.988106][ T8120] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  251.991408][ T8120] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  251.994406][ T8120] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  251.997425][ T8120]  </TASK>
[  252.411819][ T8124] netlink: 'syz.0.702': attribute type 29 has an invalid length.
[  252.823693][ T8129] FAULT_INJECTION: forcing a failure.
[  252.823693][ T8129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  252.839941][ T8129] CPU: 2 UID: 0 PID: 8129 Comm: syz.1.704 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  252.844617][ T8129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  252.849325][ T8129] Call Trace:
[  252.850828][ T8129]  <TASK>
[  252.852156][ T8129]  dump_stack_lvl+0x16c/0x1f0
[  252.854322][ T8129]  should_fail_ex+0x497/0x5b0
[  252.856348][ T8129]  _copy_from_user+0x30/0xf0
[  252.858418][ T8129]  get_compat_msghdr+0xa8/0x170
[  252.860532][ T8129]  ? __pfx_get_compat_msghdr+0x10/0x10
[  252.862887][ T8129]  ? __pfx___lock_acquire+0x10/0x10
[  252.865145][ T8129]  ___sys_sendmsg+0x1b0/0x1e0
[  252.867229][ T8129]  ? __pfx____sys_sendmsg+0x10/0x10
[  252.869511][ T8129]  ? ksys_write+0x21c/0x260
[  252.871504][ T8129]  ? __fget_light+0x173/0x210
[  252.873500][ T8129]  __sys_sendmsg+0x117/0x1f0
[  252.875528][ T8129]  ? __pfx___sys_sendmsg+0x10/0x10
[  252.877554][ T8129]  __do_fast_syscall_32+0x73/0x120
[  252.879522][ T8129]  do_fast_syscall_32+0x32/0x80
[  252.881301][ T8129]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  252.883592][ T8129] RIP: 0023:0xf748e579
[  252.885328][ T8129] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  252.893386][ T8129] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  252.896809][ T8129] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  252.899680][ T8129] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  252.902554][ T8129] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  252.905835][ T8129] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  252.908728][ T8129] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  252.911584][ T8129]  </TASK>
[  255.254507][ T8160] FAULT_INJECTION: forcing a failure.
[  255.254507][ T8160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.267574][ T8160] CPU: 1 UID: 0 PID: 8160 Comm: syz.3.713 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  255.272904][ T8160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.277743][ T8160] Call Trace:
[  255.279256][ T8160]  <TASK>
[  255.280744][ T8160]  dump_stack_lvl+0x16c/0x1f0
[  255.282568][ T8160]  should_fail_ex+0x497/0x5b0
[  255.284716][ T8160]  _copy_from_user+0x30/0xf0
[  255.286811][ T8160]  get_compat_msghdr+0xa8/0x170
[  255.288903][ T8160]  ? __pfx_get_compat_msghdr+0x10/0x10
[  255.291115][ T8160]  ? __pfx___lock_acquire+0x10/0x10
[  255.293065][ T8160]  ___sys_sendmsg+0x1b0/0x1e0
[  255.295334][ T8160]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.297709][ T8160]  ? ksys_write+0x21c/0x260
[  255.299826][ T8160]  ? __fget_light+0x173/0x210
[  255.301901][ T8160]  __sys_sendmsg+0x117/0x1f0
[  255.303867][ T8160]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.305882][ T8160]  __do_fast_syscall_32+0x73/0x120
[  255.307804][ T8160]  do_fast_syscall_32+0x32/0x80
[  255.309453][ T8160]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.311582][ T8160] RIP: 0023:0xf7f57579
[  255.313052][ T8160] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  255.321545][ T8160] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  255.325141][ T8160] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  255.328200][ T8160] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  255.331505][ T8160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.334357][ T8160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  255.337279][ T8160] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.340485][ T8160]  </TASK>
[  255.581263][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  255.584188][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[  255.682941][ T8168] netlink: 'syz.3.715': attribute type 29 has an invalid length.
[  257.964425][ T8180] 9pnet_fd: p9_fd_create_tcp (8180): problem connecting socket to 127.0.0.1
[  257.985312][ T8184] 9pnet_fd: p9_fd_create_tcp (8184): problem connecting socket to 127.0.0.1
[  259.224378][ T8200] netlink: 'syz.3.724': attribute type 29 has an invalid length.
[  260.926218][ T8221] netlink: 8 bytes leftover after parsing attributes in process `syz.0.731'.
[  260.948102][ T8221] bond1: entered promiscuous mode
[  261.351090][ T8229] netlink: 16 bytes leftover after parsing attributes in process `syz.0.734'.
[  261.353908][ T8228] netlink: 'syz.3.733': attribute type 29 has an invalid length.
[  262.780053][ T5352] Bluetooth: hci3: command 0x0406 tx timeout
[  265.443163][ T8275] veth1_macvtap: entered allmulticast mode
[  265.666523][ T8281] netlink: 'syz.1.747': attribute type 29 has an invalid length.
[  269.954466][ T8319] netlink: 20 bytes leftover after parsing attributes in process `syz.1.758'.
[  270.249714][ T8324] veth1_macvtap: entered allmulticast mode
[  271.063765][ T8329] netlink: 28 bytes leftover after parsing attributes in process `syz.0.769'.
[  272.447715][ T8347] bridge_slave_0: default FDB implementation only supports local addresses
[  275.696843][ T8376] tmpfs: Bad value for 'mpol'
[  277.420564][ T8394] bridge_slave_0: default FDB implementation only supports local addresses
[  279.361965][ T8410] netlink: 'syz.1.788': attribute type 29 has an invalid length.
[  280.844557][   T39] audit: type=1326 audit(1723873733.075:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8420 comm="syz.2.791" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f43579 code=0x0
[  280.988924][ T5408] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  281.168273][ T5408] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  281.172383][ T5408] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  281.183176][ T5408] usb 6-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  281.188460][ T5408] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.192105][ T5408] usb 6-1: Product: syz
[  281.193976][ T5408] usb 6-1: Manufacturer: syz
[  281.196035][ T5408] usb 6-1: SerialNumber: syz
[  281.202784][ T5408] usb 6-1: config 0 descriptor??
[  281.206080][ T8423] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  281.210264][ T8423] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  281.695506][ T5408] dm9601 6-1:0.0: probe with driver dm9601 failed with error -71
[  281.722327][ T5408] usb 6-1: USB disconnect, device number 11
[  281.834319][ T8433] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  281.837216][ T8433] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  281.845275][ T8433] vhci_hcd vhci_hcd.0: Device attached
[  281.849348][ T8436] vhci_hcd: connection closed
[  281.849543][ T1104] vhci_hcd: stop threads
[  281.853056][ T1104] vhci_hcd: release socket
[  281.854739][ T1104] vhci_hcd: disconnect device
[  282.462027][ T8444] netlink: 'syz.1.795': attribute type 29 has an invalid length.
