last executing test programs:

3.420158576s ago: executing program 0 (id=2247):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15})
io_setup(0xc5, &(0x7f0000004200)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0x15b0) (fail_nth: 90)

3.091109488s ago: executing program 0 (id=2250):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000380)={0x4000, 0x0, 0x80}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x26}}, 0x0)

2.98181826s ago: executing program 0 (id=2251):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x6, 0x0)
madvise(&(0x7f00004b2000/0x3000)=nil, 0x3000, 0x4)
unlinkat(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$DVD_WRITE_STRUCT(r1, 0x5392, &(0x7f0000000d40)=@bca={0x3, 0xbc, "dc9abf26244d9bf65d42284949551d402472497c713e87741488cad71323d9b351a1a74c279a03459d4b33060184023dacfc41dbdc7433b43a28c2f2a7b64188f562de72cf586e4f51e40156f12574e140f7055d8dbecce81b5b2cfcb91f81d963afbc147a2fde78bf305a028f3cced79e460f7738d167d59e96325e80cc867e11e12038bfe4502e856ec2022719b35797fd74c4752d6e567a58e356dde4dec6c57dd9b192005733103a2ec9cb9e6e7c0b2f6cc5f647e963353a4f4c"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f00000002c0)="f842b591c22ef747c0c88d30c6f32a34d223096b8e8d69de1f6bc7be245f7f07240456b798708db3e56b643d80bac6f529abaf2a0bea7ca45e0e24881aef79d6eaf968f99fecd9a88e7199acc37a570b9b88bd145007bc814dfb0996462ce41ac3541d6515e91b0c48324a846ad756eeaebc9cbdff4f809141e615ec7198cdda09044513c45c63e0ea800a6ba6c7010b7880674f019612c34951b6051c187eed23a93aabb6d4e464df021e145a3a260d867388e4f4e5b6baa30a3a80a06d2e3baeb41febd3ff5fbb7e7012ac80dd109cb4185dbce95fc6d1284e65b0c88963e329754543fb15d1c920d224d19525a29e4ef2729601fdaa8dd0b3b8977aa9380866aca59728d10a8e5102b6ed83c24a8c10c7dd258086228197f7c6f9ee9fab685526bc03933b05be1948f2c2b0c5bf3c41bcd4519cb8d6b3695481ff798af33ebe7ac3f0e3bad656f6f247e70463b9e6f642b430acb093e8699347aff8062919c6495b439813038cd97dbff4fb7703b296ea504c2b9a378513038fec743e9d07bd6e801ff2ab6f3abc4baa6c62d18540815f42a6cc0722d93b36093848c08e4bf090f2e31668eeafc0c6ba3e749ade71a07ae8efe99e3366bd0a9d2f3599d35797eff923daff19b148ead4c08c82b6e64b790a5cb9eb887393f538fdcb3aeec2cf9f0466175346a87115ba623968e5e8a38673a0d526c357b99dcf1649c35cbfa34be703be0a656d99bbad0419d6ec0e59053be7e4cc2f8787ee94abb96ab416cd9f0f2f33ac8628710cba872498d0805bd26040f8e8871a7671f658e3a9ecab354d9bcfded5ac75ea5bd5b05f61728a3b6d6e42df878d443fe736061d6f34b228acd4765fa3f853b0f7c40ea2223afb3dcfb5e9d001f223f8a03ce3537b7e27b6eca2e9bcb94d1df1774110a63b34c6b26c998c096e50cd49e1d3c45cdba77039ea59e293a6afb14ad5e3ccb29fcb2ad4aea443ead2e93babca5c016a59b4a2c5bedffed805ab7c99078e08078b88821333acf9735b905a985dd74658595dbfeb908ccfb91ccc73f39d61dec4cc46674236ef05fc2a168ff9271bd67bb7560991de322975ba8ba35ad8b1295170d1e2322b2fdce874c50978d43c4e7147119bc3", 0x321, 0x0, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
r2 = io_uring_setup(0x3bb8, &(0x7f0000000000))
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$TCSBRKP(r3, 0x5425, 0x0)
openat$cgroup_procs(r3, &(0x7f0000000100)='cgroup.threads\x00', 0x2, 0x0)
poll(0x0, 0x0, 0x0)
ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605)
io_setup(0xcf3, &(0x7f00000006c0)=<r4=>0x0)
r5 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r5, &(0x7f0000000180)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='reiserfs\x00', 0x2, &(0x7f0000000000)='sched^swit3\xd2\xea\xe5\x92\xc8\xcf\x81\xf0c\xa7\xa3d\xe3\x9fzch\x00')
listen(r5, 0x0)
io_submit(r4, 0x0, &(0x7f0000000100))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r6, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x10000ca, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')

2.87725847s ago: executing program 3 (id=2254):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f0000002240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x14, 0x0, 0x1, 0x0, 0x0, {0x1c}}, 0x14}}, 0x0)

2.733278073s ago: executing program 3 (id=2255):
r0 = socket(0x28, 0x5, 0x0)
r1 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x2}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000002c0)=<r3=>0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x800001, 0x0, &(0x7f0000000000), 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ff00ff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0)
sendmsg$NL80211_CMD_GET_MPATH(r5, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="100026bd7000fcdbdf25150000000c009900054900002f0000000a001a0008021100000000000a000600ffffffffffff00000a000600ffffffffffff00000a00060008021100000100000a001a00ffff000dffff00000a000600ffffffffffff0000"], 0x68}, 0x1, 0x0, 0x0, 0x20010}, 0x4040)
mlock2(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x0)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x6, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0)

2.590802658s ago: executing program 0 (id=2259):
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
ioctl$sock_qrtr_TIOCOUTQ(r0, 0x5411, &(0x7f00000000c0))
read$char_usb(r0, &(0x7f0000001840)=""/4090, 0xffa)
r1 = socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, 0xffffffffffffffff, 0x26, 0x0, 0x0, @void, @value}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000380)={0x4000, 0x0, 0x80}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x26}}, 0x0)
add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x2}, &(0x7f0000000240)="a8bf8cbaac10e16f45bdaad3393ac8f53b325e09cc527e6715e91c30dc123e623fe5c5b4ed022c1935a4235386b1d3fd376d7595def6554b73bba2f8000000000000000000", 0x45, 0xfffffffffffffffb)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x3d, 0x0, 0x1})
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f00000000c0)={{@local, 0x4}, @local, 0x0, 0x0, 0x4})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000040)={{@my=0x1, 0x10000}, @host, 0x0, 0x0, 0x7})
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r5, &(0x7f0000000300)='1\x00', 0xffffff4a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
r8 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000200)=0xc6, 0x4)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r8, r7, r7}, &(0x7f0000000180)=""/82, 0x52, &(0x7f00000000c0)={&(0x7f0000000100)={'sha384-generic\x00'}})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x0)

2.587782387s ago: executing program 1 (id=2261):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000010000500020000f4ff0000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a300000000008000540000000040c00098008000140ff"], 0x90}}, 0x0)

2.484957917s ago: executing program 1 (id=2262):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000002380)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000002340)={&(0x7f00000023c0)={0x78, 0x2, 0x3, 0x1df60642d5176857, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x20}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x23}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0xd}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x23}}, @NFQA_CFG_MASK={0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x24}, @NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0x9}}, @NFQA_CFG_QUEUE_MAXLEN={0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x2}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x1}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x1}}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4000080)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000001c0))
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f00000005c0)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/62, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/73, &(0x7f0000000880)=""/72})
ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xdc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@jmp={0x5, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffff0, 0x39}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_io_uring_setup(0x4237, &(0x7f0000000100), &(0x7f0000000200), &(0x7f00000001c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x1b, 0x20000000, 0x0)
r6 = openat$vim2m(0xffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0cc5605, &(0x7f0000000280)={0x1, @sdr={0x41415270, 0x80}})
socket$inet_icmp(0x2, 0x2, 0x1)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
recvmmsg(r7, &(0x7f00000021c0)=[{{&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/13, 0xd}, {&(0x7f0000000180)=""/54, 0x36}], 0x2, &(0x7f0000000340)=""/28, 0x1c}, 0xffffffff}, {{&(0x7f0000000380)=@l2, 0x80, &(0x7f0000000700)=[{&(0x7f0000000400)=""/132, 0x84}, {&(0x7f00000004c0)=""/128, 0x80}, {&(0x7f0000000540)=""/137, 0x89}, {&(0x7f0000000600)=""/233, 0xe9}], 0x4, &(0x7f0000000740)=""/83, 0x53}, 0x4}, {{&(0x7f00000007c0)=@ethernet={0x0, @multicast}, 0x80, &(0x7f0000000840), 0x0, &(0x7f0000000880)=""/213, 0xd5}, 0x200}, {{0x0, 0x0, &(0x7f0000001c40)=[{&(0x7f0000000980)=""/88, 0x58}, {0x0}, {&(0x7f0000000a00)=""/186, 0xba}, {&(0x7f0000002440)=""/155, 0x9b}, {&(0x7f0000000b80)=""/4086, 0xff6}, {&(0x7f0000001b80)=""/112, 0x70}, {&(0x7f0000001c00)=""/54, 0x36}], 0x7, &(0x7f0000001c80)=""/245, 0xf5}, 0xfffff035}, {{&(0x7f0000001d80)=@ax25={{}, [@default, @netrom, @default, @bcast, @null, @remote, @rose, @rose]}, 0x80, &(0x7f00000020c0)=[{&(0x7f0000001e00)=""/214, 0xd6}, {&(0x7f0000001f00)=""/194, 0xc2}, {&(0x7f0000002000)=""/157, 0x9d}], 0x3, &(0x7f0000002100)=""/138, 0x8a}, 0x385d}], 0x5, 0x2120, &(0x7f0000002280))

2.482199675s ago: executing program 3 (id=2263):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f0000002240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x14, r0, 0x1, 0x0, 0x0, {0x1c}}, 0x14}}, 0x0)

2.353021268s ago: executing program 3 (id=2264):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000002380)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000002340)={&(0x7f00000023c0)={0x78, 0x2, 0x3, 0x1df60642d5176857, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x20}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x23}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0xd}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x23}}, @NFQA_CFG_MASK={0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x24}, @NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0x9}}, @NFQA_CFG_QUEUE_MAXLEN={0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x2}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x1}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x1}}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4000080)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000001c0))
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f00000005c0)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/62, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/73, &(0x7f0000000880)=""/72})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xdc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@jmp={0x5, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffff0, 0x39}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_io_uring_setup(0x4237, &(0x7f0000000100), &(0x7f0000000200), &(0x7f00000001c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x1b, 0x20000000, 0x0)
r6 = openat$vim2m(0xffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0cc5605, &(0x7f0000000280)={0x1, @sdr={0x41415270, 0x80}})
socket$inet_icmp(0x2, 0x2, 0x1)

1.753161868s ago: executing program 2 (id=2265):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x90ff}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0xac}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x2, 0xfff0}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x8}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfff0, 0x51}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r0}, {}, {0x15, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.610481266s ago: executing program 1 (id=2266):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x401, 0x30}, &(0x7f0000000180)=0xc)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x3c, r5, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x3c}}, 0x4000000)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x25, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100fcff00000000000002000000140001800500020001"], 0x28}}, 0x0)

1.610028931s ago: executing program 2 (id=2267):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x16, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a730900000000000000204743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413fcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff4175b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

1.523428787s ago: executing program 0 (id=2268):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6)
r1 = getpid()
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000200)=ANY=[@ANYRES32=r1], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
getdents(r3, &(0x7f00000004c0)=""/219, 0xdb) (fail_nth: 11)
getdents(r3, &(0x7f0000001440)=""/228, 0xe4)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="03000000ff030000000400000000000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000400"/27], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect$pppl2tp(r4, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r4, &(0x7f0000000180), 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000100))
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x1c)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

1.40051156s ago: executing program 2 (id=2269):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
clock_getres(0x4, &(0x7f0000000340))
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000180)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, &(0x7f00000001c0)={0x42, 0x0, &(0x7f0000000180)})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000200), 0x3, r4})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000100))
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c)
sendto$inet6(r6, &(0x7f00000001c0)='O', 0x1, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0x78, 0x30, 0x10b, 0x0, 0x0, {}, [{0x64, 0x1, [@m_ife={0x60, 0x1, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @random="d8c4efb8a5ce"}, @TCA_IFE_DMAC={0xa, 0x3, @link_local}, @TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0)
r8 = socket(0x22, 0x2, 0x3)
setsockopt$inet6_IPV6_HOPOPTS(r8, 0x29, 0x36, 0x0, 0x8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)

1.400113724s ago: executing program 1 (id=2270):
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140))
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mkdir(0x0, 0x4d)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@bloom_filter={0x1e, 0x8, 0x3, 0xfffffffb, 0x20, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x1, 0xa, @void, @value, @void, @value}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x840000000002, 0x3, 0x100)
r4 = gettid()
r5 = epoll_create(0x400)
r6 = eventfd(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000000))
kcmp$KCMP_EPOLL_TFD(r4, r4, 0x7, r6, &(0x7f0000000080)={r5, r6})
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r3, &(0x7f0000005240), 0x264e33, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff)

865.449697ms ago: executing program 3 (id=2271):
unshare(0x68040200)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newlink={0x34, 0x10, 0x581, 0x0, 0xfffe, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}]}, 0x34}}, 0x0)

281.078768ms ago: executing program 1 (id=2272):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f0000002240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x14, r0, 0x1, 0x0, 0x0, {0x1c}}, 0x14}}, 0x0)

161.929113ms ago: executing program 2 (id=2273):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000000}, [@jmp={0x5, 0x0, 0x8, 0x0, 0x0, 0x0, 0x39}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

95.123353ms ago: executing program 0 (id=2274):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000002380)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000002340)={&(0x7f00000023c0)={0x78, 0x2, 0x3, 0x1df60642d5176857, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x20}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x23}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0xd}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x23}}, @NFQA_CFG_MASK={0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x24}, @NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0x9}}, @NFQA_CFG_QUEUE_MAXLEN={0x8}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x2}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x1}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x1}}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4000080)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000001c0))
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f00000005c0)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/62, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/73, &(0x7f0000000880)=""/72})
ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xdc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@jmp={0x5, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffff0, 0x39}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_io_uring_setup(0x4237, &(0x7f0000000100), &(0x7f0000000200), &(0x7f00000001c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x1b, 0x20000000, 0x0)
r6 = openat$vim2m(0xffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0cc5605, &(0x7f0000000280)={0x1, @sdr={0x41415270, 0x80}})
socket$inet_icmp(0x2, 0x2, 0x1)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
recvmmsg(r7, &(0x7f00000021c0)=[{{&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/13, 0xd}, {&(0x7f0000000180)=""/54, 0x36}], 0x2, &(0x7f0000000340)=""/28, 0x1c}, 0xffffffff}, {{&(0x7f0000000380)=@l2, 0x80, &(0x7f0000000700)=[{&(0x7f0000000400)=""/132, 0x84}, {&(0x7f00000004c0)=""/128, 0x80}, {&(0x7f0000000540)=""/137, 0x89}, {&(0x7f0000000600)=""/233, 0xe9}], 0x4, &(0x7f0000000740)=""/83, 0x53}, 0x4}, {{&(0x7f00000007c0)=@ethernet={0x0, @multicast}, 0x80, &(0x7f0000000840), 0x0, &(0x7f0000000880)=""/213, 0xd5}, 0x200}, {{0x0, 0x0, &(0x7f0000001c40)=[{&(0x7f0000000980)=""/88, 0x58}, {0x0}, {&(0x7f0000000a00)=""/186, 0xba}, {&(0x7f0000002440)=""/155, 0x9b}, {&(0x7f0000000b80)=""/4086, 0xff6}, {&(0x7f0000001b80)=""/112, 0x70}, {&(0x7f0000001c00)=""/54, 0x36}], 0x7, &(0x7f0000001c80)=""/245, 0xf5}, 0xfffff035}, {{&(0x7f0000001d80)=@ax25={{}, [@default, @netrom, @default, @bcast, @null, @remote, @rose, @rose]}, 0x80, &(0x7f00000020c0)=[{&(0x7f0000001e00)=""/214, 0xd6}, {&(0x7f0000001f00)=""/194, 0xc2}, {&(0x7f0000002000)=""/157, 0x9d}], 0x3, &(0x7f0000002100)=""/138, 0x8a}, 0x385d}], 0x5, 0x2120, &(0x7f0000002280))

94.773278ms ago: executing program 2 (id=2275):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r2}, 0x57)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
lseek(r3, 0xfffffffffffffffa, 0x3)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r4 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r4, 0x0)
dup3(r0, r4, 0x0)

94.45266ms ago: executing program 3 (id=2276):
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
ioctl$sock_qrtr_TIOCOUTQ(r0, 0x5411, &(0x7f00000000c0))
read$char_usb(r0, &(0x7f0000001840)=""/4090, 0xffa)
r1 = socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, 0xffffffffffffffff, 0x26, 0x0, 0x0, @void, @value}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000380)={0x4000, 0x0, 0x80}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x26}}, 0x0)
add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x2}, &(0x7f0000000240)="a8bf8cbaac10e16f45bdaad3393ac8f53b325e09cc527e6715e91c30dc123e623fe5c5b4ed022c1935a4235386b1d3fd376d7595def6554b73bba2f8000000000000000000", 0x45, 0xfffffffffffffffb)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x3d, 0x0, 0x1})
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f00000000c0)={{@local, 0x4}, @local, 0x0, 0x0, 0x4})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000040)={{@my=0x1, 0x10000}, @host, 0x0, 0x0, 0x7})
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r5, &(0x7f0000000300)='1\x00', 0xffffff4a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
r8 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000200)=0xc6, 0x4)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r8, r7, r7}, &(0x7f0000000180)=""/82, 0x52, &(0x7f00000000c0)={&(0x7f0000000100)={'sha384-generic\x00'}})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x0)

93.416217ms ago: executing program 1 (id=2277):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@index_off}]}) (fail_nth: 70)

