last executing test programs:

2.910040895s ago: executing program 3 (id=548):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'rti800\x00', [0x4f27, 0xffff8001, 0xffff, 0x0, 0x403, 0xcc7, 0x8, 0x1, 0xa, 0x100, 0x2, 0x8, 0x7fffffff, 0x2, 0x6, 0x101, 0x4, 0x87, 0x3, 0x40000003, 0x2, 0x0, 0xf25, 0x5, 0xb, 0xe69, 0x3c, 0x81, 0x6, 0x0, 0xfffffff8]})
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={0x0, 0x12f4}}, 0x0)
ioctl$COMEDI_BUFCONFIG(r0, 0x8020640d, &(0x7f0000000300)={0xffff, 0xfff, 0x8a9, 0x3})
r1 = socket$l2tp6(0xa, 0x2, 0x73)
openat$hwrng(0xffffff9c, &(0x7f00000002c0), 0x101000, 0x0)
bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r1, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r1, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff00)
r2 = openat2$dir(0xffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x200000, 0x42, 0x1}, 0x18)
statx(r2, &(0x7f00000001c0)='./file0\x00', 0x6000, 0x10, &(0x7f0000000380))

2.849917431s ago: executing program 3 (id=550):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30000091)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/fs/cgroup', 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000380)={'ip_vti0\x00', 0x0, 0x1, 0x8000, 0x320b, 0x1, {{0x9, 0x4, 0x3, 0xb, 0x24, 0x68, 0x0, 0x5, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x28}, @empty, {[@rr={0x7, 0xf, 0x2, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote]}]}}}}})
ioctl$BSG_IO(r1, 0x2285, &(0x7f0000000500)={0x51, 0x0, 0x2, 0x19, &(0x7f0000000300)="bae01e3a2cfa969ff34b1408987a39098a9aba2e5a17b4e0e5", 0x5, 0x0, 0xfffffffa, 0x7fffffff, 0x60, &(0x7f0000000340), 0x0, 0x55, 0x0, 0x41, &(0x7f00000003c0)="368f346222cf23f2d1557b9c0f816d749156b1ba0aa1fa0a743d3ece30b5f47e0ecdc183f4a57ace7a100c7bf2f5bda30f590004b551410ec94a371138787ccf7fa6d4c1731b6c172d645f1c547f056fed9d926b4e", &(0x7f0000000440)=""/65, 0x4, 0x0, &(0x7f00000004c0), 0x9})
r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x200000, 0x140)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000180)={'ip_vti0\x00', <r3=>0x0, 0x20, 0x20, 0x1, 0x3, {{0x29, 0x4, 0x0, 0x15, 0xa4, 0x67, 0x0, 0x6, 0x2f, 0x0, @private=0xa010101, @broadcast, {[@generic={0x94, 0x7, "93d6f6d5cf"}, @lsrr={0x83, 0x1b, 0xe3, [@multicast1, @remote, @remote, @remote, @dev={0xac, 0x14, 0x14, 0x40}, @remote]}, @noop, @timestamp_prespec={0x44, 0x3c, 0x4f, 0x3, 0xd, [{@broadcast, 0xbd5f74d}, {@empty, 0x5}, {@loopback, 0x8}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, {@empty}, {@dev={0xac, 0x14, 0x14, 0xd}, 0x800}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8000}]}, @ssrr={0x89, 0xf, 0x71, [@private=0xa010101, @local, @multicast2]}, @ssrr={0x89, 0x1b, 0x52, [@remote, @loopback, @private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback]}, @end, @ra={0x94, 0x4, 0x1}]}}}}})
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0xb3, 0x3205, 0xffff, 0x4080, r2, 0xb9, '\x00', r3, r4, 0x3, 0x3, 0x4}, 0x50)
setsockopt$sock_attach_bpf(r0, 0x1, 0x24, &(0x7f0000000000), 0x4)

2.84937973s ago: executing program 1 (id=551):