[  283.361899][ T8459] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  283.365015][ T8459] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  283.368808][ T8459] vhci_hcd vhci_hcd.0: Device attached
[  283.391980][ T8460] vhci_hcd: connection closed
[  283.396805][ T1104] vhci_hcd: stop threads
[  283.400596][ T1104] vhci_hcd: release socket
[  283.402518][ T1104] vhci_hcd: disconnect device
[  284.674807][ T8475] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  284.677535][ T8475] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  284.683345][ T8475] vhci_hcd vhci_hcd.0: Device attached
[  284.690945][ T8476] vhci_hcd: connection closed
[  284.691567][ T4496] vhci_hcd: stop threads
[  284.695692][ T4496] vhci_hcd: release socket
[  284.699701][ T4496] vhci_hcd: disconnect device
[  287.184217][   T39] audit: type=1326 audit(1723873739.415:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8500 comm="syz.0.809" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x0
[  288.783623][ T8528] netlink: 'syz.3.819': attribute type 29 has an invalid length.
[  291.663072][ T8555] vivid-000: disconnect
[  291.665675][ T8555] vivid-000: reconnect
[  296.176491][ T8615] vivid-000: disconnect
[  296.181753][ T8615] vivid-000: reconnect
[  296.515083][ T8621] netlink: 'syz.0.839': attribute type 29 has an invalid length.
[  297.596852][   T25] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  297.747394][   T25] usb 5-1: device descriptor read/64, error -71
[  298.026787][   T25] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  298.186738][   T25] usb 5-1: device descriptor read/64, error -71
[  298.307287][   T25] usb usb5-port1: attempt power cycle
[  298.636994][ T5355] Bluetooth: hci2: link tx timeout
[  298.641642][ T5355] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.766741][   T25] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  298.797885][   T25] usb 5-1: device descriptor read/8, error -71
[  299.077457][   T25] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  299.117717][   T25] usb 5-1: device descriptor read/8, error -71
[  299.250672][   T25] usb usb5-port1: unable to enumerate USB device
[  299.664964][ T8649] netlink: 'syz.1.850': attribute type 29 has an invalid length.
[  300.698541][ T5352] Bluetooth: hci2: command 0x0406 tx timeout
[  304.146091][ T8692] netlink: 'syz.2.861': attribute type 29 has an invalid length.
[  304.151361][ T8691] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  304.154182][ T8691] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  304.159545][ T8691] vhci_hcd vhci_hcd.0: Device attached
[  304.182463][ T8693] vhci_hcd: connection closed
[  304.182837][   T64] vhci_hcd: stop threads
[  304.185065][   T64] vhci_hcd: release socket
[  304.192848][   T64] vhci_hcd: disconnect device
[  304.965045][ T8703] netlink: 'syz.0.863': attribute type 29 has an invalid length.
[  305.014062][ T8705] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  305.016829][ T8705] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  305.021790][ T8705] vhci_hcd vhci_hcd.0: Device attached
[  305.032076][ T8706] vhci_hcd: connection closed
[  305.032217][   T64] vhci_hcd: stop threads
[  305.035569][   T64] vhci_hcd: release socket
[  305.038402][   T64] vhci_hcd: disconnect device
[  309.010418][ T8739] netlink: 'syz.3.874': attribute type 29 has an invalid length.
[  309.189249][ T8742] netlink: 'syz.1.875': attribute type 29 has an invalid length.
[  310.530318][ T8754] netlink: 'syz.1.886': attribute type 29 has an invalid length.
[  311.694192][ T8761] netlink: 'syz.1.880': attribute type 29 has an invalid length.
[  312.212189][ T8764] netlink: 'syz.2.881': attribute type 29 has an invalid length.
[  315.805758][ T8793] netlink: 'syz.3.890': attribute type 29 has an invalid length.
[  317.020845][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  317.023503][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[  320.221354][   T11] kworker/u32:0 (11) used greatest stack depth: 20304 bytes left
[  322.222153][ T8850] netlink: 'syz.1.907': attribute type 29 has an invalid length.
[  323.889381][ T8861] netlink: 'syz.0.910': attribute type 29 has an invalid length.
[  325.091125][ T8874] FAULT_INJECTION: forcing a failure.
[  325.091125][ T8874] name failslab, interval 1, probability 0, space 0, times 0
[  325.096392][ T8874] CPU: 0 UID: 0 PID: 8874 Comm: syz.1.915 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  325.100559][ T8874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  325.105079][ T8874] Call Trace:
[  325.106532][ T8874]  <TASK>
[  325.107712][ T8874]  dump_stack_lvl+0x16c/0x1f0
[  325.109816][ T8874]  should_fail_ex+0x497/0x5b0
[  325.112079][ T8874]  ? fs_reclaim_acquire+0xae/0x160
[  325.114298][ T8874]  should_failslab+0xc2/0x120
[  325.116298][ T8874]  __kmalloc_cache_noprof+0x6b/0x310
[  325.118542][ T8874]  ? device_add+0xccf/0x1a70
[  325.120543][ T8874]  device_add+0xccf/0x1a70
[  325.122477][ T8874]  ? lockdep_init_map_type+0x16d/0x7d0
[  325.124816][ T8874]  ? __pfx_device_add+0x10/0x10
[  325.126926][ T8874]  ? __init_waitqueue_head+0xca/0x150
[  325.129132][ T8874]  tty_register_device_attr+0x38f/0x7c0
[  325.131488][ T8874]  ? __pfx_tty_register_device_attr+0x10/0x10
[  325.134085][ T8874]  rfcomm_dev_ioctl+0x1849/0x1e70
[  325.136256][ T8874]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[  325.138376][ T8874]  ? __pfx_lock_release+0x10/0x10
[  325.140286][ T8874]  ? mark_held_locks+0x9f/0xe0
[  325.142105][ T8874]  ? rfcomm_sock_compat_ioctl+0xac/0xe0
[  325.144190][ T8874]  ? __local_bh_enable_ip+0xa4/0x120
[  325.146197][ T8874]  rfcomm_sock_compat_ioctl+0xba/0xe0
[  325.148223][ T8874]  compat_sock_ioctl+0x181/0x7f0
[  325.150130][ T8874]  ? __pfx_rfcomm_sock_compat_ioctl+0x10/0x10
[  325.152755][ T8874]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  325.155178][ T8874]  ? __fget_files+0x256/0x400
[  325.157563][ T8874]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  325.160010][ T8874]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  325.162564][ T8874]  __do_compat_sys_ioctl+0x2c3/0x330
[  325.164872][ T8874]  __do_fast_syscall_32+0x73/0x120
[  325.165750][ T8875] netlink: 'syz.3.914': attribute type 29 has an invalid length.
[  325.167125][ T8874]  do_fast_syscall_32+0x32/0x80
[  325.167184][ T8874]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  325.167212][ T8874] RIP: 0023:0xf748e579
[  325.167226][ T8874] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  325.167243][ T8874] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  325.167268][ T8874] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000400452c8
[  325.192255][ T8874] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000
[  325.195584][ T8874] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  325.198844][ T8874] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  325.202209][ T8874] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  325.205564][ T8874]  </TASK>
[  326.106412][ T8884] netlink: 'syz.0.918': attribute type 29 has an invalid length.
[  326.577537][ T8889] netlink: 8 bytes leftover after parsing attributes in process `syz.1.920'.
[  326.915023][ T8897] netlink: 12 bytes leftover after parsing attributes in process `syz.0.923'.