0s ago: executing program 2 (id=2278):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cdrom(0xffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$CDROMPAUSE(r0, 0x5301)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x8a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r4, 0x4b67, &(0x7f0000001ec0)={0x0, 0x0})
write$binfmt_elf32(r2, &(0x7f0000000a00)=ANY=[@ANYRESDEC=r3], 0x4d2)
rmdir(&(0x7f00000000c0)='./cgroup/../file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x180)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x1c0)
r5 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x10, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r5, 0x1, &(0x7f0000000140)={0x100, r6}, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r5, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file1\x00', 0x81c0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x81c0, 0x0)
r7 = landlock_create_ruleset(&(0x7f0000000240)={0x20}, 0x10, 0x0)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r7, 0x1, &(0x7f00000002c0)={0x20, r8}, 0x0)
landlock_restrict_self(r7, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0/file0/file0\x00', 0x40, 0x0)

kernel console output (not intermixed with test programs):

T17850]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[ 1568.499744][T17850]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1568.501131][T17850]  ? rcu_is_watching+0x12/0xc0
[ 1568.502408][T17850]  netlink_unicast+0x53c/0x7f0
[ 1568.503663][T17850]  ? __pfx_netlink_unicast+0x10/0x10
[ 1568.505034][T17850]  ? __phys_addr_symbol+0x30/0x80
[ 1568.506339][T17850]  ? __check_object_size+0x497/0x720
[ 1568.507706][T17850]  netlink_sendmsg+0x8b8/0xd70
[ 1568.508958][T17850]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1568.510344][T17850]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1568.511792][T17850]  __sys_sendto+0x47f/0x4e0
[ 1568.513056][T17850]  ? __pfx___sys_sendto+0x10/0x10
[ 1568.514400][T17850]  ? __might_fault+0x13b/0x190
[ 1568.515649][T17850]  ? __pfx_lock_release+0x10/0x10
[ 1568.516972][T17850]  __do_compat_sys_socketcall+0x5e2/0x700
[ 1568.518464][T17850]  ? __pfx___do_compat_sys_socketcall+0x10/0x10
[ 1568.520083][T17850]  ? fput+0x32/0x390
[ 1568.521127][T17850]  __do_fast_syscall_32+0x73/0x120
[ 1568.522475][T17850]  do_fast_syscall_32+0x32/0x80
[ 1568.523758][T17850]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1568.525401][T17850] RIP: 0023:0xf7f80579
[ 1568.526407][T17850] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1568.531110][T17850] RSP: 002b:00000000f56c3440 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[ 1568.533274][T17850] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f56c3454
[ 1568.535331][T17850] RDX: 0000000000000000 RSI: 00000000f56c3570 RDI: 00000000f740bff4
[ 1568.537373][T17850] RBP: 00000000f56c3570 R08: 0000000000000000 R09: 0000000000000000
[ 1568.539426][T17850] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1568.541510][T17850] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1568.543570][T17850]  </TASK>
[ 1568.762130][T17859] loop7: detected capacity change from 0 to 16384
[ 1569.298281][T17865] netlink: 'syz.0.1652': attribute type 11 has an invalid length.
[ 1569.695891][T17877] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1648'.
[ 1569.776327][T15632] Bluetooth: hci0: command tx timeout
[ 1570.468084][T17895] FAULT_INJECTION: forcing a failure.
[ 1570.468084][T17895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1570.471663][T17895] CPU: 2 UID: 0 PID: 17895 Comm: syz.1.1654 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1570.474534][T17895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1570.477354][T17895] Call Trace:
[ 1570.478243][T17895]  <TASK>
[ 1570.479043][T17895]  dump_stack_lvl+0x16c/0x1f0
[ 1570.480304][T17895]  should_fail_ex+0x497/0x5b0
[ 1570.481562][T17895]  _copy_from_user+0x30/0xf0
[ 1570.482883][T17895]  input_event_from_user+0x22d/0x3b0
[ 1570.484196][T17895]  ? __pfx_input_event_from_user+0x10/0x10
[ 1570.485661][T17895]  ? input_inject_event+0x193/0x370
[ 1570.487068][T17895]  evdev_write+0x374/0x750
[ 1570.488278][T17895]  ? __pfx_evdev_write+0x10/0x10
[ 1570.489611][T17895]  ? bpf_lsm_file_permission+0x9/0x10
[ 1570.491071][T17895]  ? security_file_permission+0x98/0xc0
[ 1570.492530][T17895]  ? __pfx_evdev_write+0x10/0x10
[ 1570.493855][T17895]  vfs_write+0x29a/0x1140
[ 1570.495036][T17895]  ? __pfx_vfs_write+0x10/0x10
[ 1570.496323][T17895]  ? __fget_files+0x256/0x400
[ 1570.497584][T17895]  ? __fget_light+0x173/0x210
[ 1570.498852][T17895]  ksys_write+0x1f8/0x260
[ 1570.500012][T17895]  ? __pfx_ksys_write+0x10/0x10
[ 1570.501306][T17895]  __do_fast_syscall_32+0x73/0x120
[ 1570.502676][T17895]  do_fast_syscall_32+0x32/0x80
[ 1570.503974][T17895]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1570.505652][T17895] RIP: 0023:0xf7f80579
[ 1570.506695][T17895] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1570.511511][T17895] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1570.513652][T17895] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[ 1570.515668][T17895] RDX: 0000000000002250 RSI: 0000000000000000 RDI: 0000000000000000
[ 1570.517684][T17895] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1570.519656][T17895] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1570.521672][T17895] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1570.523714][T17895]  </TASK>
[ 1570.711006][T15980] usb 8-1: USB disconnect, device number 8
[ 1570.952075][T17902] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1656'.
[ 1570.980695][T17902] bridge1: port 1(veth1_to_bond) entered blocking state
[ 1570.982788][T17902] bridge1: port 1(veth1_to_bond) entered disabled state
[ 1570.984780][T17902] veth1_to_bond: entered allmulticast mode
[ 1570.991643][T17902] veth1_to_bond: entered promiscuous mode
[ 1570.995011][T17902] bridge1: port 1(veth1_to_bond) entered blocking state
[ 1570.996876][T17902] bridge1: port 1(veth1_to_bond) entered forwarding state
[ 1571.697019][T15207] Bluetooth: hci3: Received unexpected HCI Event 0x00
[ 1571.747515][T15207] Bluetooth: hci0: command tx timeout
[ 1571.808281][T17918] netdevsim netdevsim0: Direct firmware load for ng failed with error -2
[ 1571.810715][T17918] netdevsim netdevsim0: Falling back to sysfs fallback for: ng
[ 1572.086059][T17922] sit0: entered allmulticast mode
[ 1573.248712][T17940] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1669'.
[ 1573.743367][T15207] Bluetooth: hci0: command 0x0405 tx timeout
[ 1574.862242][T17952] Bluetooth: MGMT ver 1.23
[ 1575.236044][T17956] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1674'.
[ 1575.368618][T17970] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1678'.
[ 1575.371044][T17970] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1678'.
[ 1575.373453][T17970] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1678'.
[ 1575.694278][T17977] netlink: 'syz.0.1680': attribute type 10 has an invalid length.
[ 1575.706900][T17977] team0: Port device wlan1 added
[ 1575.793213][T17988] syzkaller0: entered promiscuous mode
[ 1575.794712][T17988] syzkaller0: entered allmulticast mode
[ 1575.826448][   T39] audit: type=1326 audit(2000000044.910:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1575.843687][   T39] audit: type=1326 audit(2000000044.910:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1575.849328][   T39] audit: type=1326 audit(2000000044.910:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1575.862523][   T39] audit: type=1326 audit(2000000044.910:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1575.881720][   T39] audit: type=1326 audit(2000000044.910:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1575.887031][T17991] /dev/sr0: Can't open blockdev
[ 1575.887754][   T39] audit: type=1326 audit(2000000044.910:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=334 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1575.897455][   T39] audit: type=1326 audit(2000000044.910:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1575.910754][   T39] audit: type=1326 audit(2000000044.910:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1575.919922][   T39] audit: type=1326 audit(2000000044.910:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1575.925643][   T39] audit: type=1326 audit(2000000044.910:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17986 comm="syz.1.1686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1576.193371][T17996] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1688'.
[ 1576.199153][T17996] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1688'.
[ 1576.389476][T18004] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1689'.
[ 1576.391808][T18004] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1689'.
[ 1576.394195][T18004] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1689'.
[ 1577.083534][T18014] netlink: 360 bytes leftover after parsing attributes in process `syz.1.1694'.
[ 1577.709512][T18032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.712344][T18032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.714852][T18032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.717477][T18032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.720298][T18032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.723251][T18032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.728376][T18032] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1577.732217][T18032] batadv_slave_0: entered promiscuous mode
[ 1578.706414][T18044] tipc: Started in network mode
[ 1578.707719][T18044] tipc: Node identity , cluster identity 4711
[ 1580.192049][T18080] syzkaller0: entered promiscuous mode
[ 1580.193542][T18080] syzkaller0: entered allmulticast mode
[ 1580.499457][T18094] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1580.505092][T18094] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1580.635328][T18104] __nla_validate_parse: 3 callbacks suppressed
[ 1580.635338][T18104] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1729'.
[ 1581.738931][T18140] Option '        S†±Óý7mu•ÞöUKs»¢ø' to dns_resolver key: bad/missing value
[ 1581.865097][   T39] kauditd_printk_skb: 54 callbacks suppressed
[ 1581.865113][   T39] audit: type=1326 audit(2000000051.230:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1581.872197][   T39] audit: type=1326 audit(2000000051.230:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1581.897905][   T39] audit: type=1326 audit(2000000051.230:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1581.906377][   T39] audit: type=1326 audit(2000000051.230:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1581.914858][   T39] audit: type=1326 audit(2000000051.230:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=334 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1581.922110][   T39] audit: type=1326 audit(2000000051.230:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1581.928419][   T39] audit: type=1326 audit(2000000051.230:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1581.941731][   T39] audit: type=1326 audit(2000000051.230:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1581.947874][   T39] audit: type=1326 audit(2000000051.230:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1581.955637][   T39] audit: type=1326 audit(2000000051.230:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18135 comm="syz.1.1727" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1582.101931][T18172] input: syz0 as /devices/virtual/input/input17
[ 1582.116701][T18172] FAULT_INJECTION: forcing a failure.
[ 1582.116701][T18172] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1582.120262][T18172] CPU: 0 UID: 0 PID: 18172 Comm: syz.1.1738 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1582.123206][T18172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1582.125853][T18172] Call Trace:
[ 1582.126692][T18172]  <TASK>
[ 1582.127424][T18172]  dump_stack_lvl+0x16c/0x1f0
[ 1582.128630][T18172]  should_fail_ex+0x497/0x5b0
[ 1582.129840][T18172]  _copy_from_user+0x30/0xf0
[ 1582.131018][T18172]  input_event_from_user+0x22d/0x3b0
[ 1582.132367][T18172]  ? __pfx_input_event_from_user+0x10/0x10
[ 1582.133800][T18172]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1582.135300][T18172]  ? input_event+0x8e/0xa0
[ 1582.136395][T18172]  uinput_write+0xbc2/0x12c0
[ 1582.137540][T18172]  ? __pfx_uinput_write+0x10/0x10
[ 1582.138834][T18172]  ? bpf_lsm_file_permission+0x9/0x10
[ 1582.140204][T18172]  ? security_file_permission+0x98/0xc0
[ 1582.141582][T18172]  ? __pfx_uinput_write+0x10/0x10
[ 1582.142860][T18172]  vfs_write+0x29a/0x1140
[ 1582.143965][T18172]  ? __pfx_vfs_write+0x10/0x10
[ 1582.145183][T18172]  ? __fget_files+0x256/0x400
[ 1582.146375][T18172]  ? __fget_light+0x173/0x210
[ 1582.147548][T18172]  ksys_write+0x1f8/0x260
[ 1582.148767][T18172]  ? __pfx_ksys_write+0x10/0x10
[ 1582.150075][T18172]  __do_fast_syscall_32+0x73/0x120
[ 1582.151425][T18172]  do_fast_syscall_32+0x32/0x80
[ 1582.152651][T18172]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1582.154252][T18172] RIP: 0023:0xf7f80579
[ 1582.155290][T18172] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1582.160321][T18172] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1582.162419][T18172] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[ 1582.164396][T18172] RDX: 00000000000015b0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1582.166394][T18172] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1582.168407][T18172] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1582.170406][T18172] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1582.172427][T18172]  </TASK>
[ 1582.173321][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1582.625434][T18187] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1743'.
[ 1583.588361][T18217] netlink: 'syz.2.1752': attribute type 1 has an invalid length.
[ 1583.597119][T18217] netlink: 'syz.2.1752': attribute type 3 has an invalid length.
[ 1583.603715][T18217] netlink: 216 bytes leftover after parsing attributes in process `syz.2.1752'.
[ 1583.819489][T18221] FAULT_INJECTION: forcing a failure.
[ 1583.819489][T18221] name failslab, interval 1, probability 0, space 0, times 0
[ 1583.822722][T18221] CPU: 3 UID: 0 PID: 18221 Comm: syz.2.1753 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1583.825431][T18221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1583.828209][T18221] Call Trace:
[ 1583.829071][T18221]  <TASK>
[ 1583.829860][T18221]  dump_stack_lvl+0x16c/0x1f0
[ 1583.831070][T18221]  should_fail_ex+0x497/0x5b0
[ 1583.832293][T18221]  ? fs_reclaim_acquire+0xae/0x160
[ 1583.833635][T18221]  should_failslab+0xc2/0x120
[ 1583.834891][T18221]  kmem_cache_alloc_noprof+0x6e/0x2f0
[ 1583.836292][T18221]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1583.837709][T18221]  ? security_inode_alloc+0x3e/0x240
[ 1583.839109][T18221]  security_inode_alloc+0x3e/0x240
[ 1583.840462][T18221]  inode_init_always+0xc56/0xf80
[ 1583.841755][T18221]  alloc_inode+0x7d/0x230
[ 1583.842910][T18221]  new_inode+0x22/0x210
[ 1583.844011][T18221]  proc_pid_make_inode+0x22/0x160
[ 1583.845329][T18221]  proc_fd_instantiate+0x59/0x1f0
[ 1583.846656][T18221]  proc_fill_cache+0x362/0x470
[ 1583.847854][T18221]  ? __pfx_proc_fd_instantiate+0x10/0x10
[ 1583.849258][T18221]  ? __pfx_proc_fill_cache+0x10/0x10
[ 1583.850634][T18221]  ? __pfx_vsnprintf+0x10/0x10
[ 1583.851886][T18221]  ? task_lookup_next_fdget_rcu+0x294/0x470
[ 1583.853426][T18221]  ? proc_readfd_common+0x1d9/0x9a0
[ 1583.854797][T18221]  ? snprintf+0xc8/0x100
[ 1583.855856][T18221]  ? task_lookup_next_fdget_rcu+0x294/0x470
[ 1583.857345][T18221]  ? proc_readfd_common+0x1d9/0x9a0
[ 1583.858704][T18221]  proc_readfd_common+0x25a/0x9a0
[ 1583.860021][T18221]  ? __pfx_proc_fd_instantiate+0x10/0x10
[ 1583.861491][T18221]  ? __pfx_proc_readfd_common+0x10/0x10
[ 1583.862944][T18221]  ? down_read_killable+0xcc/0x380
[ 1583.864291][T18221]  ? __pfx_down_read_killable+0x10/0x10
[ 1583.865736][T18221]  ? apparmor_file_permission+0x251/0x400
[ 1583.867230][T18221]  iterate_dir+0x53e/0xb60
[ 1583.868411][T18221]  __ia32_compat_sys_getdents+0x14f/0x2d0
[ 1583.869895][T18221]  ? __pfx___ia32_compat_sys_getdents+0x10/0x10
[ 1583.871533][T18221]  ? __pfx_compat_filldir+0x10/0x10
[ 1583.872896][T18221]  __do_fast_syscall_32+0x73/0x120
[ 1583.874268][T18221]  do_fast_syscall_32+0x32/0x80
[ 1583.875547][T18221]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1583.877150][T18221] RIP: 0023:0xf7f15579
[ 1583.878204][T18221] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1583.883166][T18221] RSP: 002b:00000000f567556c EFLAGS: 00000296 ORIG_RAX: 000000000000008d
[ 1583.885315][T18221] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200004c0
[ 1583.887370][T18221] RDX: 00000000000000db RSI: 0000000000000000 RDI: 0000000000000000
[ 1583.889419][T18221] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1583.891474][T18221] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1583.893536][T18221] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1583.895616][T18221]  </TASK>
[ 1584.106483][T18235] syz.0.1759[18235] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1584.106616][T18235] syz.0.1759[18235] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1584.129808][T18235] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1759'.
[ 1584.141817][T18235] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1759'.
[ 1584.310794][T18245] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1757'.
[ 1585.770329][T18286] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1774'.
[ 1586.638457][T18306] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1586.640328][T18306] overlayfs: failed to set xattr on upper
[ 1586.641831][T18306] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1586.643625][T18306] overlayfs: ...falling back to uuid=null.
[ 1586.645166][T18306] FAULT_INJECTION: forcing a failure.
[ 1586.645166][T18306] name failslab, interval 1, probability 0, space 0, times 0
[ 1586.648602][T18306] CPU: 3 UID: 0 PID: 18306 Comm: syz.2.1780 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1586.651390][T18306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1586.654473][T18306] Call Trace:
[ 1586.655380][T18306]  <TASK>
[ 1586.656165][T18306]  dump_stack_lvl+0x16c/0x1f0
[ 1586.657356][T18306]  should_fail_ex+0x497/0x5b0
[ 1586.658556][T18306]  ? fs_reclaim_acquire+0xae/0x160
[ 1586.659922][T18306]  should_failslab+0xc2/0x120
[ 1586.661172][T18306]  __kmalloc_noprof+0xcb/0x410
[ 1586.662461][T18306]  ovl_fill_super+0x2fb2/0x6970
[ 1586.663754][T18306]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1586.665129][T18306]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1586.666570][T18306]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1586.668012][T18306]  ? __init_swait_queue_head+0xca/0x150
[ 1586.669470][T18306]  ? sget_fc+0x488/0xb90
[ 1586.670599][T18306]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1586.671940][T18306]  ? get_tree_nodev+0xda/0x190
[ 1586.673155][T18306]  get_tree_nodev+0xda/0x190
[ 1586.674368][T18306]  vfs_get_tree+0x8f/0x380
[ 1586.675493][T18306]  path_mount+0x6e1/0x1f10
[ 1586.676655][T18306]  ? __pfx_path_mount+0x10/0x10
[ 1586.677927][T18306]  ? putname+0x12e/0x170
[ 1586.679022][T18306]  ? putname+0x12e/0x170
[ 1586.680093][T18306]  __ia32_sys_mount+0x292/0x310
[ 1586.681345][T18306]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1586.682757][T18306]  __do_fast_syscall_32+0x73/0x120
[ 1586.684005][T18306]  do_fast_syscall_32+0x32/0x80
[ 1586.685239][T18306]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1586.686840][T18306] RIP: 0023:0xf7f15579
[ 1586.687876][T18306] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1586.692716][T18306] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1586.694886][T18306] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200000c0
[ 1586.696869][T18306] RDX: 0000000020000340 RSI: 0000000000000000 RDI: 0000000020000380
[ 1586.698870][T18306] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1586.700791][T18306] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1586.702793][T18306] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1586.704765][T18306]  </TASK>
[ 1586.980825][T18324] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1785'.
[ 1586.997107][T18324] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1586.999949][T18324] bond0: (slave bond1): Enslaving as an active interface with an up link
[ 1587.282093][T18343] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1791'.
[ 1587.550101][T11943] usb 5-1: new low-speed USB device number 11 using dummy_hcd
[ 1587.712043][T11943] usb 5-1: device descriptor read/64, error -71
[ 1587.944377][T18354] mac80211_hwsim hwsim544 ÿÿÿÿÿÿ: renamed from wlan1 (while UP)
[ 1587.979882][T11943] usb 5-1: new low-speed USB device number 12 using dummy_hcd
[ 1588.111210][T18359] x_tables: ip6_tables: mh match: only valid for protocol 135
[ 1588.122099][T11943] usb 5-1: device descriptor read/64, error -71
[ 1588.236524][T11943] usb usb5-port1: attempt power cycle
[ 1588.269488][T18370] input: syz0 as /devices/virtual/input/input18
[ 1588.626949][T11943] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[ 1588.665939][T11943] usb 5-1: device descriptor read/8, error -71
[ 1588.921879][T11943] usb 5-1: new low-speed USB device number 14 using dummy_hcd
[ 1588.960335][T11943] usb 5-1: device descriptor read/8, error -71
[ 1589.086021][T11943] usb usb5-port1: unable to enumerate USB device
[ 1589.534779][T18389] netlink: 9412 bytes leftover after parsing attributes in process `syz.3.1806'.
[ 1589.552646][T18389] random: crng reseeded on system resumption
[ 1589.579637][   T10] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1589.760581][   T10] usb 6-1: Using ep0 maxpacket: 32
[ 1589.764104][   T10] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1589.766402][   T10] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1589.770194][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1589.772694][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1589.775392][   T10] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1589.777881][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1589.785184][   T10] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1589.787707][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1589.792129][   T10] usb 6-1: config 0 descriptor??