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x80008, 0xc, 0x414}, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x58, 0x24, 0xf0b, 0x70bd2b, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x24, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x5}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x6}, @TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x3}, @TCA_FQ_CODEL_MEMORY_LIMIT={0x6, 0x9, 0x3}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x804}, 0x4004800)
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002240)=[{{&(0x7f00000001c0)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000200)=[{&(0x7f00000004c0)="ffd9f5217a2b391fb91b48145a1f4381c7c007616b5fc2523af28967277ed39426eba0f7d773717fe404933687a1f52f79fd7b4e07c7b55fea118093a558c02b79001679747aa43d4e351518a9d12f80fb2ac2418b9c46572a8e3688dc87c3e0adb117259ac9bd34d5ca204a3931a3f1696b233aa4df74f5c0de8f79fc641283fa5210d5dbf651664ea471ad5e6444a0bc4b84882e6fa7196c7b544ae0df0ed2d3a5060b96db28c946df0f7568050bab32c5cd76328b8937b9eb54203c42ee9c5f484f92bf755274a77f6b17dfb849effe2ea064e2f95bb399a6290a86c487a8bb051ce7c49b1ec8ca08ce65b81b33ad7ed582ec9b5cd00f339079c9f79068", 0xff}, {&(0x7f00000005c0)="4eb49cacd7db5e8fa3517156ee0f9fc2370d77593d205832cf7c1ab44c1e4b04ab54da616978244a4d4bcc55f65934a33fabb285abcbbc4093f6f08f24e9c12b0e5fe76fd46b29785bbec435ecbdf064552f6af5b9e4f2cf0cfbd364744008274dff91b08ba37cf3502d77ad2dec05c833bc9f0cb4f225264316af65faed4b8c24b0d4b4df3477bb780abac1c8e1d7f21ef1809c5179153a462149b8fd243b28bf6eed5c617002784a5c9f25924844478521fc", 0xb3}, {&(0x7f0000000680)="f179c9990a03bace70805a2126fb6a790261df8147470e3ff09b7380be0b25d670148d743c96ef91ff19cce6b4944d9c067579b4cbb10caed08ef8afaa525060ac58189f6c0b1b4c44bf92d1425dcb1e8b5fae2137944f2aad11aa62ca63fde07525601a7c81870ef24dd8d16075624cca411fcb6ae438fb7bc008d83aae7341cdf37254b6d84abaeaa75d1d232b29b394b1ee03b9ba17dedd500846fd0fe4fb9d71030bc7f835ec97e686cf5aa31473ff3ae3671a16e63c000f88b85f5303c695055b78ab4b4153d7a5bf0b30108b99f7b95ccab8a49574ebc7da2c778a13ca45f74f1e637aed41e2ed6b926c24d99faf2a52f0f27938f84efd694a0b34", 0xfe}, {&(0x7f0000000780)="380026e363053ffa5b6c20eaba2466c811c403cbadf5233994bbff009af12a5792dbdce65aca099201714f771072737be2c2ecd88037abdd83a2fb565badba185bbf5a94da84df53d79a8f8ad21c9640bbce81a577b74d111135c55ccc95840ae080eb642530ae72fda369d81dd8a45fe13c40d3c671863d92b2bacabb28fcf2f44ca58ff28df40197a7cd7458773d499c592b6fe986c98f6d94f97af33b5d440e7be694219a33912c05a5f2d4ea438a40c27461b507d5aecef3fe2898c36da6cfb7fe1c66353240ac63631ac9cc2711e35127cda1a475f716507290dbdc47d98ab04d59dd8d579ffa26c19b4cf53c42a1b513534f38dea6381cd5872509cc", 0xff}], 0x4, &(0x7f0000000400)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x18}}, {{&(0x7f0000000880)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000980)=[{&(0x7f00000008c0)="3ba1fbb0f2f2ebc88987aec1030ba4d6a572d39cf29057b8ccb03262b75f7f2623c826d9f8977f1bd10d100a55d8855f4528ce6c325bc0c64697e6e961c8327265214ae57e6275fdf348b9ec5678d7c257709f0979664e18572f726ba918579ba05e82f947511fc4b92396623bc5378a36ca89223ed6574512c6bdf22fb27ae34b48443b8ecf08efb56068eb5b3ff6e9c4f922879f54738be48eafc59b21e35462b0f248849e118d0a991a833708", 0xae}], 0x1, &(0x7f0000000b40)=[@ip_tos_int={{0x10, 0x0, 0x1, 