[  326.985452][ T8896] bond2: entered allmulticast mode
[  327.013463][ T8898] bond2 (unregistering): left allmulticast mode
[  327.023416][ T8898] bond2 (unregistering): Released all slaves
[  327.082742][ T8900] netlink: 'syz.1.922': attribute type 29 has an invalid length.
[  327.480333][ T8903] netlink: 'syz.0.924': attribute type 29 has an invalid length.
[  329.112591][ T8922] IPVS: length: 258 != 24
[  329.159571][ T8926] SET target dimension over the limit!
[  329.166874][ T8926] netlink: 28 bytes leftover after parsing attributes in process `syz.1.932'.
[  329.173321][ T5355] Bluetooth: hci2: unexpected event 0x01 length: 4 > 1
[  329.782327][ T8937] netlink: 'syz.1.934': attribute type 29 has an invalid length.
[  331.210693][ T8947] netlink: 'syz.2.937': attribute type 29 has an invalid length.
[  331.877217][ T5355] Bluetooth: hci3: unexpected subevent 0x22 length: 12 < 19
[  332.346951][   T56] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  332.786846][   T56] usb 5-1: Using ep0 maxpacket: 8
[  332.816106][   T56] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  332.819629][   T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.822999][   T56] usb 5-1: Product: syz
[  332.824918][   T56] usb 5-1: Manufacturer: syz
[  332.827293][   T56] usb 5-1: SerialNumber: syz
[  333.161103][ T8949] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  333.786746][ T1992] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  333.956732][ T8994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.949'.
[  333.960878][ T8994] netlink: 16 bytes leftover after parsing attributes in process `syz.3.949'.
[  333.969502][ T8994] gtp0: entered promiscuous mode
[  333.971773][ T8994] gtp0: entered allmulticast mode
[  333.977103][ T1992] usb 7-1: Using ep0 maxpacket: 8
[  333.998850][ T1992] usb 7-1: config 0 has an invalid interface number: 52 but max is 0
[  334.002613][ T1992] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  334.008316][ T1992] usb 7-1: config 0 has no interface number 0
[  334.011511][ T1992] usb 7-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  334.016458][ T1992] usb 7-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  334.021000][ T1992] usb 7-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  334.026394][ T1992] usb 7-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  334.032048][ T1992] usb 7-1: config 0 interface 52 has no altsetting 0
[  334.035173][ T1992] usb 7-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  334.039833][ T1992] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.070187][ T1992] usb 7-1: config 0 descriptor??
[  334.333929][ T1992] usb 7-1: Can not set alternate setting to 1, error: -71
[  334.340356][ T1992] synaptics_usb 7-1:0.52: probe with driver synaptics_usb failed with error -71
[  334.374861][ T1992] usb 7-1: USB disconnect, device number 10
[  334.861177][   T56] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  334.878165][   T56] usb 5-1: USB disconnect, device number 10
[  334.886021][   T56] usblp0: removed
[  336.062058][ T9015] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  336.997180][ T9040] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  337.000142][ T9040] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  337.004876][ T9040] vhci_hcd vhci_hcd.0: Device attached
[  337.169838][ T9043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  337.197733][ T9044] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 0, id = 0
[  337.277224][ T5350] usb 17-1: new high-speed USB device number 2 using vhci_hcd
[  337.459396][ T9041] vhci_hcd: connection closed
[  337.459708][ T1155] vhci_hcd: stop threads
[  337.463547][ T1155] vhci_hcd: release socket
[  337.465553][ T1155] vhci_hcd: disconnect device
[  338.194440][   T39] audit: type=1326 audit(1723873790.425:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9051 comm="syz.2.967" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f43579 code=0x0
[  338.305710][ T9056] netlink: 3 bytes leftover after parsing attributes in process `syz.2.967'.
[  338.819410][ T9069] netlink: 'syz.3.971': attribute type 29 has an invalid length.
[  339.338877][ T9072] FAULT_INJECTION: forcing a failure.
[  339.338877][ T9072] name failslab, interval 1, probability 0, space 0, times 0
[  339.343726][ T9072] CPU: 3 UID: 0 PID: 9072 Comm: syz.1.973 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  339.347694][ T9072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  339.351734][ T9072] Call Trace:
[  339.353013][ T9072]  <TASK>
[  339.354159][ T9072]  dump_stack_lvl+0x16c/0x1f0
[  339.356049][ T9072]  should_fail_ex+0x497/0x5b0
[  339.357829][ T9072]  ? fs_reclaim_acquire+0xae/0x160
[  339.359518][ T9072]  should_failslab+0xc2/0x120
[  339.361281][ T9072]  kmem_cache_alloc_node_noprof+0x71/0x310
[  339.363321][ T9072]  ? __alloc_skb+0x2b3/0x380
[  339.365068][ T9072]  __alloc_skb+0x2b3/0x380
[  339.366911][ T9072]  ? __pfx___alloc_skb+0x10/0x10
[  339.369004][ T9072]  ? genl_rcv_msg+0x520/0x800
[  339.370917][ T9072]  ? genl_rcv_msg+0x4bd/0x800
[  339.372733][ T9072]  netlink_ack+0x164/0xb20
[  339.374620][ T9072]  netlink_rcv_skb+0x327/0x410
[  339.380218][ T9072]  ? __pfx_genl_rcv_msg+0x10/0x10
[  339.382422][ T9072]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  339.384756][ T9072]  ? down_read+0xc9/0x330
[  339.386673][ T9072]  ? __pfx_down_read+0x10/0x10
[  339.388817][ T9072]  ? netlink_deliver_tap+0x1ae/0xcf0
[  339.391242][ T9072]  genl_rcv+0x28/0x40
[  339.393003][ T9072]  netlink_unicast+0x53c/0x7f0
[  339.395107][ T9072]  ? __pfx_netlink_unicast+0x10/0x10
[  339.397401][ T9072]  ? __phys_addr_symbol+0x30/0x80
[  339.399641][ T9072]  ? __check_object_size+0x497/0x720
[  339.402185][ T9072]  netlink_sendmsg+0x8b8/0xd70
[  339.404308][ T9072]  ? __pfx_netlink_sendmsg+0x10/0x10
[  339.406632][ T9072]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  339.408916][ T9072]  ____sys_sendmsg+0x9b4/0xb50
[  339.411002][ T9072]  ? __pfx_____sys_sendmsg+0x10/0x10
[  339.413308][ T9072]  ? get_compat_msghdr+0x11b/0x170
[  339.415651][ T9072]  ? __pfx___lock_acquire+0x10/0x10
[  339.418171][ T9072]  ___sys_sendmsg+0x135/0x1e0
[  339.420279][ T9072]  ? __pfx____sys_sendmsg+0x10/0x10
[  339.422565][ T9072]  ? ksys_write+0x21c/0x260
[  339.424575][ T9072]  ? __fget_light+0x173/0x210
[  339.426599][ T9072]  __sys_sendmsg+0x117/0x1f0
[  339.428081][ T9072]  ? __pfx___sys_sendmsg+0x10/0x10
[  339.430275][ T9072]  __do_fast_syscall_32+0x73/0x120
[  339.432495][ T9072]  do_fast_syscall_32+0x32/0x80
[  339.434609][ T9072]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  339.437329][ T9072] RIP: 0023:0xf748e579
[  339.439218][ T9072] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  339.447424][ T9072] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  339.450802][ T9072] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180
[  339.454245][ T9072] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  339.457666][ T9072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  339.461106][ T9072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  339.464635][ T9072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  339.468117][ T9072]  </TASK>
[  340.544993][ T9091] 9pnet_fd: Insufficient options for proto=fd
[  342.401519][ T5350] vhci_hcd: vhci_device speed not set
[  342.523023][ T9122] netlink: 'syz.3.985': attribute type 29 has an invalid length.