[ 1589.992447][   T10] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1590.241580][T18401] vivid-002: disconnect
[ 1590.244973][T18384] vivid-002: reconnect
[ 1590.250771][   T56] usb 6-1: USB disconnect, device number 11
[ 1590.253935][   T56] usblp0: removed
[ 1590.653559][T18408] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[ 1590.655639][T18408] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1590.662359][T18408] vhci_hcd vhci_hcd.0: Device attached
[ 1590.667964][T18409] vhci_hcd: cannot find a urb of seqnum 7 max seqnum 0
[ 1590.674159][ T1103] vhci_hcd: stop threads
[ 1590.675606][ T1103] vhci_hcd: release socket
[ 1590.678586][ T1103] vhci_hcd: disconnect device
[ 1590.795917][T18411] dccp_close: ABORT with 5051 bytes unread
[ 1591.190926][T18421] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1591.215820][T18421] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1591.323423][T18428] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1591.337029][T18428] netlink: 'syz.3.1818': attribute type 21 has an invalid length.
[ 1591.339477][T18428] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1818'.
[ 1591.341995][T18428] netlink: 'syz.3.1818': attribute type 5 has an invalid length.
[ 1591.344381][T18428] netlink: 'syz.3.1818': attribute type 6 has an invalid length.
[ 1591.346654][T18428] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1818'.
[ 1591.422068][T18430] syzkaller1: entered promiscuous mode
[ 1591.423566][T18430] syzkaller1: entered allmulticast mode
[ 1591.750563][T18451] netlink: 'syz.1.1825': attribute type 10 has an invalid length.
[ 1591.753042][T18451] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1825'.
[ 1591.758930][T18451] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1592.353550][   T39] kauditd_printk_skb: 2 callbacks suppressed
[ 1592.353562][   T39] audit: type=1326 audit(2000000062.253:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18442 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7fc00000
[ 1592.489482][T18470] Bluetooth: MGMT ver 1.23
[ 1592.534479][T18472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1832'.
[ 1593.208064][T18477] fuse: Unknown parameter 'groupÍ'
[ 1593.264872][T18483] syz.0.1836 (18483): drop_caches: 0
[ 1593.353196][T18486] netlink: 6 bytes leftover after parsing attributes in process `syz.0.1836'.
[ 1593.456104][T15980] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 1593.647866][T15980] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1593.650598][T15980] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1593.656716][T15980] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1593.660571][T15980] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1593.664835][T15980] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1593.667022][T15980] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1593.676892][T15980] usb 8-1: config 0 descriptor??
[ 1594.065200][T15980] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[ 1594.067298][T15980] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[ 1594.069563][T15980] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[ 1594.077065][T15980] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1594.215929][T18505] usb usb8: usbfs: process 18505 (syz.2.1841) did not claim interface 0 before use
[ 1594.382270][T11943] usb 8-1: USB disconnect, device number 9
[ 1594.669524][   T39] audit: type=1326 audit(2000000064.688:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18512 comm="syz.1.1842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1594.676263][   T39] audit: type=1326 audit(2000000064.688:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18512 comm="syz.1.1842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1594.681788][   T39] audit: type=1326 audit(2000000064.699:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18512 comm="syz.1.1842" exe="/syz-executor" sig=0 arch=40000003 syscall=377 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1594.687590][   T39] audit: type=1326 audit(2000000064.699:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18512 comm="syz.1.1842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1594.693819][   T39] audit: type=1326 audit(2000000064.699:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18512 comm="syz.1.1842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1594.699817][   T39] audit: type=1326 audit(2000000064.699:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18512 comm="syz.1.1842" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1594.706023][   T39] audit: type=1326 audit(2000000064.699:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18512 comm="syz.1.1842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1594.712290][   T39] audit: type=1326 audit(2000000064.699:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18512 comm="syz.1.1842" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f80579 code=0x7ffc0000
[ 1595.098032][T18531] fuse: Unknown parameter ''
[ 1595.589928][T15980] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1595.762891][T15980] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1595.765369][T15980] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1595.767570][T15980] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1595.782044][T15980] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1595.784152][T15980] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1595.785994][T15980] usb 7-1: Product: syz
[ 1595.786973][T15980] usb 7-1: Manufacturer: syz
[ 1595.788048][T15980] usb 7-1: SerialNumber: syz
[ 1596.001935][T15980] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1596.010555][T15980] usb 7-1: USB disconnect, device number 12
[ 1596.015011][T15980] usblp0: removed
[ 1596.439093][   T39] audit: type=1326 audit(2000000066.536:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18560 comm="syz.3.1854" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73be579 code=0x0
[ 1596.548847][T18570] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1596.693032][T18578] ip6gretap0: entered promiscuous mode
[ 1596.696783][T18578] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1596.698582][T18578] Cannot create hsr debugfs directory
[ 1597.345370][T18592] FAULT_INJECTION: forcing a failure.
[ 1597.345370][T18592] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1597.348454][T18592] CPU: 3 UID: 0 PID: 18592 Comm: syz.0.1862 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1597.350961][T18592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1597.353483][T18592] Call Trace:
[ 1597.354489][T18592]  <TASK>
[ 1597.355225][T18592]  dump_stack_lvl+0x16c/0x1f0
[ 1597.356348][T18592]  should_fail_ex+0x497/0x5b0
[ 1597.357464][T18592]  _copy_from_iter+0x27a/0xfc0
[ 1597.358616][T18592]  ? _copy_from_iter+0x149/0xfc0
[ 1597.359798][T18592]  ? __pfx__copy_from_iter+0x10/0x10
[ 1597.361056][T18592]  ? sock_alloc_send_pskb+0x750/0x980
[ 1597.362331][T18592]  ? __pfx__copy_from_iter+0x10/0x10
[ 1597.363580][T18592]  copy_page_from_iter+0xa5/0x120
[ 1597.364772][T18592]  skb_copy_datagram_from_iter+0x41d/0x6c0
[ 1597.366164][T18592]  packet_sendmsg+0x2136/0x5390
[ 1597.367328][T18592]  ? __pfx___might_resched+0x10/0x10
[ 1597.368575][T18592]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1597.369974][T18592]  ? aa_sk_perm+0x2f5/0xb20
[ 1597.371067][T18592]  ? __pfx___might_resched+0x10/0x10
[ 1597.372338][T18592]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1597.373572][T18592]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1597.374756][T18592]  ? __might_fault+0xe3/0x190
[ 1597.375886][T18592]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1597.377138][T18592]  __sys_sendto+0x47f/0x4e0
[ 1597.378227][T18592]  ? __pfx___sys_sendto+0x10/0x10
[ 1597.379427][T18592]  ? ksys_write+0x1ab/0x260
[ 1597.380503][T18592]  ? __pfx_ksys_write+0x10/0x10
[ 1597.381656][T18592]  __ia32_sys_sendto+0xdd/0x1b0
[ 1597.382827][T18592]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1597.384054][T18592]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1597.385606][T18592]  __do_fast_syscall_32+0x73/0x120
[ 1597.386831][T18592]  do_fast_syscall_32+0x32/0x80
[ 1597.387989][T18592]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1597.389474][T18592] RIP: 0023:0xf7fcf579
[ 1597.390448][T18592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1597.394984][T18592] RSP: 002b:00000000f573556c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1597.396940][T18592] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000180
[ 1597.398803][T18592] RDX: 0000000000010608 RSI: 0000000000000000 RDI: 0000000020000140
[ 1597.400661][T18592] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[ 1597.402523][T18592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1597.405037][T18592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1597.406969][T18592]  </TASK>
[ 1597.521460][   T39] audit: type=1326 audit(2000000067.680:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18587 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1597.530987][   T39] audit: type=1326 audit(2000000067.680:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18587 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=377 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1597.537152][   T39] audit: type=1326 audit(2000000067.680:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18587 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1597.543095][   T39] audit: type=1326 audit(2000000067.680:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18587 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1597.548784][   T39] audit: type=1326 audit(2000000067.680:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18587 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1597.554854][   T39] audit: type=1326 audit(2000000067.680:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18587 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1597.560649][   T39] audit: type=1326 audit(2000000067.680:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18587 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1597.920450][   T39] audit: type=1326 audit(2000000068.100:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18610 comm="syz.2.1868" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[ 1597.943368][   T39] audit: type=1326 audit(2000000068.100:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18610 comm="syz.2.1868" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[ 1597.979905][   T39] audit: type=1326 audit(2000000068.153:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18610 comm="syz.2.1868" exe="/syz-executor" sig=0 arch=40000003 syscall=377 compat=1 ip=0xf7f15579 code=0x7ffc0000
[ 1598.505678][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[ 1598.507222][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[ 1598.842702][T18636] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1872'.
[ 1598.872866][T18636] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1872'.
[ 1598.915962][T18636] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1872'.
[ 1599.009557][T18643] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1873'.
[ 1599.012460][T18643] netlink: 'syz.3.1873': attribute type 5 has an invalid length.
[ 1599.015071][T18643] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1873'.
[ 1600.040956][T18685] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1883'.
[ 1600.440723][T18689] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1884'.
[ 1601.408137][T18700] input: syz1 as /devices/virtual/input/input19
[ 1601.535181][T18714] FAULT_INJECTION: forcing a failure.
[ 1601.535181][T18714] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1601.538192][T18714] CPU: 3 UID: 0 PID: 18714 Comm: syz.2.1894 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1601.540614][T18714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1601.543096][T18714] Call Trace:
[ 1601.543913][T18714]  <TASK>
[ 1601.544609][T18714]  dump_stack_lvl+0x16c/0x1f0
[ 1601.545689][T18714]  should_fail_ex+0x497/0x5b0
[ 1601.546782][T18714]  _copy_from_user+0x30/0xf0
[ 1601.547819][T18714]  input_event_from_user+0x22d/0x3b0
[ 1601.549041][T18714]  ? __pfx_input_event_from_user+0x10/0x10
[ 1601.550436][T18714]  ? input_inject_event+0x193/0x370
[ 1601.551660][T18714]  evdev_write+0x374/0x750
[ 1601.552721][T18714]  ? __pfx_evdev_write+0x10/0x10
[ 1601.553901][T18714]  ? bpf_lsm_file_permission+0x9/0x10
[ 1601.555170][T18714]  ? security_file_permission+0x98/0xc0
[ 1601.556461][T18714]  ? __pfx_evdev_write+0x10/0x10
[ 1601.557639][T18714]  vfs_write+0x29a/0x1140
[ 1601.558657][T18714]  ? __pfx_vfs_write+0x10/0x10
[ 1601.559770][T18714]  ? __fget_files+0x256/0x400
[ 1601.560862][T18714]  ? __fget_light+0x173/0x210
[ 1601.561987][T18714]  ksys_write+0x1f8/0x260
[ 1601.563001][T18714]  ? __pfx_ksys_write+0x10/0x10
[ 1601.564136][T18714]  __do_fast_syscall_32+0x73/0x120
[ 1601.565328][T18714]  do_fast_syscall_32+0x32/0x80
[ 1601.565342][T18716] FAULT_INJECTION: forcing a failure.
[ 1601.565342][T18716] name failslab, interval 1, probability 0, space 0, times 0
[ 1601.566496][T18714]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1601.566515][T18714] RIP: 0023:0xf7f15579
[ 1601.566524][T18714] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1601.576911][T18714] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1601.578851][T18714] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[ 1601.580724][T18714] RDX: 0000000000002250 RSI: 0000000000000000 RDI: 0000000000000000
[ 1601.582593][T18714] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1601.584405][T18714] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1601.586286][T18714] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1601.588102][T18714]  </TASK>
[ 1601.589805][T18716] CPU: 2 UID: 0 PID: 18716 Comm: syz.0.1895 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1601.592561][T18716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1601.595423][T18716] Call Trace:
[ 1601.596311][T18716]  <TASK>
[ 1601.597101][T18716]  dump_stack_lvl+0x16c/0x1f0
[ 1601.598369][T18716]  should_fail_ex+0x497/0x5b0
[ 1601.599568][T18716]  ? fs_reclaim_acquire+0xae/0x160
[ 1601.600941][T18716]  should_failslab+0xc2/0x120
[ 1601.602214][T18716]  kmem_cache_alloc_noprof+0x6e/0x2f0
[ 1601.603626][T18716]  ? __pfx_make_vfsuid+0x10/0x10
[ 1601.604878][T18716]  ? alloc_empty_file+0x73/0x1e0
[ 1601.606156][T18716]  alloc_empty_file+0x73/0x1e0
[ 1601.607381][T18716]  dentry_open+0x46/0xd0
[ 1601.608489][T18716]  ovl_path_open+0x198/0x1f0
[ 1601.609680][T18716]  ovl_indexdir_cleanup+0x19a/0x870
[ 1601.611046][T18716]  ? __pfx_ovl_indexdir_cleanup+0x10/0x10
[ 1601.612523][T18716]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1601.613915][T18716]  ? __pfx_ovl_fill_plain+0x10/0x10
[ 1601.615278][T18716]  ? ovl_verify_origin_xattr+0x9a/0x1a0
[ 1601.616713][T18716]  ovl_fill_super+0x497b/0x6970
[ 1601.617989][T18716]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1601.619343][T18716]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1601.620804][T18716]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1601.622245][T18716]  ? __init_swait_queue_head+0xca/0x150
[ 1601.623680][T18716]  ? sget_fc+0x488/0xb90
[ 1601.624852][T18716]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1601.626288][T18716]  ? get_tree_nodev+0xda/0x190
[ 1601.627531][T18716]  get_tree_nodev+0xda/0x190
[ 1601.628721][T18716]  vfs_get_tree+0x8f/0x380
[ 1601.629882][T18716]  path_mount+0x6e1/0x1f10
[ 1601.631068][T18716]  ? __pfx_path_mount+0x10/0x10
[ 1601.632313][T18716]  ? putname+0x12e/0x170
[ 1601.633462][T18716]  ? putname+0x12e/0x170
[ 1601.634600][T18716]  __ia32_sys_mount+0x292/0x310
[ 1601.635897][T18716]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1601.637269][T18716]  ? __secure_computing+0x273/0x3f0
[ 1601.638602][T18716]  __do_fast_syscall_32+0x73/0x120
[ 1601.639950][T18716]  do_fast_syscall_32+0x32/0x80
[ 1601.641273][T18716]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1601.642983][T18716] RIP: 0023:0xf7fcf579
[ 1601.644073][T18716] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1601.649091][T18716] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1601.651283][T18716] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200000c0
[ 1601.653348][T18716] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000900
[ 1601.655442][T18716] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1601.657495][T18716] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1601.659560][T18716] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1601.661615][T18716]  </TASK>
[ 1601.676811][T18716] overlayfs: failed index dir cleanup (-12)
[ 1601.678331][T18716] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[ 1601.678933][T18720] binder: 18719:18720 ioctl c0306201 0 returned -14
[ 1601.715081][T18723] netlink: 'syz.2.1898': attribute type 10 has an invalid length.
[ 1601.717107][T18723] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1898'.
[ 1601.719666][T18723] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[ 1601.722378][T18723] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1601.812073][T18733] nfs: Unknown parameter 'ntext'
[ 1601.824014][T18736] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1904'.
[ 1601.834410][T18736] bridge1: port 1(veth1_to_bond) entered blocking state
[ 1601.836273][T18736] bridge1: port 1(veth1_to_bond) entered disabled state
[ 1601.838212][T18736] veth1_to_bond: entered allmulticast mode
[ 1601.841098][T18736] veth1_to_bond: entered promiscuous mode
[ 1601.843279][T18736] bridge1: port 1(veth1_to_bond) entered blocking state
[ 1601.845221][T18736] bridge1: port 1(veth1_to_bond) entered forwarding state
[ 1601.897511][T14511] hid-generic 0000:0000:0000.000E: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[ 1602.109018][T18757] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1910'.
[ 1602.568126][T18783] ecryptfs_parse_options: eCryptfs: unrecognized option [&@]
[ 1602.570089][T18783] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[ 1602.573641][T18783] Error parsing options; rc = [-22]
[ 1602.686077][T18786] devtmpfs: Unknown parameter 'usrquota_block_'
[ 1602.867614][T18792] netlink: 'syz.2.1920': attribute type 6 has an invalid length.
[ 1602.869943][T18792] netlink: 'syz.2.1920': attribute type 5 has an invalid length.
[ 1603.732909][    C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1603.959621][T18818] kvm: kvm [18817]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010000) = 0x7fffffe00000240
[ 1603.995042][T18818] __nla_validate_parse: 3 callbacks suppressed
[ 1603.995053][T18818] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1929'.
[ 1604.084409][T18827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1932'.
[ 1604.604556][T18843] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1938'.
[ 1604.830714][   T10] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 1605.011218][   T10] usb 7-1: Using ep0 maxpacket: 32
[ 1605.023667][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1605.026222][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1605.028707][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1605.039952][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1605.042492][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1605.045857][   T10] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1605.048216][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1605.054710][   T10] usb 7-1: config 0 descriptor??
[ 1605.268675][   T10] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1605.497990][T18870] FAULT_INJECTION: forcing a failure.
[ 1605.497990][T18870] name failslab, interval 1, probability 0, space 0, times 0
[ 1605.502931][T18870] CPU: 0 UID: 0 PID: 18870 Comm: syz.1.1947 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1605.505750][T18870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1605.508562][T18870] Call Trace:
[ 1605.509444][T18870]  <TASK>
[ 1605.510233][T18870]  dump_stack_lvl+0x16c/0x1f0
[ 1605.511478][T18870]  should_fail_ex+0x497/0x5b0
[ 1605.512716][T18870]  ? fs_reclaim_acquire+0xae/0x160
[ 1605.514114][T18870]  should_failslab+0xc2/0x120
[ 1605.515364][T18870]  kmem_cache_alloc_noprof+0x6e/0x2f0
[ 1605.516775][T18870]  ? __kernfs_new_node+0xd3/0x890
[ 1605.518104][T18870]  __kernfs_new_node+0xd3/0x890
[ 1605.519395][T18870]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1605.520828][T18870]  ? __pfx_lock_release+0x10/0x10
[ 1605.522166][T18870]  ? down_write+0x14e/0x200
[ 1605.523374][T18870]  ? up_write+0x1b2/0x520
[ 1605.524505][T18870]  kernfs_new_node+0x186/0x240
[ 1605.525753][T18870]  __kernfs_create_file+0x53/0x350
[ 1605.527104][T18870]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[ 1605.528452][T18870]  internal_create_group+0x565/0xe50
[ 1605.529865][T18870]  ? __pfx_internal_create_group+0x10/0x10
[ 1605.531412][T18870]  ? kernfs_create_link+0x1bd/0x240
[ 1605.532902][T18870]  internal_create_groups+0x9d/0x150
[ 1605.534330][T18870]  device_add+0xf33/0x1a70
[ 1605.535522][T18870]  ? __pfx_device_add+0x10/0x10
[ 1605.536860][T18870]  ? __init_waitqueue_head+0xca/0x150
[ 1605.538310][T18870]  wakeup_source_device_create+0x214/0x2a0
[ 1605.539884][T18870]  wakeup_source_sysfs_add+0x1c/0x90
[ 1605.541295][T18870]  wakeup_source_register+0xaa/0x140
[ 1605.542723][T18870]  ep_create_wakeup_source+0x1df/0x2e0
[ 1605.544177][T18870]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[ 1605.545812][T18870]  ? reverse_path_check_proc+0x12b/0x270
[ 1605.547313][T18870]  do_epoll_ctl+0x1deb/0x3570
[ 1605.548576][T18870]  ? __pfx_do_epoll_ctl+0x10/0x10
[ 1605.549917][T18870]  ? __pfx___might_resched+0x10/0x10
[ 1605.551326][T18870]  ? __might_fault+0xe3/0x190
[ 1605.552587][T18870]  ? __ia32_sys_epoll_ctl+0x15c/0x1e0
[ 1605.554036][T18870]  __ia32_sys_epoll_ctl+0x15c/0x1e0
[ 1605.555415][T18870]  ? __pfx___ia32_sys_epoll_ctl+0x10/0x10
[ 1605.556957][T18870]  __do_fast_syscall_32+0x73/0x120
[ 1605.558390][T18870]  do_fast_syscall_32+0x32/0x80
[ 1605.559691][T18870]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1605.561368][T18870] RIP: 0023:0xf7f80579
[ 1605.562469][T18870] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1605.567505][T18870] RSP: 002b:00000000f56e556c EFLAGS: 00000296 ORIG_RAX: 00000000000000ff
[ 1605.569703][T18870] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000001
[ 1605.571781][T18870] RDX: 0000000000000003 RSI: 0000000020000000 RDI: 0000000000000000
[ 1605.573862][T18870] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1605.575936][T18870] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1605.577953][T18870] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1605.579993][T18870]  </TASK>
[ 1606.877103][T18911] syzkaller0: entered promiscuous mode
[ 1606.880898][T18911] syzkaller0: entered allmulticast mode
[ 1606.905574][   T39] kauditd_printk_skb: 5 callbacks suppressed
[ 1606.905585][   T39] audit: type=1326 audit(2000000077.527:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.915844][   T39] audit: type=1326 audit(2000000077.527:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.922678][   T39] audit: type=1326 audit(2000000077.527:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.933236][   T39] audit: type=1326 audit(2000000077.538:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.940511][   T39] audit: type=1326 audit(2000000077.538:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.947415][   T39] audit: type=1326 audit(2000000077.538:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=334 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.953673][   T39] audit: type=1326 audit(2000000077.538:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.959906][   T39] audit: type=1326 audit(2000000077.538:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.965724][   T39] audit: type=1326 audit(2000000077.548:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.971175][   T39] audit: type=1326 audit(2000000077.548:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18910 comm="syz.0.1962" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x7ffc0000
[ 1606.992438][T14511] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 1607.212908][T14511] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1607.215271][T14511] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1607.218588][T14511] usb 6-1: config 0 descriptor??
[ 1607.431430][   T56] usb 7-1: USB disconnect, device number 13
[ 1607.447748][   T56] usblp0: removed
[ 1607.873031][T14511] usb 6-1: USB disconnect, device number 12
[ 1607.919288][T18928] syzkaller0: entered promiscuous mode
[ 1607.920986][T18928] syzkaller0: entered allmulticast mode
[ 1608.120774][T18933] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1968'.
[ 1608.124090][T18933] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1968'.
[ 1608.129799][T18933] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1968'.
[ 1608.133328][T18933] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1968'.
[ 1608.614537][T18948] FAULT_INJECTION: forcing a failure.
[ 1608.614537][T18948] name failslab, interval 1, probability 0, space 0, times 0
[ 1608.619656][T18948] CPU: 3 UID: 0 PID: 18948 Comm: syz.1.1975 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1608.624099][T18948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1608.628257][T18948] Call Trace:
[ 1608.629491][T18948]  <TASK>
[ 1608.630594][T18948]  dump_stack_lvl+0x16c/0x1f0
[ 1608.632332][T18948]  should_fail_ex+0x497/0x5b0
[ 1608.634064][T18948]  should_failslab+0xc2/0x120
[ 1608.635761][T18948]  kmem_cache_alloc_noprof+0x6e/0x2f0
[ 1608.637699][T18948]  ? __nf_conntrack_alloc+0xd1/0x5e0
[ 1608.639628][T18948]  __nf_conntrack_alloc+0xd1/0x5e0
[ 1608.641439][T18948]  init_conntrack.constprop.0+0xd3e/0x1080
[ 1608.643573][T18948]  ? __pfx_init_conntrack.constprop.0+0x10/0x10
[ 1608.645878][T18948]  ? __pfx_hash_conntrack_raw+0x10/0x10
[ 1608.647899][T18948]  ? __local_bh_enable_ip+0xa4/0x120
[ 1608.649871][T18948]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1608.651796][T18948]  nf_conntrack_in+0xa2f/0x1830
[ 1608.653614][T18948]  ? sctp_chunk_put+0x205/0x2c0
[ 1608.655461][T18948]  ? __pfx_nf_conntrack_in+0x10/0x10
[ 1608.657388][T18948]  ? __pfx_ipt_do_table+0x10/0x10
[ 1608.659263][T18948]  ? __pfx_ipv4_conntrack_local+0x10/0x10
[ 1608.661342][T18948]  ipv4_conntrack_local+0x160/0x250
[ 1608.663332][T18948]  nf_hook_slow+0xbb/0x200
[ 1608.665154][T18948]  nf_hook+0x386/0x6d0
[ 1608.666651][T18948]  ? __pfx_dst_output+0x10/0x10
[ 1608.668375][T18948]  ? __pfx_nf_hook+0x10/0x10
[ 1608.670071][T18948]  ? __pfx_dst_output+0x10/0x10
[ 1608.671796][T18948]  ? do_csum+0x280/0x2e0
[ 1608.673331][T18948]  __ip_local_out+0x33b/0x640
[ 1608.675012][T18948]  ? __pfx_dst_output+0x10/0x10
[ 1608.676692][T18948]  ip_local_out+0x2a/0x4a0
[ 1608.678302][T18948]  __ip_queue_xmit+0x747/0x1940
[ 1608.680030][T18948]  sctp_v4_xmit+0x814/0xba0
[ 1608.681699][T18948]  sctp_packet_transmit+0x1cbe/0x3030
[ 1608.683647][T18948]  sctp_packet_singleton+0x19f/0x370
[ 1608.685504][T18948]  ? __pfx_sctp_packet_singleton+0x10/0x10
[ 1608.687569][T18948]  ? sctp_outq_select_transport+0x208/0x740
[ 1608.689661][T18948]  sctp_outq_flush+0x54d/0x3380
[ 1608.691461][T18948]  ? __pfx_sctp_outq_flush+0x10/0x10
[ 1608.693361][T18948]  ? __pfx_sctp_sm_lookup_event+0x10/0x10
[ 1608.695406][T18948]  ? sctp_outq_tail+0x670/0xa30
[ 1608.697151][T18948]  ? sctp_endpoint_add_asoc+0x228/0x2f0
[ 1608.699118][T18948]  sctp_do_sm+0x179c/0x5c90
[ 1608.700745][T18948]  ? __pfx_sctp_do_sm+0x10/0x10
[ 1608.702557][T18948]  ? node_tag_clear+0x106/0x290
[ 1608.704362][T18948]  ? sctp_assoc_set_id+0x156/0x390
[ 1608.706252][T18948]  sctp_primitive_ASSOCIATE+0x9c/0xd0
[ 1608.708354][T18948]  __sctp_connect+0x7d0/0xc60
[ 1608.710104][T18948]  ? __pfx___sctp_connect+0x10/0x10
[ 1608.712039][T18948]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1608.714007][T18948]  ? security_sctp_bind_connect+0x98/0xd0
[ 1608.716079][T18948]  __sctp_setsockopt_connectx+0x102/0x170
[ 1608.718025][T18948]  sctp_setsockopt+0x3ba8/0xb880
[ 1608.719656][T18948]  ? aa_sk_perm+0x2f5/0xb20
[ 1608.721110][T18948]  ? __pfx_sctp_setsockopt+0x10/0x10
[ 1608.722878][T18948]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1608.724531][T18948]  ? sock_common_setsockopt+0x2e/0xf0
[ 1608.726291][T18948]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1608.728406][T18948]  do_sock_setsockopt+0x222/0x480
[ 1608.730299][T18948]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1608.732325][T18948]  ? __fget_light+0x173/0x210
[ 1608.734117][T18948]  __sys_setsockopt+0x1a4/0x270
[ 1608.735943][T18948]  ? __pfx___sys_setsockopt+0x10/0x10
[ 1608.737925][T18948]  ? fput+0x32/0x390
[ 1608.739393][T18948]  ? ksys_write+0x1ab/0x260
[ 1608.741075][T18948]  ? __pfx_ksys_write+0x10/0x10
[ 1608.742914][T18948]  __ia32_sys_setsockopt+0xbc/0x160
[ 1608.744794][T18948]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1608.746737][T18948]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1608.749181][T18948]  __do_fast_syscall_32+0x73/0x120
[ 1608.751094][T18948]  do_fast_syscall_32+0x32/0x80
[ 1608.752911][T18948]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1608.755234][T18948] RIP: 0023:0xf7f80579
[ 1608.756755][T18948] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1608.763676][T18948] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[ 1608.766725][T18948] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084
[ 1608.769620][T18948] RDX: 000000000000006e RSI: 0000000020000000 RDI: 0000000000000010
[ 1608.772625][T18948] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1608.775585][T18948] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1608.778567][T18948] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1608.781523][T18948]  </TASK>
[ 1609.083575][T18959] netlink: 'syz.1.1980': attribute type 39 has an invalid length.
[ 1609.086754][T18959] netlink: 'syz.1.1980': attribute type 4 has an invalid length.
[ 1609.090314][T18959] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1980'.
[ 1611.132613][T19013] input: syz0 as /devices/virtual/input/input21
[ 1611.881689][T19016] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1611.883712][T19016] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1612.034631][T19016] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1612.039809][T19016] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1612.128125][T19016] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1612.130311][T19016] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1612.487775][T19016] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1612.507727][T19016] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1612.775086][T19059] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1612.779168][T19059] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1614.871025][T19100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2012'.
[ 1615.051409][T19109] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(23)
[ 1615.053943][T19109] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1615.066161][T19109] vhci_hcd vhci_hcd.0: Device attached
[ 1615.073559][T19109] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(25)
[ 1615.075986][T19109] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1615.080921][T19109] vhci_hcd vhci_hcd.0: Device attached
[ 1615.129747][T19112] vhci_hcd: connection closed
[ 1615.133260][   T82] vhci_hcd: stop threads
[ 1615.146615][   T82] vhci_hcd: release socket
[ 1615.147981][   T82] vhci_hcd: disconnect device
[ 1615.161739][T19110] vhci_hcd: connection closed
[ 1615.161983][ T1103] vhci_hcd: stop threads
[ 1615.164573][ T1103] vhci_hcd: release socket
[ 1615.176090][ T1103] vhci_hcd: disconnect device
[ 1615.295442][T19133] FAULT_INJECTION: forcing a failure.
[ 1615.295442][T19133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1615.319094][T19133] CPU: 2 UID: 0 PID: 19133 Comm: syz.0.2016 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1615.322996][T19133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1615.326891][T19133] Call Trace:
[ 1615.328136][T19133]  <TASK>
[ 1615.329247][T19133]  dump_stack_lvl+0x16c/0x1f0
[ 1615.331012][T19133]  should_fail_ex+0x497/0x5b0
[ 1615.332776][T19133]  _copy_to_user+0x30/0xc0
[ 1615.334490][T19133]  simple_read_from_buffer+0xd0/0x160
[ 1615.336611][T19133]  proc_fail_nth_read+0x19e/0x280
[ 1615.338679][T19133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1615.340894][T19133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1615.342963][T19133]  vfs_read+0x1d4/0xbd0
[ 1615.344517][T19133]  ? __fdget_pos+0xeb/0x180
[ 1615.346216][T19133]  ? __pfx_vfs_read+0x10/0x10
[ 1615.347947][T19133]  ? __pfx___mutex_lock+0x10/0x10
[ 1615.349793][T19133]  ? __fget_files+0x256/0x400
[ 1615.351534][T19133]  ksys_read+0x12f/0x260
[ 1615.353098][T19133]  ? __pfx_ksys_read+0x10/0x10
[ 1615.354895][T19133]  __do_fast_syscall_32+0x73/0x120
[ 1615.356773][T19133]  do_fast_syscall_32+0x32/0x80
[ 1615.358563][T19133]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1615.360883][T19133] RIP: 0023:0xf7fcf579
[ 1615.362389][T19133] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1615.369351][T19133] RSP: 002b:00000000f57355a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1615.372400][T19133] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000f5735620
[ 1615.375290][T19133] RDX: 000000000000000f RSI: 00000000f745bff4 RDI: 0000000000000000
[ 1615.378269][T19133] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1615.381521][T19133] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1615.384479][T19133] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1615.387388][T19133]  </TASK>
[ 1615.625139][T19140] syzkaller0: entered promiscuous mode
[ 1615.629358][T19140] syzkaller0: entered allmulticast mode
[ 1616.046179][T19144] netlink: 'syz.2.2019': attribute type 21 has an invalid length.
[ 1617.130450][T14746] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1617.231529][T14746] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1617.357227][T14746] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1617.426507][T14746] bridge0: port 2(netdevsim0) entered disabled state
[ 1617.468331][T14746] netdevsim netdevsim3 netdevsim0 (unregistering): left allmulticast mode
[ 1617.471014][T14746] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode
[ 1617.473494][T14746] bridge0: port 2(netdevsim0) entered disabled state
[ 1617.499397][T15207] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1617.505784][T15207] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1617.506743][T14746] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1617.509050][T15207] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1617.514862][T15207] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1617.517731][T15207] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1617.520249][T15207] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1617.588585][T15632] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1617.603919][T15632] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1617.622898][T15632] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1617.634227][T15632] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1617.637606][T15632] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1617.640556][T15632] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1617.841533][T14746] bridge_slave_0: left allmulticast mode
[ 1617.844426][T14746] bridge_slave_0: left promiscuous mode
[ 1617.848248][T14746] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1617.873425][T14746] veth1_to_bond: left allmulticast mode
[ 1617.875017][T14746] veth1_to_bond: left promiscuous mode
[ 1617.876730][T14746] bridge1: port 1(veth1_to_bond) entered disabled state
[ 1618.686765][T14746] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1618.695663][T14746] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1618.704708][T14746] bond0 (unregistering): Released all slaves
[ 1618.874412][T14746] Êü: left promiscuous mode
[ 1618.972935][T19164] chnl_net:caif_netlink_parms(): no params data found
[ 1618.997602][T19185] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1619.011408][T14746] tipc: Disabling bearer <udp:syz1>
[ 1619.013023][T14746] tipc: Left network mode
[ 1619.014335][T19185] overlayfs: failed to set xattr on upper
[ 1619.019822][T19185] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1619.022580][T19185] overlayfs: ...falling back to uuid=null.
[ 1619.033005][T19185] FAULT_INJECTION: forcing a failure.
[ 1619.033005][T19185] name failslab, interval 1, probability 0, space 0, times 0
[ 1619.041230][T19185] CPU: 1 UID: 0 PID: 19185 Comm: syz.2.2037 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1619.044758][T19185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1619.048165][T19185] Call Trace:
[ 1619.049236][T19185]  <TASK>
[ 1619.050265][T19185]  dump_stack_lvl+0x16c/0x1f0
[ 1619.051951][T19185]  should_fail_ex+0x497/0x5b0
[ 1619.053673][T19185]  ? fs_reclaim_acquire+0xae/0x160
[ 1619.055617][T19185]  should_failslab+0xc2/0x120
[ 1619.057303][T19185]  __kmalloc_noprof+0xcb/0x410
[ 1619.059122][T19185]  ovl_fill_super+0x2fb2/0x6970
[ 1619.060890][T19185]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1619.062668][T19185]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1619.064521][T19185]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1619.066412][T19185]  ? __init_swait_queue_head+0xca/0x150
[ 1619.068334][T19185]  ? sget_fc+0x488/0xb90
[ 1619.069752][T19185]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1619.071474][T19185]  ? get_tree_nodev+0xda/0x190
[ 1619.073159][T19185]  get_tree_nodev+0xda/0x190
[ 1619.074855][T19185]  vfs_get_tree+0x8f/0x380
[ 1619.076414][T19185]  path_mount+0x6e1/0x1f10
[ 1619.077945][T19185]  ? __pfx_path_mount+0x10/0x10
[ 1619.079517][T19185]  ? putname+0x12e/0x170
[ 1619.080965][T19185]  ? putname+0x12e/0x170
[ 1619.082409][T19185]  __ia32_sys_mount+0x292/0x310
[ 1619.084072][T19185]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1619.085868][T19185]  __do_fast_syscall_32+0x73/0x120
[ 1619.087569][T19185]  do_fast_syscall_32+0x32/0x80
[ 1619.089177][T19185]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1619.091296][T19185] RIP: 0023:0xf7f15579
[ 1619.092658][T19185] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1619.099156][T19185] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1619.102093][T19185] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200000c0
[ 1619.104902][T19185] RDX: 0000000020000340 RSI: 0000000000000000 RDI: 0000000020000380
[ 1619.107572][T19185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1619.110356][T19185] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1619.113172][T19185] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1619.116172][T19185]  </TASK>
[ 1619.236396][T19164] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1619.239246][T19164] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1619.241364][T19164] bridge_slave_0: entered allmulticast mode
[ 1619.245111][T19164] bridge_slave_0: entered promiscuous mode
[ 1619.253437][T19164] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1619.255402][T19164] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1619.257330][T19164] bridge_slave_1: entered allmulticast mode
[ 1619.259695][T19164] bridge_slave_1: entered promiscuous mode
[ 1619.350356][T19164] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1619.363732][T14746] hsr_slave_0: left promiscuous mode
[ 1619.377052][T14746] hsr_slave_1: left promiscuous mode
[ 1619.383559][T14746] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1619.386764][T14746] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1619.390591][T14746] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1619.404469][T14746] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1619.479014][T14746] veth1_macvtap: left promiscuous mode
[ 1619.481722][T14746] veth0_macvtap: left promiscuous mode
[ 1619.484036][T14746] veth1_vlan: left promiscuous mode
[ 1619.499811][T14746] veth0_vlan: left promiscuous mode
[ 1619.584259][T19205] Cannot find map_set index 0 as target
[ 1619.614428][T15632] Bluetooth: hci2: command tx timeout
[ 1620.644866][T19215] kernel profiling enabled (shift: 17)
[ 1621.175724][T19223] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2047'.
[ 1621.306287][T14746] team0 (unregistering): Port device team_slave_1 removed
[ 1621.512171][T14746] team0 (unregistering): Port device team_slave_0 removed
[ 1621.585793][T15632] Bluetooth: hci2: command tx timeout
[ 1622.893381][T19164] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1623.014747][T19164] team0: Port device team_slave_0 added
[ 1623.026345][T19164] team0: Port device team_slave_1 added
[ 1623.133931][T19164] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1623.135758][T19164] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1623.143916][T19164] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1623.151754][T19164] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1623.163070][T19164] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1623.173647][T19164] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1623.283687][T19164] hsr_slave_0: entered promiscuous mode
[ 1623.295962][T19164] hsr_slave_1: entered promiscuous mode
[ 1623.299598][T19164] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1623.302781][T19164] Cannot create hsr debugfs directory
[ 1623.498412][T19238] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2050'.
[ 1623.501242][T19238] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2050'.
[ 1623.567545][T15632] Bluetooth: hci2: command tx timeout
[ 1624.120051][T15207] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1624.126117][T15207] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1624.131032][T15207] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1624.137459][T15207] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1624.140799][T15207] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1624.143791][T15207] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1624.206821][T19253] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1624.239686][T19164] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1624.254398][T19164] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1624.299563][T19164] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1624.318915][T19164] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1624.570473][T19250] chnl_net:caif_netlink_parms(): no params data found
[ 1624.733625][T19164] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1624.852520][T19250] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1624.857543][T19250] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1624.859530][T19250] bridge_slave_0: entered allmulticast mode
[ 1624.862367][T11943] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1624.865886][T19250] bridge_slave_0: entered promiscuous mode
[ 1624.878063][T19164] 8021q: adding VLAN 0 to HW filter on device team0
[ 1624.881695][T19250] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1624.884516][T19250] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1624.887247][T19250] bridge_slave_1: entered allmulticast mode
[ 1624.894594][T19250] bridge_slave_1: entered promiscuous mode
[ 1624.982622][T19250] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1625.008592][   T82] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1625.011241][   T82] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1625.017435][T19250] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1625.045417][T11943] usb 5-1: Using ep0 maxpacket: 8