[  342.806745][   T57] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  342.987918][   T57] usb 5-1: Using ep0 maxpacket: 8
[  343.004092][   T57] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[  343.007738][   T57] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  343.011836][   T57] usb 5-1: config 0 has no interface number 0
[  343.027641][   T57] usb 5-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  343.032740][   T57] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  343.040806][   T57] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  343.046259][   T57] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  343.058189][   T57] usb 5-1: config 0 interface 52 has no altsetting 0
[  343.079834][   T57] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  343.083752][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.098892][   T57] usb 5-1: config 0 descriptor??
[  343.410603][   T57] usb 5-1: Can not set alternate setting to 1, error: -71
[  343.446394][   T57] synaptics_usb 5-1:0.52: probe with driver synaptics_usb failed with error -71
[  343.476772][   T57] usb 5-1: USB disconnect, device number 11
[  344.959750][ T9198] netlink: 'syz.0.999': attribute type 29 has an invalid length.
[  345.959794][ T9214] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1005'.
[  345.964182][ T9214] (unnamed net_device) (uninitialized): (slave gre0): Device is not bonding slave
[  345.968540][ T9214] (unnamed net_device) (uninitialized): option active_slave: invalid value (gre0)
[  346.437397][ T5385] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  346.616787][ T5385] usb 5-1: Using ep0 maxpacket: 32
[  346.627191][ T5385] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  346.631960][ T5385] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  346.658466][ T5385] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  346.669065][ T5385] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  346.673142][ T5385] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  346.689202][ T5385] usb 5-1: Product: syz
[  346.691089][ T5385] usb 5-1: Manufacturer: syz
[  346.693372][ T5385] usb 5-1: SerialNumber: syz
[  346.708704][ T9218] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  346.730810][ T5385] input: appletouch as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/input/input15
[  346.975401][ T9222] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1008'.
[  346.979681][ T9222] (unnamed net_device) (uninitialized): (slave ip6tnl0): Device is not bonding slave
[  346.983949][ T9222] (unnamed net_device) (uninitialized): option active_slave: invalid value (ip6tnl0)
[  346.993819][    C3] appletouch 5-1:1.0: atp_complete: usb_submit_urb failed with result -1
[  347.001922][ T5350] usb 5-1: USB disconnect, device number 12
[  347.028944][ T5350] appletouch 5-1:1.0: input: appletouch disconnected
[  347.279019][ T1992] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  347.400083][ T9231] 9pnet_fd: Insufficient options for proto=fd
[  347.469277][ T1992] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  347.472939][ T1992] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  347.477542][ T1992] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  347.481662][ T1992] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87
[  347.485671][ T1992] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  347.492512][ T1992] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  347.496169][ T1992] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  347.499654][ T1992] usb 6-1: Product: syz
[  347.501412][ T1992] usb 6-1: Manufacturer: syz
[  347.505894][ T1992] cdc_wdm 6-1:1.0: skipping garbage
[  347.508182][ T1992] cdc_wdm 6-1:1.0: skipping garbage
[  347.511122][ T1992] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  347.513687][ T1992] cdc_wdm 6-1:1.0: Unknown control protocol
[  347.689303][ T9242] netlink: 'syz.0.1014': attribute type 29 has an invalid length.
[  347.710527][ T1992] usb 6-1: USB disconnect, device number 12
[  348.326796][ T1992] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  348.492224][   T39] audit: type=1326 audit(1723874056.719:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.501794][   T39] audit: type=1326 audit(1723874056.719:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.517167][   T39] audit: type=1326 audit(1723874056.729:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=275 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.540426][ T1992] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  348.544737][ T1992] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  348.548174][   T39] audit: type=1326 audit(1723874056.729:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.555511][ T1992] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  348.588269][ T1992] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87
[  348.592159][   T39] audit: type=1326 audit(1723874056.729:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.592869][ T1992] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  348.621501][ T1992] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  348.625309][ T1992] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  348.626718][   T39] audit: type=1326 audit(1723874056.729:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.629355][ T1992] usb 6-1: Product: syz
[  348.644832][ T1992] usb 6-1: Manufacturer: syz
[  348.665553][   T39] audit: type=1326 audit(1723874056.729:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.665713][ T1992] cdc_wdm 6-1:1.0: skipping garbage
[  348.681401][   T39] audit: type=1326 audit(1723874056.729:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.691241][   T39] audit: type=1326 audit(1723874056.739:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.701386][   T39] audit: type=1326 audit(1723874056.739:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9251 comm="syz.0.1017" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7ffc0000
[  348.747422][ T1992] cdc_wdm 6-1:1.0: skipping garbage
[  348.760248][ T1992] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  348.763035][ T1992] cdc_wdm 6-1:1.0: Unknown control protocol
[  349.989559][ T1992] usb 6-1: USB disconnect, device number 13
[  350.790434][ T9283] netlink: 'syz.1.1025': attribute type 29 has an invalid length.
[  353.293252][ T9305] veth0_to_hsr: mtu less than device minimum
[  353.737080][ T6654] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  353.916810][ T6654] usb 7-1: Using ep0 maxpacket: 8
[  353.921983][ T6654] usb 7-1: config 0 has an invalid interface number: 52 but max is 0
[  353.925540][ T6654] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  353.929347][ T9323] mac80211_hwsim hwsim15 wlan1: entered allmulticast mode
[  353.936688][ T6654] usb 7-1: config 0 has no interface number 0
[  353.939239][ T6654] usb 7-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  353.953885][ T9324] netlink: 'syz.3.1038': attribute type 10 has an invalid length.
[  353.953962][ T6654] usb 7-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  353.958392][ T9324] mac80211_hwsim hwsim15 wlan1: left allmulticast mode
[  353.966136][ T6654] usb 7-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  353.976286][ T9324] team0: Port device wlan1 added
[  353.981862][ T6654] usb 7-1: config 0 interface 52 has no altsetting 0
[  353.987528][ T6654] usb 7-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00
[  353.991329][ T6654] usb 7-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35
[  353.995231][ T6654] usb 7-1: Product: syz
[  353.997068][ T6654] usb 7-1: SerialNumber: syz
[  354.006045][ T6654] usb 7-1: config 0 descriptor??
[  354.283422][ T6654] input: syz (Stick) as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.52/input/input16
[  354.299748][ T4817] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  354.312258][ T4817] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  354.352978][ T4817] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  354.362180][ T4817] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  354.434004][ T4817] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  354.442884][ T4817] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  354.454443][ T8996] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  354.494835][ T4817] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  354.623100][ T9330] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  354.663959][ T6654] usb 7-1: USB disconnect, device number 11
[  355.615555][ T9352] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1047'.