[ 1625.051303][T11943] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 1625.056023][T11943] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1625.059472][T11943] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1625.074275][T11943] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1625.077312][T11943] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1625.094812][T11943] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 1625.096915][T11943] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1625.099833][T11943] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1625.109540][T11943] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1625.115145][T11943] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1625.119846][T11943] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 1625.122755][T11943] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1625.125617][T11943] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1625.128597][T11943] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1625.134852][T11943] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1625.141323][ T1103] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1625.143271][ T1103] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1625.143791][T11943] usb 5-1: string descriptor 0 read error: -22
[ 1625.146898][T11943] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1625.157446][T11943] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1625.161081][T19250] team0: Port device team_slave_0 added
[ 1625.171857][T11943] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1625.196319][T19250] team0: Port device team_slave_1 added
[ 1625.273648][T19250] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1625.276061][T19250] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1625.285743][T19250] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1625.290570][T19250] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1625.295718][T19250] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1625.305024][T19250] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1625.406519][T19250] hsr_slave_0: entered promiscuous mode
[ 1625.425544][T19250] hsr_slave_1: entered promiscuous mode
[ 1625.432490][T19250] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1625.435054][T19250] Cannot create hsr debugfs directory
[ 1625.518299][T19164] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1625.558180][T15632] Bluetooth: hci2: command tx timeout
[ 1625.648906][T19250] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1625.676536][T19164] veth0_vlan: entered promiscuous mode
[ 1625.690002][T19164] veth1_vlan: entered promiscuous mode
[ 1625.728514][T19164] veth0_macvtap: entered promiscuous mode
[ 1625.740200][T19164] veth1_macvtap: entered promiscuous mode
[ 1625.796952][T19250] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1625.825545][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1625.829681][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.834531][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1625.838395][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.852178][T19164] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1625.865894][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.870048][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.876047][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.879730][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.884497][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.889469][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.907582][T19164] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1625.988804][T19250] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1626.031750][T19164] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1626.035456][T19164] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1626.039345][T19164] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1626.042856][T19164] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1626.082293][T15632] Bluetooth: hci4: command tx timeout
[ 1626.116992][T19250] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1626.248149][T15687] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1626.250796][T15687] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1626.340437][T15687] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1626.346656][T15687] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1626.437033][T19250] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1626.446435][T19250] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1626.456796][T19250] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1626.471524][T19250] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1626.720200][T19250] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1626.771803][T19250] 8021q: adding VLAN 0 to HW filter on device team0
[ 1626.790305][T14746] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1626.793188][T14746] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1626.823984][T14746] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1626.826538][T14746] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1626.990804][T19250] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1627.337345][T19250] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1627.373120][T14511] usb 5-1: USB disconnect, device number 15
[ 1627.469533][T19250] veth0_vlan: entered promiscuous mode
[ 1627.490410][T19250] veth1_vlan: entered promiscuous mode
[ 1627.585735][T19250] veth0_macvtap: entered promiscuous mode
[ 1627.599436][T19250] veth1_macvtap: entered promiscuous mode
[ 1627.654377][T19250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1627.658462][T19250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1627.661832][T19250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1627.667754][T19250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1627.674772][T19250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1627.679476][T19250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1627.701642][T19250] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1627.726489][T19250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1627.733253][T19250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1627.737662][T19250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1627.743069][T19250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1627.746499][T19250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1627.752914][T19250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1627.761185][T19250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1627.773657][T19250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1627.782518][T19250] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1627.789115][T19250] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1627.796109][T19250] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1627.803861][T19250] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1627.807607][T19250] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1627.939576][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1627.942487][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1627.971538][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1627.973881][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1628.063575][T15632] Bluetooth: hci4: command tx timeout
[ 1628.880759][T19329] 9pnet_fd: Insufficient options for proto=fd
[ 1628.999625][T19331] netlink: 'syz.2.2061': attribute type 10 has an invalid length.
[ 1629.002629][T19331] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2061'.
[ 1629.014339][T19331] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1630.729608][T19351] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2068'.
[ 1630.734311][T19351] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2068'.
[ 1631.766711][T19361] overlayfs: failed to resolve './file1': -2
[ 1632.418072][T15632] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1632.422737][T15632] Bluetooth: hci2: Injecting HCI hardware error event
[ 1632.428213][T15207] Bluetooth: hci2: hardware error 0x00
[ 1632.720767][T15632] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 1632.723645][T15632] Bluetooth: hci4: Injecting HCI hardware error event
[ 1632.727874][T15632] Bluetooth: hci4: hardware error 0x00
[ 1633.631262][T19395] Cannot find add_set index 0 as target
[ 1634.054581][T19401] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2082'.
[ 1634.057682][T19401] tipc: Invalid UDP bearer configuration
[ 1634.057751][T19401] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1634.178626][   T39] kauditd_printk_skb: 27 callbacks suppressed
[ 1634.178721][   T39] audit: type=1326 audit(2000000106.155:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19404 comm="syz.2.2085" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[ 1634.190734][   T39] audit: type=1326 audit(2000000106.155:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19404 comm="syz.2.2085" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[ 1634.201965][   T39] audit: type=1326 audit(2000000106.155:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19404 comm="syz.2.2085" exe="/syz-executor" sig=0 arch=40000003 syscall=377 compat=1 ip=0xf7f15579 code=0x7ffc0000
[ 1634.219229][   T39] audit: type=1326 audit(2000000106.166:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19404 comm="syz.2.2085" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[ 1634.227651][   T39] audit: type=1326 audit(2000000106.166:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19404 comm="syz.2.2085" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000
[ 1634.387713][T15207] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1634.603330][T19420] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2089'.
[ 1634.614549][T19420] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2089'.
[ 1634.692529][T15632] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1634.732852][T19424] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2090'.
[ 1634.744191][T19424] Êü: entered promiscuous mode
[ 1634.975017][T19428] Cannot find set identified by id 0 to match
[ 1634.994111][T19435] netlink: 'syz.0.2093': attribute type 1 has an invalid length.
[ 1634.996940][T19435] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1634.999595][T19435] IPv6: NLM_F_CREATE should be set when creating new route
[ 1635.163531][T19444] ip6gretap0: entered promiscuous mode
[ 1635.181350][T19444] batadv_slave_0: entered promiscuous mode
[ 1636.536334][T19465] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2102'.
[ 1637.160369][   T39] audit: type=1804 audit(2000000109.284:513): pid=19475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2105" name="/newroot/181/bus/bus" dev="overlay" ino=1002 res=1 errno=0
[ 1637.238740][T19475] netlink: 'syz.0.2105': attribute type 3 has an invalid length.
[ 1638.399931][T19487] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1638.977928][T19494] cgroup: No subsys list or none specified
[ 1639.047177][T19500] FAULT_INJECTION: forcing a failure.
[ 1639.047177][T19500] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1639.052177][T19500] CPU: 1 UID: 0 PID: 19500 Comm: syz.3.2113 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1639.055952][T19500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1639.059796][T19500] Call Trace:
[ 1639.060974][T19500]  <TASK>
[ 1639.061968][T19500]  dump_stack_lvl+0x16c/0x1f0
[ 1639.063687][T19500]  should_fail_ex+0x497/0x5b0
[ 1639.065324][T19500]  _copy_from_iter+0x27a/0xfc0
[ 1639.067080][T19500]  ? _copy_from_iter+0x149/0xfc0
[ 1639.068778][T19500]  ? __pfx__copy_from_iter+0x10/0x10
[ 1639.070689][T19500]  ? sock_alloc_send_pskb+0x750/0x980
[ 1639.072730][T19500]  ? __pfx__copy_from_iter+0x10/0x10
[ 1639.074815][T19500]  copy_page_from_iter+0xa5/0x120
[ 1639.076746][T19500]  skb_copy_datagram_from_iter+0x41d/0x6c0
[ 1639.078796][T19500]  packet_sendmsg+0x2136/0x5390
[ 1639.080570][T19500]  ? __pfx___might_resched+0x10/0x10
[ 1639.082226][T19500]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1639.084389][T19500]  ? aa_sk_perm+0x2f5/0xb20
[ 1639.086000][T19500]  ? __pfx___might_resched+0x10/0x10
[ 1639.087581][T19500]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1639.089384][T19500]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1639.091096][T19500]  ? __might_fault+0xe3/0x190
[ 1639.092816][T19500]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1639.094693][T19500]  __sys_sendto+0x47f/0x4e0
[ 1639.096593][T19500]  ? __pfx___sys_sendto+0x10/0x10
[ 1639.098462][T19500]  ? ksys_write+0x1ab/0x260
[ 1639.100067][T19500]  ? __pfx_ksys_write+0x10/0x10
[ 1639.101800][T19500]  __ia32_sys_sendto+0xdd/0x1b0
[ 1639.103528][T19500]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1639.105911][T19500]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1639.108311][T19500]  __do_fast_syscall_32+0x73/0x120
[ 1639.110278][T19500]  do_fast_syscall_32+0x32/0x80
[ 1639.112084][T19500]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1639.114281][T19500] RIP: 0023:0xf7fb4579
[ 1639.115741][T19500] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1639.122244][T19500] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1639.125301][T19500] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000180
[ 1639.128053][T19500] RDX: 0000000000010608 RSI: 0000000000000000 RDI: 0000000020000140
[ 1639.130842][T19500] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[ 1639.133453][T19500] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1639.136351][T19500] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1639.139249][T19500]  </TASK>
[ 1639.302413][   T39] audit: type=1326 audit(2000000111.530:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19495 comm="syz.3.2113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[ 1639.316664][   T39] audit: type=1326 audit(2000000111.530:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19495 comm="syz.3.2113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[ 1639.325648][   T39] audit: type=1326 audit(2000000111.530:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19495 comm="syz.3.2113" exe="/syz-executor" sig=0 arch=40000003 syscall=377 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[ 1639.349512][   T39] audit: type=1326 audit(2000000111.530:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19495 comm="syz.3.2113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[ 1639.366338][   T39] audit: type=1326 audit(2000000111.530:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19495 comm="syz.3.2113" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[ 1639.377026][   T39] audit: type=1326 audit(2000000111.551:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19495 comm="syz.3.2113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[ 1639.387530][   T39] audit: type=1326 audit(2000000111.551:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19495 comm="syz.3.2113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[ 1639.395517][T19511] overlay: Unknown parameter 'fowner'
[ 1639.610186][T19511] syzkaller1: entered promiscuous mode
[ 1639.612860][T19511] syzkaller1: entered allmulticast mode
[ 1639.698800][T19522] 9pnet_fd: Insufficient options for proto=fd
[ 1639.755386][T19526] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2123'.
[ 1639.854567][T19533] binder: 19532:19533 ioctl c018937c 20000380 returned -22
[ 1639.860439][T19534] binder: 19532:19534 ioctl c0306201 0 returned -14
[ 1639.862389][T19533] binder: BC_ACQUIRE_RESULT not supported
[ 1639.864283][T19533] binder: 19532:19533 ioctl c0306201 200001c0 returned -22
[ 1640.043245][T19542] FAULT_INJECTION: forcing a failure.
[ 1640.043245][T19542] name failslab, interval 1, probability 0, space 0, times 0
[ 1640.049346][T19542] CPU: 1 UID: 0 PID: 19542 Comm: syz.1.2127 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1640.052186][T19542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1640.054978][T19542] Call Trace:
[ 1640.055880][T19542]  <TASK>
[ 1640.056666][T19542]  dump_stack_lvl+0x16c/0x1f0
[ 1640.057900][T19542]  should_fail_ex+0x497/0x5b0
[ 1640.059127][T19542]  should_failslab+0xc2/0x120
[ 1640.060373][T19542]  kmem_cache_alloc_noprof+0x6e/0x2f0
[ 1640.061777][T19542]  ? skb_clone+0x190/0x3f0
[ 1640.063076][T19542]  skb_clone+0x190/0x3f0
[ 1640.064230][T19542]  netlink_deliver_tap+0xb26/0xcf0
[ 1640.065949][T19542]  netlink_dump+0xb2d/0xcc0
[ 1640.067527][T19542]  ? __pfx_netlink_dump+0x10/0x10
[ 1640.069235][T19542]  ? kfree_skbmem+0x1a4/0x1f0
[ 1640.070839][T19542]  ? kfree_skbmem+0x1a4/0x1f0
[ 1640.072433][T19542]  netlink_recvmsg+0xa0d/0xf30
[ 1640.074089][T19542]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1640.075875][T19542]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1640.077527][T19542]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[ 1640.079310][T19542]  ? security_socket_recvmsg+0x98/0xd0
[ 1640.081140][T19542]  sock_recvmsg+0x1f6/0x250
[ 1640.082722][T19542]  __sys_recvfrom+0x1ab/0x2e0
[ 1640.084342][T19542]  ? __pfx___sys_recvfrom+0x10/0x10
[ 1640.086114][T19542]  ? __might_fault+0x13b/0x190
[ 1640.087729][T19542]  ? __pfx_lock_release+0x10/0x10
[ 1640.089449][T19542]  __do_compat_sys_socketcall+0x384/0x700
[ 1640.091374][T19542]  ? __pfx___do_compat_sys_socketcall+0x10/0x10
[ 1640.093492][T19542]  ? fput+0x32/0x390
[ 1640.094883][T19542]  __do_fast_syscall_32+0x73/0x120
[ 1640.096645][T19542]  do_fast_syscall_32+0x32/0x80
[ 1640.098307][T19542]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1640.100432][T19542] RIP: 0023:0xf7fe0579
[ 1640.101824][T19542] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1640.108211][T19542] RSP: 002b:00000000f5723450 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[ 1640.110998][T19542] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f572346c
[ 1640.113587][T19542] RDX: 0000000000000000 RSI: 00000000f5723570 RDI: 00000000f746bff4
[ 1640.115781][T19542] RBP: 00000000f5723570 R08: 0000000000000000 R09: 0000000000000000
[ 1640.117820][T19542] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1640.119842][T19542] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1640.121895][T19542]  </TASK>
[ 1642.658956][T19559] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1642.979726][ T5386] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1643.168745][T19565] FAULT_INJECTION: forcing a failure.
[ 1643.168745][T19565] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1643.176579][T19565] CPU: 0 UID: 0 PID: 19565 Comm: syz.1.2134 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1643.180396][T19565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1643.184214][T19565] Call Trace:
[ 1643.185400][T19565]  <TASK>
[ 1643.186490][T19565]  dump_stack_lvl+0x16c/0x1f0
[ 1643.188200][T19565]  should_fail_ex+0x497/0x5b0
[ 1643.189930][T19565]  _copy_from_user+0x30/0xf0
[ 1643.191618][T19565]  input_event_from_user+0x22d/0x3b0
[ 1643.193673][T19565]  ? __pfx_input_event_from_user+0x10/0x10
[ 1643.195934][T19565]  ? input_inject_event+0x193/0x370
[ 1643.197950][T19565]  evdev_write+0x374/0x750
[ 1643.199659][T19565]  ? __pfx_evdev_write+0x10/0x10
[ 1643.201496][T19565]  ? bpf_lsm_file_permission+0x9/0x10
[ 1643.203440][T19565]  ? security_file_permission+0x98/0xc0
[ 1643.205501][T19565]  ? __pfx_evdev_write+0x10/0x10
[ 1643.207337][T19565]  vfs_write+0x29a/0x1140
[ 1643.208859][T19565]  ? __pfx_vfs_write+0x10/0x10
[ 1643.210159][T19565]  ? __fget_files+0x256/0x400
[ 1643.211372][T19565]  ? __fget_light+0x173/0x210
[ 1643.212620][T19565]  ksys_write+0x1f8/0x260
[ 1643.213822][T19565]  ? __pfx_ksys_write+0x10/0x10
[ 1643.215139][T19565]  __do_fast_syscall_32+0x73/0x120
[ 1643.216575][T19565]  do_fast_syscall_32+0x32/0x80
[ 1643.218401][T19565]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1643.220136][T19565] RIP: 0023:0xf7fe0579
[ 1643.221350][T19565] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1643.226525][T19565] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1643.229097][T19565] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[ 1643.231165][T19565] RDX: 0000000000002250 RSI: 0000000000000000 RDI: 0000000000000000
[ 1643.233208][T19565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1643.235282][T19565] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1643.237388][T19565] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1643.239950][T19565]  </TASK>
[ 1643.241437][ T5386] usb 5-1: Using ep0 maxpacket: 8
[ 1643.253365][ T5386] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[ 1643.256032][ T5386] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[ 1643.258507][ T5386] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[ 1643.260870][ T5386] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[ 1643.263816][ T5386] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[ 1643.269147][ T5386] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1643.273585][ T5386] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[ 1643.276430][ T5386] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[ 1643.278905][ T5386] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[ 1643.291705][ T5386] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[ 1643.300650][ T5386] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[ 1643.309697][ T5386] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1643.319389][ T5386] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[ 1643.322460][ T5386] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[ 1643.329330][ T5386] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[ 1643.332821][ T5386] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[ 1643.337161][ T5386] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[ 1643.341423][ T5386] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1643.409293][ T5386] usb 5-1: string descriptor 0 read error: -22
[ 1643.411993][ T5386] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1643.415339][ T5386] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1643.458380][ T5386] adutux 5-1:246.0: interrupt endpoints not found
[ 1643.656478][T19586] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2139'.
[ 1643.667579][T19586] veth1_to_bond: left allmulticast mode
[ 1643.669152][T19586] veth1_to_bond: left promiscuous mode
[ 1643.670737][T19586] bridge1: port 1(veth1_to_bond) entered disabled state
[ 1643.678319][T19586] bridge2: port 1(veth1_to_bond) entered blocking state
[ 1643.680207][T19586] bridge2: port 1(veth1_to_bond) entered disabled state
[ 1643.682189][T19586] veth1_to_bond: entered allmulticast mode
[ 1643.685131][T19586] veth1_to_bond: entered promiscuous mode
[ 1643.687542][T19586] bridge2: port 1(veth1_to_bond) entered blocking state
[ 1643.689588][T19586] bridge2: port 1(veth1_to_bond) entered forwarding state
[ 1643.798006][T19590] netlink: 'syz.2.2141': attribute type 5 has an invalid length.
[ 1644.410525][T14015] usb 5-1: USB disconnect, device number 16
[ 1644.532798][T10968] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[ 1644.716538][T10968] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1644.720520][T10968] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1644.742732][T10968] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1644.745857][T10968] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1644.750335][T19582] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1644.779952][T10968] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[ 1645.689259][ T8660] usb 8-1: USB disconnect, device number 10
[ 1645.767101][T19620] IPVS: persistence engine module ip_vs_pe_
 not found
[ 1645.936517][T19632] netlink: 'syz.2.2156': attribute type 8 has an invalid length.
[ 1646.504755][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1646.672342][T19648] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[ 1647.163325][T19661] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[ 1648.006912][T19666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2166'.
[ 1650.380676][T19704] FAULT_INJECTION: forcing a failure.
[ 1650.380676][T19704] name failslab, interval 1, probability 0, space 0, times 0
[ 1650.385760][T19704] CPU: 3 UID: 0 PID: 19704 Comm: syz.3.2179 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1650.390115][T19704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1650.394520][T19704] Call Trace:
[ 1650.395986][T19704]  <TASK>
[ 1650.397057][T19704]  dump_stack_lvl+0x16c/0x1f0
[ 1650.398772][T19704]  should_fail_ex+0x497/0x5b0
[ 1650.400482][T19704]  ? fs_reclaim_acquire+0xae/0x160
[ 1650.402630][T19704]  should_failslab+0xc2/0x120
[ 1650.404561][T19704]  kmem_cache_alloc_noprof+0x6e/0x2f0
[ 1650.406632][T19704]  ? __kernfs_new_node+0xd3/0x890
[ 1650.408563][T19704]  __kernfs_new_node+0xd3/0x890
[ 1650.410317][T19704]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1650.412326][T19704]  ? __pfx_lock_release+0x10/0x10
[ 1650.414136][T19704]  ? down_write+0x14e/0x200
[ 1650.415793][T19704]  ? up_write+0x1b2/0x520
[ 1650.417456][T19704]  kernfs_new_node+0x186/0x240
[ 1650.419437][T19704]  __kernfs_create_file+0x53/0x350
[ 1650.421471][T19704]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[ 1650.423546][T19704]  internal_create_group+0x565/0xe50
[ 1650.425421][T19704]  ? __pfx_internal_create_group+0x10/0x10
[ 1650.427584][T19704]  ? kernfs_create_link+0x1bd/0x240
[ 1650.429598][T19704]  internal_create_groups+0x9d/0x150
[ 1650.431932][T19704]  device_add+0xf33/0x1a70
[ 1650.433952][T19704]  ? __pfx_device_add+0x10/0x10
[ 1650.435880][T19704]  ? __init_waitqueue_head+0xca/0x150
[ 1650.437977][T19704]  wakeup_source_device_create+0x214/0x2a0
[ 1650.440106][T19704]  wakeup_source_sysfs_add+0x1c/0x90
[ 1650.442222][T19704]  wakeup_source_register+0xaa/0x140
[ 1650.444334][T19704]  ep_create_wakeup_source+0x1df/0x2e0
[ 1650.446519][T19704]  ? __pfx_ep_create_wakeup_source+0x10/0x10
[ 1650.448950][T19704]  ? reverse_path_check_proc+0x12b/0x270
[ 1650.451505][T19704]  do_epoll_ctl+0x1deb/0x3570
[ 1650.453092][T19704]  ? __pfx_do_epoll_ctl+0x10/0x10
[ 1650.454643][T19704]  ? __pfx___might_resched+0x10/0x10
[ 1650.456801][T19704]  ? __might_fault+0xe3/0x190
[ 1650.458604][T19704]  ? __ia32_sys_epoll_ctl+0x15c/0x1e0
[ 1650.460642][T19704]  __ia32_sys_epoll_ctl+0x15c/0x1e0
[ 1650.462746][T19704]  ? __pfx___ia32_sys_epoll_ctl+0x10/0x10
[ 1650.464990][T19704]  __do_fast_syscall_32+0x73/0x120
[ 1650.466849][T19704]  do_fast_syscall_32+0x32/0x80
[ 1650.468602][T19704]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1650.471005][T19704] RIP: 0023:0xf7fb4579
[ 1650.472636][T19704] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1650.480364][T19704] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 00000000000000ff
[ 1650.483475][T19704] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000001
[ 1650.486248][T19704] RDX: 0000000000000003 RSI: 0000000020000000 RDI: 0000000000000000
[ 1650.489101][T19704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1650.491919][T19704] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1650.494712][T19704] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1650.497715][T19704]  </TASK>
[ 1650.763402][   T39] audit: type=1804 audit(2000000123.561:521): pid=19711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2183" name="/newroot/197/bus/file0" dev="overlay" ino=1096 res=1 errno=0
[ 1651.943331][T19734] syzkaller0: entered promiscuous mode
[ 1651.948867][T19734] syzkaller0: entered allmulticast mode
[ 1652.125835][   T39] audit: type=1326 audit(2000000124.978:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19733 comm="syz.1.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe0579 code=0x7ffc0000
[ 1652.134061][   T39] audit: type=1326 audit(2000000124.999:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19733 comm="syz.1.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe0579 code=0x7ffc0000
[ 1652.165833][   T39] audit: type=1326 audit(2000000124.999:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19733 comm="syz.1.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7fe0579 code=0x7ffc0000
[ 1652.174810][   T39] audit: type=1326 audit(2000000124.999:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19733 comm="syz.1.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe0579 code=0x7ffc0000
[ 1652.184629][   T39] audit: type=1326 audit(2000000125.010:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19733 comm="syz.1.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=334 compat=1 ip=0xf7fe0579 code=0x7ffc0000
[ 1652.193104][   T39] audit: type=1326 audit(2000000125.010:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19733 comm="syz.1.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe0579 code=0x7ffc0000
[ 1652.202951][   T39] audit: type=1326 audit(2000000125.010:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19733 comm="syz.1.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe0579 code=0x7ffc0000
[ 1652.211608][   T39] audit: type=1326 audit(2000000125.010:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19733 comm="syz.1.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe0579 code=0x7ffc0000
[ 1652.224620][   T39] audit: type=1326 audit(2000000125.020:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19733 comm="syz.1.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe0579 code=0x7ffc0000
[ 1653.330545][T19747] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2192'.
[ 1653.347588][T19747] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2192'.
[ 1653.351307][T19747] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2192'.
[ 1653.357643][T19747] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2192'.
[ 1654.435836][T19771] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[ 1654.437912][T19771] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1654.442752][T19771] vhci_hcd vhci_hcd.0: Device attached
[ 1654.448756][T19770] overlay: Unknown parameter 'fowner'
[ 1654.568195][T19770] syzkaller1: entered promiscuous mode
[ 1654.570346][T19770] syzkaller1: entered allmulticast mode
[ 1654.694835][T19773] vhci_hcd: cannot find a urb of seqnum 1834750217 max seqnum 0
[ 1654.701188][ T1138] vhci_hcd: stop threads
[ 1654.702482][ T1138] vhci_hcd: release socket
[ 1654.711335][ T1138] vhci_hcd: disconnect device
[ 1654.744446][ T8660] usb 16-1: enqueue for inactive port 0
[ 1655.243333][ T8660] usb usb16-port1: attempt power cycle
[ 1655.601422][ T8831] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 1655.774964][ T8831] usb 8-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1655.778374][ T8831] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1655.785799][ T8831] usb 8-1: config 0 descriptor??
[ 1655.869197][ T8660] usb usb16-port1: unable to enumerate USB device
[ 1656.599735][T19795] FAULT_INJECTION: forcing a failure.
[ 1656.599735][T19795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1656.604196][T19795] CPU: 0 UID: 0 PID: 19795 Comm: syz.2.2208 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1656.607521][T19795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1656.610659][T19795] Call Trace:
[ 1656.611718][T19795]  <TASK>
[ 1656.612577][T19795]  dump_stack_lvl+0x16c/0x1f0
[ 1656.614103][T19795]  should_fail_ex+0x497/0x5b0
[ 1656.615528][T19795]  _copy_to_user+0x30/0xc0
[ 1656.616950][T19795]  __htab_map_lookup_and_delete_batch+0x18b2/0x2820
[ 1656.618873][T19795]  ? find_held_lock+0x2d/0x110
[ 1656.620233][T19795]  ? __pfx___htab_map_lookup_and_delete_batch+0x10/0x10
[ 1656.622320][T19795]  ? __fget_files+0x256/0x400
[ 1656.623916][T19795]  ? __pfx_htab_map_lookup_and_delete_batch+0x10/0x10
[ 1656.625822][T19795]  bpf_map_do_batch+0x32a/0x6e0
[ 1656.627305][T19795]  __sys_bpf+0x513e/0x55e0
[ 1656.628919][T19795]  ? __pfx___sys_bpf+0x10/0x10
[ 1656.630996][T19795]  ? ksys_write+0x12f/0x260
[ 1656.632931][T19795]  ? find_held_lock+0x2d/0x110
[ 1656.634876][T19795]  ? ksys_write+0x21c/0x260
[ 1656.636692][T19795]  ? __pfx_lock_release+0x10/0x10
[ 1656.638565][T19795]  ? vfs_write+0x14d/0x1140
[ 1656.640261][T19795]  ? __mutex_unlock_slowpath+0x164/0x650
[ 1656.642319][T19795]  ? fput+0x32/0x390
[ 1656.643740][T19795]  ? ksys_write+0x1ab/0x260
[ 1656.645458][T19795]  ? __pfx_ksys_write+0x10/0x10
[ 1656.647371][T19795]  __ia32_sys_bpf+0x76/0xe0
[ 1656.649145][T19795]  __do_fast_syscall_32+0x73/0x120
[ 1656.651442][T19795]  do_fast_syscall_32+0x32/0x80
[ 1656.653586][T19795]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1656.656020][T19795] RIP: 0023:0xf7f15579
[ 1656.657609][T19795] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1656.664569][T19795] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[ 1656.668122][T19795] RAX: ffffffffffffffda RBX: 0000000000000019 RCX: 0000000020000800
[ 1656.671484][T19795] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[ 1656.674270][T19795] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1656.677113][T19795] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1656.679824][T19795] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1656.682579][T19795]  </TASK>
[ 1656.844683][T19804] netlink: 'syz.0.2210': attribute type 10 has an invalid length.
[ 1656.846912][T19804] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2210'.
[ 1656.858509][T19804] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1656.874510][   T25] usb 8-1: USB disconnect, device number 11
[ 1657.032835][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[ 1657.035303][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[ 1658.692764][T19828] netlink: 'syz.1.2217': attribute type 39 has an invalid length.
[ 1658.695052][T19828] netlink: 'syz.1.2217': attribute type 4 has an invalid length.
[ 1658.698248][T19828] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2217'.
[ 1659.413780][T19846] FAULT_INJECTION: forcing a failure.
[ 1659.413780][T19846] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1659.420803][T19846] CPU: 3 UID: 0 PID: 19846 Comm: syz.2.2224 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1659.424627][T19846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1659.428447][T19846] Call Trace:
[ 1659.429665][T19846]  <TASK>
[ 1659.430749][T19846]  dump_stack_lvl+0x16c/0x1f0
[ 1659.432583][T19846]  should_fail_ex+0x497/0x5b0
[ 1659.434650][T19846]  _copy_from_user+0x30/0xf0
[ 1659.436233][T19846]  get_compat_msghdr+0xa8/0x170
[ 1659.437666][T19846]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1659.439318][T19846]  ? kfree+0x245/0x3b0
[ 1659.440680][T19846]  ? find_held_lock+0x2d/0x110
[ 1659.442044][T19846]  ___sys_recvmsg+0x193/0x1a0
[ 1659.443317][T19846]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1659.444715][T19846]  ? __pfx___might_resched+0x10/0x10
[ 1659.446147][T19846]  ? __fget_light+0x173/0x210
[ 1659.447395][T19846]  do_recvmmsg+0x51a/0x750
[ 1659.448847][T19846]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1659.450326][T19846]  ? __pfx_lock_release+0x10/0x10
[ 1659.451662][T19846]  ? vfs_write+0x14d/0x1140
[ 1659.452877][T19846]  __sys_recvmmsg+0x21e/0x280
[ 1659.454221][T19846]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1659.455679][T19846]  ? __pfx_ksys_write+0x10/0x10
[ 1659.457263][T19846]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[ 1659.459157][T19846]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1659.460778][T19846]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1659.463044][T19846]  __do_fast_syscall_32+0x73/0x120
[ 1659.464835][T19846]  do_fast_syscall_32+0x32/0x80
[ 1659.466493][T19846]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1659.468668][T19846] RIP: 0023:0xf7f15579
[ 1659.470164][T19846] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1659.477299][T19846] RSP: 002b:00000000f567556c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[ 1659.480275][T19846] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000300
[ 1659.482394][T19846] RDX: 000000000000049e RSI: 00000000000000fe RDI: 0000000000000000
[ 1659.484442][T19846] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1659.486511][T19846] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1659.488770][T19846] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1659.490928][T19846]  </TASK>
[ 1660.443227][T19871] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2230'.
[ 1660.449002][T19871] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2230'.
[ 1660.464766][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x1
[ 1660.467600][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.477060][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.481940][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.485028][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.491241][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.494774][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x4
[ 1660.500295][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.503439][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.506291][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.509290][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.515314][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.518305][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.524803][T19873] netlink: 'syz.3.2230': attribute type 10 has an invalid length.
[ 1660.526221][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.534703][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.548010][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.555589][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.562791][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.567792][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.571086][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.576872][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.581268][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.586053][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.589291][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.592331][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.599153][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.606019][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.613467][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.620529][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.628067][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.634471][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.637655][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.643116][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.646216][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.649128][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.654638][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.657676][ T8831] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[ 1660.672001][ T8831] hid-generic 0000:0000:0000.000F: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1661.431859][T19891] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2237'.
[ 1662.394598][   T39] kauditd_printk_skb: 28 callbacks suppressed
[ 1662.394703][   T39] audit: type=1326 audit(2000000135.781:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19907 comm="syz.1.2245" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe0579 code=0x0
[ 1662.482151][T19920] input: syz0 as /devices/virtual/input/input24
[ 1662.501831][T19920] FAULT_INJECTION: forcing a failure.
[ 1662.501831][T19920] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1662.530963][T19920] CPU: 0 UID: 0 PID: 19920 Comm: syz.0.2247 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1662.534792][T19920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1662.538322][T19920] Call Trace:
[ 1662.539362][T19920]  <TASK>
[ 1662.540315][T19920]  dump_stack_lvl+0x16c/0x1f0
[ 1662.541972][T19920]  should_fail_ex+0x497/0x5b0
[ 1662.543742][T19920]  _copy_from_user+0x30/0xf0
[ 1662.545404][T19920]  input_event_from_user+0x22d/0x3b0
[ 1662.547178][T19920]  ? __pfx_input_event_from_user+0x10/0x10
[ 1662.549017][T19920]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1662.550833][T19920]  ? input_event+0x8e/0xa0
[ 1662.552336][T19920]  uinput_write+0xbc2/0x12c0
[ 1662.553961][T19920]  ? __pfx_uinput_write+0x10/0x10
[ 1662.555681][T19920]  ? bpf_lsm_file_permission+0x9/0x10
[ 1662.557555][T19920]  ? security_file_permission+0x98/0xc0
[ 1662.559274][T19920]  ? __pfx_uinput_write+0x10/0x10
[ 1662.560850][T19920]  vfs_write+0x29a/0x1140
[ 1662.562217][T19920]  ? __pfx_vfs_write+0x10/0x10
[ 1662.563724][T19920]  ? __fget_files+0x256/0x400
[ 1662.565188][T19920]  ? __fget_light+0x173/0x210
[ 1662.566672][T19920]  ksys_write+0x1f8/0x260
[ 1662.568127][T19920]  ? __pfx_ksys_write+0x10/0x10
[ 1662.569718][T19920]  __do_fast_syscall_32+0x73/0x120
[ 1662.571362][T19920]  do_fast_syscall_32+0x32/0x80
[ 1662.572765][T19920]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1662.574664][T19920] RIP: 0023:0xf7fcf579
[ 1662.575942][T19920] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1662.582024][T19920] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1662.585167][T19920] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[ 1662.587979][T19920] RDX: 00000000000015b0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1662.590589][T19920] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1662.593055][T19920] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1662.595948][T19920] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1662.599062][T19920]  </TASK>
[ 1662.600362][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1662.723845][T19924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2249'.
[ 1663.268479][T19956] Option '        S†±Óý7mu•ÞöUKs»¢ø' to dns_resolver key: bad/missing value
[ 1664.293690][    C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1664.310072][T19979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2266'.
[ 1664.310143][T19979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2266'.
[ 1664.465815][T19985] FAULT_INJECTION: forcing a failure.
[ 1664.465815][T19985] name failslab, interval 1, probability 0, space 0, times 0
[ 1664.469613][T19985] CPU: 3 UID: 0 PID: 19985 Comm: syz.0.2268 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1664.472772][T19985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1664.476228][T19985] Call Trace:
[ 1664.477578][T19985]  <TASK>
[ 1664.478707][T19985]  dump_stack_lvl+0x16c/0x1f0
[ 1664.480007][T19985]  should_fail_ex+0x497/0x5b0
[ 1664.481631][T19985]  ? fs_reclaim_acquire+0xae/0x160
[ 1664.482978][T19985]  should_failslab+0xc2/0x120
[ 1664.484208][T19985]  kmem_cache_alloc_lru_noprof+0x72/0x2f0
[ 1664.485702][T19985]  ? proc_alloc_inode+0x25/0x200
[ 1664.486994][T19985]  ? __pfx_proc_alloc_inode+0x10/0x10
[ 1664.488387][T19985]  proc_alloc_inode+0x25/0x200
[ 1664.489729][T19985]  alloc_inode+0x5d/0x230
[ 1664.490957][T19985]  new_inode+0x22/0x210
[ 1664.492332][T19985]  proc_pid_make_inode+0x22/0x160
[ 1664.493814][T19985]  proc_fd_instantiate+0x59/0x1f0
[ 1664.495223][T19985]  proc_fill_cache+0x362/0x470
[ 1664.496529][T19985]  ? __pfx_proc_fd_instantiate+0x10/0x10
[ 1664.498024][T19985]  ? __pfx_proc_fill_cache+0x10/0x10
[ 1664.499407][T19985]  ? __pfx_vsnprintf+0x10/0x10
[ 1664.500776][T19985]  ? task_lookup_next_fdget_rcu+0x294/0x470
[ 1664.502344][T19985]  ? proc_readfd_common+0x1d9/0x9a0
[ 1664.503717][T19985]  ? snprintf+0xc8/0x100
[ 1664.504930][T19985]  ? task_lookup_next_fdget_rcu+0x294/0x470
[ 1664.506607][T19985]  ? proc_readfd_common+0x1d9/0x9a0
[ 1664.508045][T19985]  proc_readfd_common+0x25a/0x9a0
[ 1664.509391][T19985]  ? __pfx_proc_fd_instantiate+0x10/0x10
[ 1664.511090][T19985]  ? __pfx_proc_readfd_common+0x10/0x10
[ 1664.512544][T19985]  ? down_read_killable+0xcc/0x380
[ 1664.513917][T19985]  ? __pfx_down_read_killable+0x10/0x10
[ 1664.515447][T19985]  ? apparmor_file_permission+0x251/0x400
[ 1664.517084][T19985]  iterate_dir+0x53e/0xb60
[ 1664.518439][T19985]  __ia32_compat_sys_getdents+0x14f/0x2d0
[ 1664.520164][T19985]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1664.521702][T19985]  ? __pfx___ia32_compat_sys_getdents+0x10/0x10
[ 1664.523393][T19985]  ? __pfx_compat_filldir+0x10/0x10
[ 1664.524777][T19985]  __do_fast_syscall_32+0x73/0x120
[ 1664.526163][T19985]  do_fast_syscall_32+0x32/0x80
[ 1664.527520][T19985]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1664.529399][T19985] RIP: 0023:0xf7fcf579
[ 1664.530832][T19985] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1664.536323][T19985] RSP: 002b:00000000f573556c EFLAGS: 00000296 ORIG_RAX: 000000000000008d
[ 1664.538554][T19985] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200004c0