[  355.624244][ T9352] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1047'.
[  355.942257][ T9355] FAULT_INJECTION: forcing a failure.
[  355.942257][ T9355] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.948977][ T9355] CPU: 0 UID: 0 PID: 9355 Comm: syz.0.1048 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  355.953031][ T9355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  355.957353][ T9355] Call Trace:
[  355.958612][ T9355]  <TASK>
[  355.960039][ T9355]  dump_stack_lvl+0x16c/0x1f0
[  355.962283][ T9355]  should_fail_ex+0x497/0x5b0
[  355.964214][ T9355]  _copy_to_user+0x30/0xc0
[  355.966354][ T9355]  simple_read_from_buffer+0xd0/0x160
[  355.968468][ T9355]  proc_fail_nth_read+0x19e/0x280
[  355.970719][ T9355]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  355.972919][ T9355]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  355.975037][ T9355]  vfs_read+0x1d4/0xbd0
[  355.976656][ T9355]  ? __pfx_lock_release+0x10/0x10
[  355.978806][ T9355]  ? __fdget_pos+0xeb/0x180
[  355.980766][ T9355]  ? __pfx_vfs_read+0x10/0x10
[  355.983012][ T9355]  ? __pfx___mutex_lock+0x10/0x10
[  355.985211][ T9355]  ? __fget_files+0x256/0x400
[  355.987299][ T9355]  ksys_read+0x12f/0x260
[  355.989116][ T9355]  ? __pfx_ksys_read+0x10/0x10
[  355.991194][ T9355]  ? syscall_user_dispatch+0x77/0x140
[  355.993544][ T9355]  __do_fast_syscall_32+0x73/0x120
[  355.995725][ T9355]  do_fast_syscall_32+0x32/0x80
[  355.997936][ T9355]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  356.000555][ T9355] RIP: 0023:0xf7f9f579
[  356.002264][ T9355] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  356.009499][ T9355] RSP: 002b:00000000f57465a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  356.013084][ T9355] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f5746620
[  356.016634][ T9355] RDX: 000000000000000f RSI: 00000000f7430ff4 RDI: 0000000000000000
[  356.019617][ T9355] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  356.022948][ T9355] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  356.026257][ T9355] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  356.029166][ T9355]  </TASK>
[  356.199029][ T9359] program syz.0.1049 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  358.027803][ T9392] FAULT_INJECTION: forcing a failure.
[  358.027803][ T9392] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  358.036943][ T9392] CPU: 1 UID: 0 PID: 9392 Comm: syz.3.1060 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  358.041462][ T9392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.046012][ T9392] Call Trace:
[  358.047447][ T9392]  <TASK>
[  358.048730][ T9392]  dump_stack_lvl+0x16c/0x1f0
[  358.050761][ T9392]  should_fail_ex+0x497/0x5b0
[  358.052772][ T9392]  copy_fpstate_to_sigframe+0x812/0xaa0
[  358.055139][ T9392]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  358.057692][ T9392]  ? find_held_lock+0x2d/0x110
[  358.059544][ T9392]  get_sigframe+0x455/0x930
[  358.061501][ T9392]  ? __pfx_get_sigframe+0x10/0x10
[  358.063656][ T9392]  ? _raw_spin_unlock_irq+0x23/0x50
[  358.065868][ T9392]  ? siginfo_layout+0x1d2/0x290
[  358.067940][ T9392]  ia32_setup_rt_frame+0xe4/0xb20
[  358.070115][ T9392]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  358.072494][ T9392]  ? __mutex_unlock_slowpath+0x164/0x650
[  358.074894][ T9392]  arch_do_signal_or_restart+0x47b/0x7e0
[  358.077264][ T9392]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  358.079876][ T9392]  ? ksys_write+0x1ab/0x260
[  358.081847][ T9392]  ? __pfx_ksys_write+0x10/0x10
[  358.083939][ T9392]  syscall_exit_to_user_mode+0x150/0x2a0
[  358.086319][ T9392]  __do_fast_syscall_32+0x80/0x120
[  358.088469][ T9392]  do_fast_syscall_32+0x32/0x80
[  358.090579][ T9392]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.093260][ T9392] RIP: 0023:0xf7f57579
[  358.095032][ T9392] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  358.103125][ T9392] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  358.106629][ T9392] RAX: 0000000000000007 RBX: 0000000000000000 RCX: 00000000200009c0
[  358.109974][ T9392] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  358.113303][ T9392] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.116615][ T9392] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  358.119951][ T9392] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.123174][ T9392]  </TASK>
[  358.772475][   T39] kauditd_printk_skb: 10 callbacks suppressed
[  358.772491][   T39] audit: type=1326 audit(1723874323.008:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9410 comm="syz.3.1063" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x0
[  358.885328][ T9416] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1063'.
[  358.892415][ T9416] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1063'.
[  358.897425][ T9416] netlink: 'syz.3.1063': attribute type 5 has an invalid length.
[  358.902273][ T9416] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1063'.
[  362.329462][ T9483] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1084'.
[  366.107826][ T9540] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  366.110929][ T9540] IPv6: NLM_F_CREATE should be set when creating new route
[  366.410273][ T9550] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  366.573756][ T9550] netlink: 'syz.2.1103': attribute type 10 has an invalid length.
[  366.589522][ T9550] mac80211_hwsim hwsim5 wlan1: left allmulticast mode
[  366.638210][ T9550] team0: Port device wlan1 added
[  367.435524][ T9555] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1106'.
[  367.778997][ T9558] syzkaller0: entered promiscuous mode
[  367.781645][ T9558] syzkaller0: entered allmulticast mode
[  368.515060][ T9585] netlink: 'syz.1.1111': attribute type 4 has an invalid length.
[  368.518769][ T9585] netlink: 126052 bytes leftover after parsing attributes in process `syz.1.1111'.
[  368.523302][ T9585] FAULT_INJECTION: forcing a failure.