[ 1664.540737][T19985] RDX: 00000000000000db RSI: 0000000000000000 RDI: 0000000000000000
[ 1664.543000][T19985] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1664.545824][T19985] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1664.548698][T19985] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1664.551611][T19985]  </TASK>
[ 1665.786015][T20006] Option '        S†±Óý7mu•ÞöUKs»¢ø' to dns_resolver key: bad/missing value
[ 1665.839486][T20008] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1665.843072][T20008] overlayfs: failed to set xattr on upper
[ 1665.846630][T20008] FAULT_INJECTION: forcing a failure.
[ 1665.846630][T20008] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1665.846716][T20008] 
[ 1665.846721][T20008] ======================================================
[ 1665.846725][T20008] WARNING: possible circular locking dependency detected
[ 1665.846731][T20008] 6.11.0-rc7-syzkaller-00149-g0babf683783d #0 Not tainted
[ 1665.846739][T20008] ------------------------------------------------------
[ 1665.846744][T20008] syz.1.2277/20008 is trying to acquire lock:
[ 1665.846751][T20008] ffffffff8dda75d8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x12/0x70
[ 1665.846792][T20008] 
[ 1665.846792][T20008] but task is already holding lock:
[ 1665.846796][T20008] ffff88802b83edd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[ 1665.846830][T20008] 
[ 1665.846830][T20008] which lock already depends on the new lock.
[ 1665.846830][T20008] 
[ 1665.846834][T20008] 
[ 1665.846834][T20008] the existing dependency chain (in reverse order) is:
[ 1665.846838][T20008] 
[ 1665.846838][T20008] -> #2 (&rq->__lock){-.-.}-{2:2}:
[ 1665.846855][T20008]        _raw_spin_lock_nested+0x31/0x40
[ 1665.846933][T20008]        raw_spin_rq_lock_nested+0x29/0x130
[ 1665.846964][T20008]        task_fork_fair+0x73/0x250
[ 1665.846979][T20008]        sched_cgroup_fork+0x3cf/0x510
[ 1665.846991][T20008]        copy_process+0x4710/0x6f50
[ 1665.847006][T20008]        kernel_clone+0xfd/0x960
[ 1665.847018][T20008]        user_mode_thread+0xb4/0xf0
[ 1665.847044][T20008]        rest_init+0x23/0x2b0
[ 1665.847057][T20008]        start_kernel+0x3df/0x4c0
[ 1665.847074][T20008]        x86_64_start_reservations+0x18/0x30
[ 1665.847091][T20008]        x86_64_start_kernel+0xb2/0xc0
[ 1665.847107][T20008]        common_startup_64+0x13e/0x148
[ 1665.847125][T20008] 
[ 1665.847125][T20008] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[ 1665.847145][T20008]        _raw_spin_lock_irqsave+0x3a/0x60
[ 1665.847160][T20008]        try_to_wake_up+0x9a/0x13e0
[ 1665.847176][T20008]        up+0x79/0xb0
[ 1665.847193][T20008]        console_unlock+0x23e/0x290
[ 1665.847213][T20008]        vga_remove_vgacon+0x90/0xd0
[ 1665.847229][T20008]        aperture_remove_conflicting_pci_devices+0x16a/0x1e0
[ 1665.847250][T20008]        bochs_pci_probe+0x101/0x1150
[ 1665.847269][T20008]        local_pci_probe+0xde/0x1b0
[ 1665.847286][T20008]        pci_device_probe+0x29d/0x7b0
[ 1665.847304][T20008]        really_probe+0x23e/0xa90
[ 1665.847315][T20008]        __driver_probe_device+0x1de/0x440
[ 1665.847326][T20008]        driver_probe_device+0x4c/0x1b0
[ 1665.847337][T20008]        __driver_attach+0x283/0x580
[ 1665.847348][T20008]        bus_for_each_dev+0x13c/0x1d0
[ 1665.847364][T20008]        bus_add_driver+0x2e9/0x690
[ 1665.847381][T20008]        driver_register+0x15c/0x4b0
[ 1665.847394][T20008]        bochs_pci_driver_init+0x67/0x80
[ 1665.847420][T20008]        do_one_initcall+0x128/0x630
[ 1665.847438][T20008]        kernel_init_freeable+0x660/0xc50
[ 1665.847456][T20008]        kernel_init+0x1c/0x2b0
[ 1665.847466][T20008]        ret_from_fork+0x45/0x80
[ 1665.847486][T20008]        ret_from_fork_asm+0x1a/0x30
[ 1665.847509][T20008] 
[ 1665.847509][T20008] -> #0 ((console_sem).lock){-.-.}-{2:2}:
[ 1665.847526][T20008]        __lock_acquire+0x24ed/0x3cb0
[ 1665.847543][T20008]        lock_acquire+0x1b1/0x560
[ 1665.847559][T20008]        _raw_spin_lock_irqsave+0x3a/0x60
[ 1665.847573][T20008]        down_trylock+0x12/0x70
[ 1665.847589][T20008]        __down_trylock_console_sem+0x40/0x140
[ 1665.847606][T20008]        vprintk_emit+0x3d3/0x600
[ 1665.847617][T20008]        vprintk+0x7f/0xa0
[ 1665.847628][T20008]        _printk+0xc8/0x100
[ 1665.847643][T20008]        should_fail_ex+0x46c/0x5b0
[ 1665.847658][T20008]        strncpy_from_user+0x38/0x320
[ 1665.847670][T20008]        strncpy_from_user_nofault+0x7f/0x180
[ 1665.847688][T20008]        bpf_probe_read_user_str+0x26/0x70
[ 1665.847709][T20008]        bpf_prog_b1bc9f7c1f89903c+0x40/0x42
[ 1665.847722][T20008]        bpf_trace_run4+0x245/0x5a0
[ 1665.847736][T20008]        __traceiter_sched_switch+0x6c/0xc0
[ 1665.847754][T20008]        __schedule+0x17cf/0x5490
[ 1665.847768][T20008]        preempt_schedule_common+0x44/0xc0
[ 1665.847783][T20008]        preempt_schedule_thunk+0x1a/0x30
[ 1665.847796][T20008]        vprintk_emit+0x54a/0x600
[ 1665.847806][T20008]        vprintk+0x7f/0xa0
[ 1665.847817][T20008]        _printk+0xc8/0x100
[ 1665.847832][T20008]        ovl_fill_super+0x14a0/0x6970
[ 1665.847850][T20008]        get_tree_nodev+0xda/0x190
[ 1665.847866][T20008]        vfs_get_tree+0x8f/0x380
[ 1665.847880][T20008]        path_mount+0x6e1/0x1f10
[ 1665.847897][T20008]        __ia32_sys_mount+0x292/0x310
[ 1665.847911][T20008]        __do_fast_syscall_32+0x73/0x120
[ 1665.847930][T20008]        do_fast_syscall_32+0x32/0x80
[ 1665.847947][T20008]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1665.848012][T20008] 
[ 1665.848012][T20008] other info that might help us debug this:
[ 1665.848012][T20008] 
[ 1665.848018][T20008] Chain exists of:
[ 1665.848018][T20008]   (console_sem).lock --> &p->pi_lock --> &rq->__lock
[ 1665.848018][T20008] 
[ 1665.848037][T20008]  Possible unsafe locking scenario:
[ 1665.848037][T20008] 
[ 1665.848040][T20008]        CPU0                    CPU1
[ 1665.848043][T20008]        ----                    ----
[ 1665.848047][T20008]   lock(&rq->__lock);
[ 1665.848054][T20008]                                lock(&p->pi_lock);
[ 1665.848062][T20008]                                lock(&rq->__lock);
[ 1665.848069][T20008]   lock((console_sem).lock);
[ 1665.848076][T20008] 
[ 1665.848076][T20008]  *** DEADLOCK ***
[ 1665.848076][T20008] 
[ 1665.848079][T20008] 4 locks held by syz.1.2277/20008:
[ 1665.848087][T20008]  #0: ffff88802a8400e0 (&type->s_umount_key#54/1){+.+.}-{3:3}, at: alloc_super+0x23d/0xbd0
[ 1665.848123][T20008]  #1: ffff88802b56c420 (sb_writers#16){.+.+}-{0:0}, at: ovl_fill_super+0xe31/0x6970
[ 1665.848159][T20008]  #2: ffff88802b83edd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[ 1665.848261][T20008]  #3: ffffffff8ddb94a0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x1d6/0x5a0
[ 1665.848299][T20008] 
[ 1665.848299][T20008] stack backtrace:
[ 1665.848304][T20008] CPU: 2 UID: 0 PID: 20008 Comm: syz.1.2277 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1665.848324][T20008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1665.848334][T20008] Call Trace:
[ 1665.848342][T20008]  <TASK>
[ 1665.848349][T20008]  dump_stack_lvl+0x116/0x1f0
[ 1665.848369][T20008]  check_noncircular+0x31a/0x400
[ 1665.848392][T20008]  ? __pfx_check_noncircular+0x10/0x10
[ 1665.848412][T20008]  ? __pfx__prb_read_valid+0x10/0x10
[ 1665.848431][T20008]  ? __pfx_format_decode+0x10/0x10
[ 1665.848453][T20008]  ? lockdep_lock+0xc6/0x200
[ 1665.848467][T20008]  ? __pfx_lockdep_lock+0x10/0x10
[ 1665.848481][T20008]  ? vsnprintf+0x40f/0x1870
[ 1665.848504][T20008]  __lock_acquire+0x24ed/0x3cb0
[ 1665.848527][T20008]  ? __pfx___lock_acquire+0x10/0x10
[ 1665.848546][T20008]  ? vprintk_store+0x222/0xbb0
[ 1665.848575][T20008]  lock_acquire+0x1b1/0x560
[ 1665.848595][T20008]  ? down_trylock+0x12/0x70
[ 1665.848618][T20008]  ? __pfx_lock_acquire+0x10/0x10
[ 1665.848636][T20008]  ? __pfx_mark_lock+0x10/0x10
[ 1665.848657][T20008]  ? hlock_class+0x4e/0x130
[ 1665.848672][T20008]  ? vprintk+0x7f/0xa0
[ 1665.848686][T20008]  _raw_spin_lock_irqsave+0x3a/0x60
[ 1665.848704][T20008]  ? down_trylock+0x12/0x70
[ 1665.848723][T20008]  down_trylock+0x12/0x70
[ 1665.848744][T20008]  __down_trylock_console_sem+0x40/0x140
[ 1665.848767][T20008]  vprintk_emit+0x3d3/0x600
[ 1665.848782][T20008]  vprintk+0x7f/0xa0
[ 1665.848797][T20008]  _printk+0xc8/0x100
[ 1665.848817][T20008]  ? __pfx__printk+0x10/0x10
[ 1665.848835][T20008]  ? __pfx___lock_acquire+0x10/0x10
[ 1665.848855][T20008]  ? ___ratelimit+0x24c/0x580
[ 1665.848870][T20008]  ? __pfx____ratelimit+0x10/0x10
[ 1665.848886][T20008]  should_fail_ex+0x46c/0x5b0
[ 1665.848906][T20008]  strncpy_from_user+0x38/0x320
[ 1665.848924][T20008]  strncpy_from_user_nofault+0x7f/0x180
[ 1665.848946][T20008]  bpf_probe_read_user_str+0x26/0x70
[ 1665.848971][T20008]  bpf_prog_b1bc9f7c1f89903c+0x40/0x42
[ 1665.848984][T20008]  bpf_trace_run4+0x245/0x5a0
[ 1665.849002][T20008]  ? __pfx_bpf_trace_run4+0x10/0x10
[ 1665.849022][T20008]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[ 1665.849045][T20008]  __traceiter_sched_switch+0x6c/0xc0
[ 1665.849068][T20008]  __schedule+0x17cf/0x5490
[ 1665.849087][T20008]  ? __pfx__prb_read_valid+0x10/0x10
[ 1665.849104][T20008]  ? __pfx_mark_lock+0x10/0x10
[ 1665.849122][T20008]  ? lock_acquire+0x1b1/0x560
[ 1665.849145][T20008]  ? __pfx___schedule+0x10/0x10
[ 1665.849164][T20008]  ? __pfx_prb_read_valid+0x10/0x10
[ 1665.849184][T20008]  ? console_unlock+0x248/0x290
[ 1665.849207][T20008]  ? preempt_schedule_thunk+0x1a/0x30
[ 1665.849224][T20008]  preempt_schedule_common+0x44/0xc0
[ 1665.849243][T20008]  preempt_schedule_thunk+0x1a/0x30
[ 1665.849259][T20008]  ? vprintk_emit+0x428/0x600
[ 1665.849272][T20008]  ? vprintk_emit+0x545/0x600
[ 1665.849285][T20008]  vprintk_emit+0x54a/0x600
[ 1665.849300][T20008]  vprintk+0x7f/0xa0
[ 1665.849315][T20008]  _printk+0xc8/0x100
[ 1665.849333][T20008]  ? __pfx__printk+0x10/0x10
[ 1665.849354][T20008]  ? up_write+0x1b2/0x520
[ 1665.849375][T20008]  ? ovl_fill_super+0x1494/0x6970
[ 1665.849396][T20008]  ? ovl_fill_super+0x1486/0x6970
[ 1665.849460][T20008]  ovl_fill_super+0x14a0/0x6970
[ 1665.849490][T20008]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1665.849511][T20008]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1665.849534][T20008]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1665.849565][T20008]  ? __init_swait_queue_head+0xca/0x150
[ 1665.849585][T20008]  ? sget_fc+0x488/0xb90
[ 1665.849606][T20008]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1665.849627][T20008]  ? get_tree_nodev+0xda/0x190
[ 1665.849645][T20008]  get_tree_nodev+0xda/0x190
[ 1665.849667][T20008]  vfs_get_tree+0x8f/0x380
[ 1665.849687][T20008]  path_mount+0x6e1/0x1f10
[ 1665.849709][T20008]  ? __pfx_path_mount+0x10/0x10
[ 1665.849727][T20008]  ? putname+0x12e/0x170
[ 1665.849752][T20008]  ? putname+0x12e/0x170
[ 1665.849776][T20008]  __ia32_sys_mount+0x292/0x310
[ 1665.849797][T20008]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1665.849821][T20008]  __do_fast_syscall_32+0x73/0x120
[ 1665.849845][T20008]  do_fast_syscall_32+0x32/0x80
[ 1665.849869][T20008]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1665.849892][T20008] RIP: 0023:0xf7fe0579
[ 1665.849906][T20008] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1665.849923][T20008] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1665.849940][T20008] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200000c0
[ 1665.849951][T20008] RDX: 0000000020000340 RSI: 0000000000000000 RDI: 0000000020000380
[ 1665.849962][T20008] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1665.849973][T20008] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1665.849985][T20008] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1665.850002][T20008]  </TASK>
[ 1666.249889][T20008] CPU: 2 UID: 0 PID: 20008 Comm: syz.1.2277 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
[ 1666.253798][T20008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1666.257765][T20008] Call Trace:
[ 1666.259046][T20008]  <TASK>
[ 1666.260145][T20008]  dump_stack_lvl+0x116/0x1f0
[ 1666.261918][T20008]  should_fail_ex+0x497/0x5b0
[ 1666.263694][T20008]  strncpy_from_user+0x38/0x320
[ 1666.265504][T20008]  strncpy_from_user_nofault+0x7f/0x180
[ 1666.267558][T20008]  bpf_probe_read_user_str+0x26/0x70
[ 1666.269555][T20008]  bpf_prog_b1bc9f7c1f89903c+0x40/0x42
[ 1666.271543][T20008]  bpf_trace_run4+0x245/0x5a0
[ 1666.273321][T20008]  ? __pfx_bpf_trace_run4+0x10/0x10
[ 1666.275522][T20008]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[ 1666.277993][T20008]  __traceiter_sched_switch+0x6c/0xc0
[ 1666.280042][T20008]  __schedule+0x17cf/0x5490
[ 1666.281809][T20008]  ? __pfx__prb_read_valid+0x10/0x10
[ 1666.283914][T20008]  ? __pfx_mark_lock+0x10/0x10
[ 1666.285965][T20008]  ? lock_acquire+0x1b1/0x560
[ 1666.287871][T20008]  ? __pfx___schedule+0x10/0x10
[ 1666.289730][T20008]  ? __pfx_prb_read_valid+0x10/0x10
[ 1666.291829][T20008]  ? console_unlock+0x248/0x290
[ 1666.294135][T20008]  ? preempt_schedule_thunk+0x1a/0x30
[ 1666.296304][T20008]  preempt_schedule_common+0x44/0xc0
[ 1666.298326][T20008]  preempt_schedule_thunk+0x1a/0x30
[ 1666.300282][T20008]  ? vprintk_emit+0x428/0x600
[ 1666.302064][T20008]  ? vprintk_emit+0x545/0x600
[ 1666.303952][T20008]  vprintk_emit+0x54a/0x600
[ 1666.305794][T20008]  vprintk+0x7f/0xa0
[ 1666.307419][T20008]  _printk+0xc8/0x100
[ 1666.309097][T20008]  ? __pfx__printk+0x10/0x10
[ 1666.310926][T20008]  ? up_write+0x1b2/0x520
[ 1666.312549][T20008]  ? ovl_fill_super+0x1494/0x6970
[ 1666.314603][T20008]  ? ovl_fill_super+0x1486/0x6970
[ 1666.316569][T20008]  ovl_fill_super+0x14a0/0x6970
[ 1666.318461][T20008]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1666.320581][T20008]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1666.322601][T20008]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1666.324610][T20008]  ? __init_swait_queue_head+0xca/0x150
[ 1666.326658][T20008]  ? sget_fc+0x488/0xb90
[ 1666.328260][T20008]  ? __pfx_ovl_fill_super+0x10/0x10
[ 1666.330528][T20008]  ? get_tree_nodev+0xda/0x190
[ 1666.332642][T20008]  get_tree_nodev+0xda/0x190
[ 1666.334756][T20008]  vfs_get_tree+0x8f/0x380
[ 1666.336594][T20008]  path_mount+0x6e1/0x1f10
[ 1666.338368][T20008]  ? __pfx_path_mount+0x10/0x10
[ 1666.340176][T20008]  ? putname+0x12e/0x170
[ 1666.341843][T20008]  ? putname+0x12e/0x170
[ 1666.343547][T20008]  __ia32_sys_mount+0x292/0x310
[ 1666.345367][T20008]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1666.347378][T20008]  __do_fast_syscall_32+0x73/0x120
[ 1666.349229][T20008]  do_fast_syscall_32+0x32/0x80
[ 1666.350930][T20008]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1666.353251][T20008] RIP: 0023:0xf7fe0579
[ 1666.354888][T20008] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1666.361871][T20008] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1666.364874][T20008] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200000c0
[ 1666.368222][T20008] RDX: 0000000020000340 RSI: 0000000000000000 RDI: 0000000020000380
[ 1666.371648][T20008] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1666.374664][T20008] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1666.377293][T20008] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1666.380289][T20008]  </TASK>
[ 1666.383949][    C2] hpet: Lost 34 RTC interrupts
[ 1666.388300][T20008] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1666.422847][T20008] overlayfs: ...falling back to uuid=null.
[ 1666.425351][T20008] overlayfs: conflicting lowerdir path
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1667.138291][ T1099] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1667.253218][ T1099] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1667.323027][ T1099] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1667.409231][ T1099] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1667.547403][ T1099] bridge_slave_1: left allmulticast mode
[ 1667.549574][ T1099] bridge_slave_1: left promiscuous mode
[ 1667.551835][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1667.558059][ T1099] bridge_slave_0: left allmulticast mode
[ 1667.560245][ T1099] bridge_slave_0: left promiscuous mode
[ 1667.562799][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1667.825137][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1667.832773][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1667.839811][ T1099] bond0 (unregistering): Released all slaves
[ 1668.174063][ T1099] hsr_slave_0: left promiscuous mode
[ 1668.178528][ T1099] hsr_slave_1: left promiscuous mode
[ 1668.188309][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1668.191082][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1668.199394][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1668.201904][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1668.211705][ T1099] veth1_macvtap: left promiscuous mode
[ 1668.216471][ T1099] veth0_macvtap: left promiscuous mode
[ 1668.218991][ T1099] veth1_vlan: left promiscuous mode
[ 1668.221052][ T1099] veth0_vlan: left promiscuous mode
[ 1668.807249][ T1099] team0 (unregistering): Port device team_slave_1 removed
[ 1668.917443][ T1099] team0 (unregistering): Port device team_slave_0 removed
[ 1669.729596][ T1099] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1669.803526][ T1099] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1669.860597][ T1099] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1669.946782][ T1099] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1670.069497][ T1099] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1670.154313][ T1099] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1670.231146][ T1099] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1670.337191][ T1099] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1670.446976][ T1099] bridge_slave_1: left allmulticast mode
[ 1670.448759][ T1099] bridge_slave_1: left promiscuous mode
[ 1670.450370][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1670.455762][ T1099] bridge_slave_0: left allmulticast mode
[ 1670.457773][ T1099] bridge_slave_0: left promiscuous mode
[ 1670.459309][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1670.464120][ T1099] bridge_slave_1: left allmulticast mode
[ 1670.466287][ T1099] bridge_slave_1: left promiscuous mode
[ 1670.468551][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1670.476839][ T1099] bridge_slave_0: left allmulticast mode
[ 1670.478985][ T1099] bridge_slave_0: left promiscuous mode
[ 1670.484885][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1670.596879][ T1099] ip6gretap0 (unregistering): left promiscuous mode
[ 1670.979026][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1670.984103][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1670.991093][ T1099] bond0 (unregistering): Released all slaves
[ 1671.003794][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1671.009492][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1671.016053][ T1099] bond0 (unregistering): Released all slaves
[ 1671.113321][ T1099] Êü: left promiscuous mode
[ 1671.177573][ T1099] Êü: left promiscuous mode
[ 1671.644301][ T1099] team0: Port device wlan1 removed
[ 1671.958344][ T1099] batadv_slave_0: left promiscuous mode
[ 1671.964818][ T1099] hsr_slave_0: left promiscuous mode
[ 1671.968539][ T1099] hsr_slave_1: left promiscuous mode
[ 1671.971309][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1671.974521][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1671.978654][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1671.981651][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1671.987548][ T1099] hsr_slave_0: left promiscuous mode
[ 1671.990237][ T1099] hsr_slave_1: left promiscuous mode
[ 1671.993409][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1671.998425][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1672.002038][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1672.004905][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1672.011092][ T1099] veth1_macvtap: left promiscuous mode
[ 1672.013175][ T1099] veth0_macvtap: left promiscuous mode
[ 1672.015380][ T1099] veth1_vlan: left promiscuous mode
[ 1672.017440][ T1099] veth0_vlan: left promiscuous mode
[ 1672.021147][ T1099] veth1_macvtap: left promiscuous mode
[ 1672.023232][ T1099] veth0_macvtap: left promiscuous mode
[ 1672.025770][ T1099] veth1_vlan: left promiscuous mode
[ 1672.027769][ T1099] veth0_vlan: left promiscuous mode
[ 1672.626018][ T1099] team0 (unregistering): Port device team_slave_1 removed
[ 1672.733325][ T1099] team0 (unregistering): Port device team_slave_0 removed
[ 1673.645155][ T1099] team0 (unregistering): Port device team_slave_1 removed
[ 1673.749843][ T1099] team0 (unregistering): Port device team_slave_0 removed
[ 1674.893644][ T1099] bridge_slave_1: left allmulticast mode
[ 1674.895940][ T1099] bridge_slave_1: left promiscuous mode
[ 1674.898165][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1674.903054][ T1099] bridge_slave_0: left allmulticast mode
[ 1674.905353][ T1099] bridge_slave_0: left promiscuous mode
[ 1674.907554][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1675.106316][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1675.111180][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1675.116565][ T1099] bond0 (unregistering): (slave bond1): Releasing backup interface
[ 1675.120059][ T1099] bond0 (unregistering): Released all slaves
[ 1675.129909][ T1099] bond1 (unregistering): Released all slaves
[ 1675.476801][ T1099] hsr_slave_0: left promiscuous mode
[ 1675.479725][ T1099] hsr_slave_1: left promiscuous mode
[ 1675.482335][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1675.484928][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1675.488364][ T1099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1675.491641][ T1099] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1675.496699][ T1099] veth1_macvtap: left promiscuous mode
[ 1675.498640][ T1099] veth0_macvtap: left promiscuous mode
[ 1675.500797][ T1099] veth1_vlan: left promiscuous mode
[ 1675.502813][ T1099] veth0_vlan: left promiscuous mode