[  368.523302][ T9585] name failslab, interval 1, probability 0, space 0, times 0
[  368.530116][ T9585] CPU: 0 UID: 0 PID: 9585 Comm: syz.1.1111 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  368.534664][ T9585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  368.539210][ T9585] Call Trace:
[  368.540661][ T9585]  <TASK>
[  368.541963][ T9585]  dump_stack_lvl+0x16c/0x1f0
[  368.544026][ T9585]  should_fail_ex+0x497/0x5b0
[  368.546078][ T9585]  ? fs_reclaim_acquire+0xae/0x160
[  368.548175][ T9585]  should_failslab+0xc2/0x120
[  368.550177][ T9585]  __kmalloc_noprof+0xcb/0x410
[  368.552203][ T9585]  ioam6_genl_addsc+0x63b/0xcc0
[  368.554283][ T9585]  ? __pfx_ioam6_genl_addsc+0x10/0x10
[  368.556545][ T9585]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  368.559644][ T9585]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  368.562743][ T9585]  genl_family_rcv_msg_doit+0x202/0x2f0
[  368.565096][ T9585]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  368.567695][ T9585]  ? security_capable+0x98/0xd0
[  368.569797][ T9585]  genl_rcv_msg+0x565/0x800
[  368.571716][ T9585]  ? __pfx_genl_rcv_msg+0x10/0x10
[  368.573867][ T9585]  ? __pfx_ioam6_genl_addsc+0x10/0x10
[  368.576141][ T9585]  netlink_rcv_skb+0x165/0x410
[  368.578187][ T9585]  ? __pfx_genl_rcv_msg+0x10/0x10
[  368.580321][ T9585]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  368.582578][ T9585]  ? down_read+0xc9/0x330
[  368.584423][ T9585]  ? __pfx_down_read+0x10/0x10
[  368.586462][ T9585]  ? netlink_deliver_tap+0x1ae/0xcf0
[  368.588688][ T9585]  genl_rcv+0x28/0x40
[  368.590404][ T9585]  netlink_unicast+0x53c/0x7f0
[  368.592380][ T9585]  ? __pfx_netlink_unicast+0x10/0x10
[  368.594357][ T9585]  ? const_folio_flags.constprop.0+0x56/0x150
[  368.596764][ T9585]  ? __phys_addr_symbol+0x30/0x80
[  368.598903][ T9585]  ? __check_object_size+0x497/0x720
[  368.601084][ T9585]  netlink_sendmsg+0x8b8/0xd70
[  368.603161][ T9585]  ? __pfx_netlink_sendmsg+0x10/0x10
[  368.605391][ T9585]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  368.607625][ T9585]  ____sys_sendmsg+0x9b4/0xb50
[  368.609659][ T9585]  ? __pfx_____sys_sendmsg+0x10/0x10
[  368.611878][ T9585]  ? get_compat_msghdr+0x11b/0x170
[  368.614061][ T9585]  ? __pfx___lock_acquire+0x10/0x10
[  368.616267][ T9585]  ___sys_sendmsg+0x135/0x1e0
[  368.623607][ T9585]  ? __pfx____sys_sendmsg+0x10/0x10
[  368.625825][ T9585]  ? ksys_write+0x21c/0x260
[  368.627713][ T9585]  ? __fget_light+0x173/0x210
[  368.629720][ T9585]  __sys_sendmsg+0x117/0x1f0
[  368.631475][ T9585]  ? __pfx___sys_sendmsg+0x10/0x10
[  368.633652][ T9585]  __do_fast_syscall_32+0x73/0x120
[  368.635808][ T9585]  do_fast_syscall_32+0x32/0x80
[  368.637895][ T9585]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  368.640548][ T9585] RIP: 0023:0xf748e579
[  368.642281][ T9585] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  368.650196][ T9585] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  368.653659][ T9585] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000
[  368.657002][ T9585] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  368.659805][ T9585] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  368.662473][ T9585] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  368.665524][ T9585] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  368.668805][ T9585]  </TASK>
[  369.362186][ T9599] netlink: 'syz.0.1116': attribute type 29 has an invalid length.
[  369.367993][   T39] audit: type=1326 audit(1723874333.598:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9600 comm="syz.3.1117" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x0
[  369.899480][ T9609] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1120'.
[  369.906803][ T9609] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1120'.
[  370.637484][ T9643] netlink: 'syz.2.1126': attribute type 29 has an invalid length.
[  370.683234][ T9646] FAULT_INJECTION: forcing a failure.
[  370.683234][ T9646] name failslab, interval 1, probability 0, space 0, times 0
[  370.689346][ T9646] CPU: 3 UID: 0 PID: 9646 Comm: syz.1.1128 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  370.694004][ T9646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  370.698826][ T9646] Call Trace:
[  370.700382][ T9646]  <TASK>
[  370.701663][ T9646]  dump_stack_lvl+0x16c/0x1f0
[  370.703691][ T9646]  should_fail_ex+0x497/0x5b0
[  370.705705][ T9646]  ? fs_reclaim_acquire+0xae/0x160
[  370.707904][ T9646]  should_failslab+0xc2/0x120
[  370.709908][ T9646]  kmem_cache_alloc_lru_noprof+0x72/0x2f0
[  370.712315][ T9646]  ? __d_alloc+0x35/0x8c0
[  370.714173][ T9646]  __d_alloc+0x35/0x8c0
[  370.715946][ T9646]  d_alloc_pseudo+0x1c/0xc0
[  370.717968][ T9646]  alloc_file_pseudo+0xd2/0x200
[  370.720105][ T9646]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  370.722447][ T9646]  ? __pfx_idr_alloc_u32+0x10/0x10
[  370.724446][ T9646]  ? find_held_lock+0x2d/0x110
[  370.726561][ T9646]  ? find_held_lock+0x2d/0x110
[  370.728610][ T9646]  __anon_inode_getfile+0x136/0x3d0
[  370.730872][ T9646]  ? __pfx___anon_inode_getfile+0x10/0x10
[  370.733330][ T9646]  ? bpf_link_prime+0x8a/0x4d0
[  370.735419][ T9646]  ? __local_bh_enable_ip+0xa4/0x120
[  370.737630][ T9646]  bpf_link_prime+0x202/0x4d0
[  370.739657][ T9646]  bpf_uprobe_multi_link_attach+0xc50/0xe40
[  370.742223][ T9646]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  370.744968][ T9646]  ? fput+0x32/0x390
[  370.746656][ T9646]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  370.749214][ T9646]  __sys_bpf+0x4d56/0x55e0
[  370.751176][ T9646]  ? __pfx___sys_bpf+0x10/0x10
[  370.753258][ T9646]  ? ksys_write+0x12f/0x260
[  370.755280][ T9646]  ? find_held_lock+0x2d/0x110
[  370.757428][ T9646]  ? ksys_write+0x21c/0x260
[  370.759428][ T9646]  ? __pfx_lock_release+0x10/0x10
[  370.761636][ T9646]  ? vfs_write+0x14d/0x1140
[  370.763605][ T9646]  ? __mutex_unlock_slowpath+0x164/0x650
[  370.765949][ T9646]  ? fput+0x32/0x390
[  370.767666][ T9646]  ? ksys_write+0x1ab/0x260
[  370.769659][ T9646]  ? __pfx_ksys_write+0x10/0x10
[  370.771769][ T9646]  __ia32_sys_bpf+0x76/0xe0
[  370.773722][ T9646]  __do_fast_syscall_32+0x73/0x120
[  370.775657][ T9646]  do_fast_syscall_32+0x32/0x80
[  370.777514][ T9646]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  370.780012][ T9646] RIP: 0023:0xf748e579
[  370.781774][ T9646] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  370.789745][ T9646] RSP: 002b:00000000f579656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  370.793330][ T9646] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00000000200002c0
[  370.796809][ T9646] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  370.800221][ T9646] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  370.803674][ T9646] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  370.807143][ T9646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  370.810666][ T9646]  </TASK>
[  370.817816][ T9645] ==================================================================
[  370.821285][ T9645] BUG: KASAN: slab-use-after-free in __uprobe_unregister+0x210/0x260
[  370.824841][ T9645] Read of size 8 at addr ffff888000285fb8 by task syz.1.1128/9645
[  370.829821][ T9645] 
[  370.831244][ T9645] CPU: 2 UID: 0 PID: 9645 Comm: syz.1.1128 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  370.835741][ T9645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  370.839483][ T9645] Call Trace:
[  370.840727][ T9645]  <TASK>
[  370.841812][ T9645]  dump_stack_lvl+0x116/0x1f0
[  370.843602][ T9645]  print_report+0xc3/0x620
[  370.845333][ T9645]  ? __virt_addr_valid+0x5e/0x590
[  370.847407][ T9645]  ? __phys_addr+0xc6/0x150
[  370.849383][ T9645]  kasan_report+0xd9/0x110
[  370.851502][ T9645]  ? __uprobe_unregister+0x210/0x260
[  370.853889][ T9645]  ? __uprobe_unregister+0x210/0x260
[  370.856242][ T9645]  __uprobe_unregister+0x210/0x260
[  370.858377][ T9645]  uprobe_unregister+0x45/0x70
[  370.860518][ T9645]  bpf_uprobe_unregister+0xfb/0x1d0
[  370.862821][ T9645]  ? bpf_link_free+0x95/0x2b0
[  370.864880][ T9645]  ? __pfx_bpf_link_release+0x10/0x10
[  370.867229][ T9645]  bpf_uprobe_multi_link_release+0x6d/0x170
[  370.869678][ T9645]  bpf_link_free+0x12c/0x2b0
[  370.871413][ T9645]  bpf_link_release+0x63/0x80
[  370.873345][ T9645]  __fput+0x408/0xbb0
[  370.875184][ T9645]  ? _raw_spin_unlock_irq+0x23/0x50
[  370.877535][ T9645]  task_work_run+0x14e/0x250
[  370.879652][ T9645]  ? __pfx_task_work_run+0x10/0x10
[  370.881988][ T9645]  ? __pfx___close_range+0x10/0x10
[  370.884288][ T9645]  syscall_exit_to_user_mode+0x27b/0x2a0
[  370.886668][ T9645]  __do_fast_syscall_32+0x80/0x120
[  370.888799][ T9645]  do_fast_syscall_32+0x32/0x80
[  370.891026][ T9645]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  370.893540][ T9645] RIP: 0023:0xf748e579
[  370.895152][ T9645] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  370.902841][ T9645] RSP: 002b:00000000ffde211c EFLAGS: 00000202 ORIG_RAX: 00000000000001b4
[  370.906342][ T9645] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e
[  370.909172][ T9645] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  370.912593][ T9645] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  370.915765][ T9645] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  370.919075][ T9645] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  370.922144][ T9645]  </TASK>
[  370.923393][ T9645] 
[  370.924349][ T9645] Allocated by task 9646:
[  370.926113][ T9645]  kasan_save_stack+0x33/0x60
[  370.928045][ T9645]  kasan_save_track+0x14/0x30
[  370.930073][ T9645]  __kasan_kmalloc+0xaa/0xb0
[  370.932075][ T9645]  __kmalloc_node_noprof+0x211/0x440
[  370.934145][ T9645]  __kvmalloc_node_noprof+0x9d/0x1a0
[  370.936787][ T9645]  bpf_uprobe_multi_link_attach+0x45d/0xe40
[  370.939833][ T9645]  __sys_bpf+0x4d56/0x55e0
[  370.942350][ T9645]  __ia32_sys_bpf+0x76/0xe0
[  370.944522][ T9645]  __do_fast_syscall_32+0x73/0x120
[  370.946933][ T9645]  do_fast_syscall_32+0x32/0x80
[  370.949097][ T9645]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  370.951951][ T9645] 
[  370.953064][ T9645] Freed by task 9646:
[  370.955025][ T9645]  kasan_save_stack+0x33/0x60
[  370.957385][ T9645]  kasan_save_track+0x14/0x30
[  370.959766][ T9645]  kasan_save_free_info+0x3b/0x60
[  370.961988][ T9645]  poison_slab_object+0xf7/0x160
[  370.963964][ T9645]  __kasan_slab_free+0x32/0x50
[  370.966239][ T9645]  kfree+0x12a/0x3b0
[  370.967995][ T9645]  kvfree+0x47/0x50
[  370.969768][ T9645]  bpf_uprobe_multi_link_attach+0xaf2/0xe40
[  370.972455][ T9645]  __sys_bpf+0x4d56/0x55e0
[  370.974341][ T9645]  __ia32_sys_bpf+0x76/0xe0
[  370.976206][ T9645]  __do_fast_syscall_32+0x73/0x120
[  370.978497][ T9645]  do_fast_syscall_32+0x32/0x80
[  370.980795][ T9645]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  370.983962][ T9645] 
[  370.985294][ T9645] The buggy address belongs to the object at ffff888000285f80
[  370.985294][ T9645]  which belongs to the cache kmalloc-64 of size 64
[  370.992258][ T9645] The buggy address is located 56 bytes inside of
[  370.992258][ T9645]  freed 64-byte region [ffff888000285f80, ffff888000285fc0)
[  370.998505][ T9645] 
[  370.999600][ T9645] The buggy address belongs to the physical page:
[  371.002393][ T9645] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000285400 pfn:0x285
[  371.007085][ T9645] flags: 0x7ff00000000200(workingset|node=0|zone=0|lastcpupid=0x7ff)
[  371.010644][ T9645] page_type: 0xfdffffff(slab)
[  371.012653][ T9645] raw: 007ff00000000200 ffff8880158428c0 ffffea00008f26d0 ffffea0000a1cb10
[  371.016671][ T9645] raw: ffff888000285400 000000000020001f 00000001fdffffff 0000000000000000
[  371.020904][ T9645] page dumped because: kasan: bad access detected
[  371.023823][ T9645] page_owner tracks the page as allocated
[  371.026209][ T9645] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5349, tgid 5349 (syz-executor), ts 57923640638, free_ts 56704311583
[  371.035394][ T9645]  post_alloc_hook+0x2d1/0x350
[  371.037849][ T9645]  get_page_from_freelist+0x1351/0x2e50
[  371.040471][ T9645]  __alloc_pages_noprof+0x22b/0x2460
[  371.043009][ T9645]  alloc_slab_page+0x4e/0xf0
[  371.044848][ T9645]  new_slab+0x84/0x260
[  371.046845][ T9645]  ___slab_alloc+0xdac/0x1870
[  371.049286][ T9645]  __slab_alloc.constprop.0+0x56/0xb0
[  371.051761][ T9645]  __kmalloc_cache_noprof+0x2c5/0x310
[  371.055053][ T9645]  __netdev_adjacent_dev_insert+0x20f/0xbc0
[  371.058291][ T9645]  __netdev_upper_dev_link+0x414/0x850
[  371.060454][ T9645]  netdev_master_upper_dev_link+0xa0/0xd0
[  371.062972][ T9645]  batadv_hardif_enable_interface+0x28e/0xd20
[  371.065613][ T9645]  batadv_softif_slave_add+0x109/0x130
[  371.068142][ T9645]  do_set_master+0x1bc/0x230
[  371.070679][ T9645]  do_setlink+0xa82/0x3ec0
[  371.073039][ T9645]  __rtnl_newlink+0xc3a/0x1920
[  371.075906][ T9645] page last free pid 5370 tgid 5370 stack trace:
[  371.079041][ T9645]  free_unref_folios+0x9e9/0x1390
[  371.081825][ T9645]  folios_put_refs+0x560/0x760
[  371.084046][ T9645]  free_pages_and_swap_cache+0x45f/0x510