VM DIAGNOSIS:
15:56:52  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000073 RCX=ffffffff81da35db RDX=ffff88801fb82440
RSI=0000000000000100 RDI=0000000000000005 RBP=ffff88801ac67038 RSP=ffffc90000eff6c8
R8 =0000000000000005 R9 =0000000000000100 R10=0000000000000073 R11=0000000004ae6aeb
R12=0000000000000000 R13=ffff88801ac66560 R14=dffffc0000000000 R15=0000000000000004
RIP=ffffffff818b1aa1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000005ff5c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000044d40 RBX=ffff88807ffd6d38 RCX=0000000000000000 RDX=1ffff11007fff4f6
RSI=0000000000000008 RDI=ffff88807ffd6d38 RBP=0000000000044ec0 RSP=ffffc90003566fd8
R8 =0000000000000000 R9 =ffffed10056e89e0 R10=ffff88807ffd6740 R11=0000000000000000
R12=0000000000000038 R13=0000000000000001 R14=ffffc90003567248 R15=dffffc0000000000
RIP=ffffffff81e9b900 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002032b000 CR3=000000005ff5c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fc2b75 RDI=ffffffff9a516680 RBP=ffffffff9a516640 RSP=ffffc900032ef148
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000035 R14=ffffffff84fc2b10 R15=0000000000000000
RIP=ffffffff84fc2b9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b800000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000655f6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813be4ae RDX=ffff888025ca2440
RSI=ffffffff813be4cb RDI=0000000000000000 RBP=ffff88802b83edc0 RSP=ffffc9000309f8e8
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000000
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b93fc80 R15=ffffed1005707db8
RIP=ffffffff813be4cc RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000005acd8000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000