[  371.086557][ T9645]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  371.089262][ T9645]  tlb_finish_mmu+0x168/0x7b0
[  371.091296][ T9645]  exit_mmap+0x3d1/0xb20
[  371.093188][ T9645]  __mmput+0x12a/0x480
[  371.095057][ T9645]  mmput+0x62/0x70
[  371.096803][ T9645]  do_exit+0x9bf/0x2bb0
[  371.098672][ T9645]  do_group_exit+0xd3/0x2a0
[  371.100693][ T9645]  __x64_sys_exit_group+0x3e/0x50
[  371.102965][ T9645]  x64_sys_call+0x14a9/0x16a0
[  371.105083][ T9645]  do_syscall_64+0xcd/0x250
[  371.107075][ T9645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.109483][ T9645] 
[  371.110465][ T9645] Memory state around the buggy address:
[  371.112659][ T9645]  ffff888000285e80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  371.116252][ T9645]  ffff888000285f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  371.120252][ T9645] >ffff888000285f80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  371.123848][ T9645]                                         ^
[  371.126265][ T9645]  ffff888000286000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  371.129497][ T9645]  ffff888000286080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  371.133333][ T9645] ==================================================================
[  371.137296][    C2] vkms_vblank_simulate: vblank timer overrun
[  371.147363][ T9645] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  371.151211][ T9645] CPU: 2 UID: 0 PID: 9645 Comm: syz.1.1128 Not tainted 6.11.0-rc3-syzkaller-00256-g296c871d2904 #0
[  371.155959][ T9645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  371.161068][ T9645] Call Trace:
[  371.162632][ T9645]  <TASK>
[  371.164025][ T9645]  dump_stack_lvl+0x3d/0x1f0
[  371.166318][ T9645]  panic+0x6f5/0x7a0
[  371.167753][ T9645]  ? __pfx_panic+0x10/0x10
[  371.170031][ T9645]  ? preempt_schedule_thunk+0x1a/0x30
[  371.172389][ T9645]  ? preempt_schedule_common+0x44/0xc0
[  371.175091][ T9645]  ? check_panic_on_warn+0x1f/0xb0
[  371.177576][ T9645]  check_panic_on_warn+0xab/0xb0
[  371.179914][ T9645]  end_report+0x117/0x180
[  371.181959][ T9645]  kasan_report+0xe9/0x110
[  371.184346][ T9645]  ? __uprobe_unregister+0x210/0x260
[  371.187259][ T9645]  ? __uprobe_unregister+0x210/0x260
[  371.189791][ T9645]  __uprobe_unregister+0x210/0x260
[  371.191886][ T9645]  uprobe_unregister+0x45/0x70
[  371.194034][ T9645]  bpf_uprobe_unregister+0xfb/0x1d0
[  371.196348][ T9645]  ? bpf_link_free+0x95/0x2b0
[  371.198529][ T9645]  ? __pfx_bpf_link_release+0x10/0x10
[  371.201082][ T9645]  bpf_uprobe_multi_link_release+0x6d/0x170
[  371.204051][ T9645]  bpf_link_free+0x12c/0x2b0
[  371.206155][ T9645]  bpf_link_release+0x63/0x80
[  371.208276][ T9645]  __fput+0x408/0xbb0
[  371.210377][ T9645]  ? _raw_spin_unlock_irq+0x23/0x50
[  371.213280][ T9645]  task_work_run+0x14e/0x250
[  371.215930][ T9645]  ? __pfx_task_work_run+0x10/0x10
[  371.218523][ T9645]  ? __pfx___close_range+0x10/0x10
[  371.220815][ T9645]  syscall_exit_to_user_mode+0x27b/0x2a0
[  371.223265][ T9645]  __do_fast_syscall_32+0x80/0x120
[  371.225922][ T9645]  do_fast_syscall_32+0x32/0x80
[  371.228468][ T9645]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  371.231311][ T9645] RIP: 0023:0xf748e579
[  371.233267][ T9645] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  371.241511][ T9645] RSP: 002b:00000000ffde211c EFLAGS: 00000202 ORIG_RAX: 00000000000001b4
[  371.245159][ T9645] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e
[  371.248374][ T9645] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  371.251843][ T9645] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  371.255466][ T9645] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  371.258883][ T9645] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  371.262199][ T9645]  </TASK>
[  371.264212][ T9645] Kernel Offset: disabled
[  371.266259][ T9645] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:46:34  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080000002 RBX=0000000000000001 RCX=ffffffff813c9cce RDX=ffff88801fcba440
RSI=0000000000000000 RDI=0000000000000001 RBP=ffffffff8b49d060 RSP=ffffc90002cd7718
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000001 R13=0000000000000001 R14=0000000000000003 R15=0000000000000001
RIP=ffffffff818b1c1c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020b3e000 CR3=0000000027230000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000002 RBX=00000000000000f5 RCX=ffffffff81f3bc44 RDX=ffff88802054a440
RSI=0000000000000000 RDI=0000000000000005 RBP=ffff8880164f8a70 RSP=ffffc90027c87458
R8 =0000000000000005 R9 =0000000000000000 R10=00000000000000f5 R11=0000000000000000
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff818b1c6b RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000207ff000 CR3=0000000011dbc000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=000000000000001c Opmask02=000000000000001f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 002075676f008786 8a8984828183883a
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000084
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffff0f0e0d0c0b
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2075676f0087868a 8984828183883a3d
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d3d3d3d3d3d3d3d 3d3d3d3d3d3d3d3d 3d3d3d3d3d3d3d3d 3d3d3d3d3d3d3d3d
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f73657201828800 000000843d736563 61667265746e6900 883d656d616e6669
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 524e584f01828800 00000084004e585e 5c5b4f5849535400 880058505c535b54
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fa4c75 RDI=ffffffff95119340 RBP=ffffffff95119300 RSP=ffffc90026937768
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000039 R14=ffffffff84fa4c10 R15=0000000000000000
RIP=ffffffff84fa4c9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000056529ef6c048 CR3=000000005599e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=fffffbfff2a43bb0 RBX=fffffbfff2a43bb1 RCX=ffffffff8af3c7de RDX=fffffbfff2a43bb1
RSI=0000000000000004 RDI=ffffffff9521dd80 RBP=fffffbfff2a43bb0 RSP=ffffc90027d275a8
R8 =0000000000000001 R9 =fffffbfff2a43bb0 R10=ffffffff9521dd83 R11=0000000000000000
R12=0000000000000003 R13=0000000000000001 R14=ffffc90027d27688 R15=ffff8880214e4000
RIP=ffffffff81e9a427 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffbee38e0a0 CR3=0000000059188000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffff0000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffffffffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000