0x2}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x81}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_retopts={{0x30, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x14, 0x52, 0x3, 0x9, [{@loopback, 0x3ff}, {@dev={0xac, 0x14, 0x14, 0x3e}, 0x83}]}, @noop, @cipso={0x86, 0xe, 0x2, [{0x6, 0x8, "1e8f66435f17"}]}]}}}, @ip_retopts={{0x64, 0x0, 0x7, {[@rr={0x7, 0xf, 0x2d, [@multicast2, @broadcast, @dev={0xac, 0x14, 0x14, 0x1b}]}, @rr={0x7, 0x13, 0xf6, [@empty, @multicast2, @loopback, @multicast1]}, @ssrr={0x89, 0xb, 0xa7, [@initdev={0xac, 0x1e, 0x0, 0x0}, @local]}, @ssrr={0x89, 0x2b, 0xee, [@broadcast, @broadcast, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010101, @loopback, @local, @broadcast, @empty, @private=0xa010102]}]}}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @broadcast}}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @empty, @rand_addr=0x64010100}}}], 0xfc}}, {{0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000c40)="992daad6c6c366177d74775759b2e491bcdcff42a6e25160587da231b51f81636de353f6b42c0173ce964b6d18e32fd53de4feb0ae967c8c5f137240e9b171a144b93c970c", 0x45}, {&(0x7f0000000d80)="c346c41dad46270ce559313626e7058ed5ee6facb3b1f335293ccef2037a8d271c7d845e034851bc02752fc9495be81da0f67cccbb106479a0a12d819161da43b6e5850c49f5aa6c948ce3e89119fb7458c13fed6d13817f33c4b481ce6354d1319342624b16572ec1c66b1e6375b474c35ee15cdb8bbdd1891ab75bf6d4f42eb1d4c181178492c7f910d6b23af9c89277e8766d0af5a4b80c8fb5fb2732dfd971801a8bf1da9c57c7a7aef1de210d5d5153b2ea09373843341f95c85a436565d1a672144b5cb7b492c940a8860e66a5f3aa61477f53f26dd916236d0e13187467e3cb1445f8c0c3bc8254eb8ab383cde5ae", 0xf2}, {&(0x7f0000000e80)="726d578fa618eac35416b821a7cb0321c7418a7e9af7daaae30ef7bfcfb40a8d5d71e9d7d1ca4d3fbbcc5dc219d3d4f6c1c90285b5c18f4d5f2d12c548c1fb6ee91427280d6fea165f8f5c481527a1dd0342cd832851158ac84ed7f38f22c2919d85c1d31ffcfaf5f85c916bbdc55c4491a5bd2dcb24f3dc175d96fafc46d4edb1a3f48052ed97526ef002a9772aa209ad3b6e22d9879a85e72e01063f51698897ccb6a591b98e58be6b4e225b3d45d57c8b9fc22d6834478d65a933a334c09221b45ef15c01024867", 0xc9}, {&(0x7f0000000f80)="b674094639fb871ea268b27ef4d160b8f6825999146a7d46cdeaa787e96e96632499151c355eef2e5328c1beada173eecd8fc2d581587f9fef4ae64671e025c9ed50d080442c6c0979a7c4fc", 0x4c}, {&(0x7f0000001000)="153bfaa126af6273098f2a6897ece488cf6f76785563855fc73411290d0b7db3a75a3bb6beb240bb12f0edc7033b9a000fc510620e6fadcf205359401c5b7fec079d1427a63a0d3b90caed6ec3d1ef5abc4cc159e879a21397c28fa9ada7eb91baa88cb75fbe1ecdd9aa5082f725691998702c101e489ac09477ceba5363d369a34aa5ac346a887f25075f94e47a929b9593", 0x92}, {&(0x7f00000010c0)="a193400e67d1a7fb6b40ea82e60fbf1439d15dd15670ca805ee4946af90e532307d528214f3d5eded4246721666dd0ff1b2e2a39f263e9c902869959c9cc359493dcfcf52e4457b17c8e27a2f3da953d4e143760ae6eb4b39849f93a957c81a1f68eb6d1f2a135f07eaa2359e882192bc4aa913eafecbb0f5821cc25de7ca22834150867b4f072e7ebdf5262e592e486697cfac6abff266e06cc416f29af274071360da0c1eec411c51faae3a21ed9d57bc63c76383e1d953313a194d2a135eee7c48bd688a59852d1c8ae2a70564eb75a627ae46110cf647904adab8e7c827929c0a3829b399ee125372f62596c9bf93370c2ce0462e519e2c0", 0xfa}], 0x6, &(0x7f0000002340)=[@ip_retopts={{0x9c, 0x0, 0x7, {[@cipso={0x86, 0x46, 0xffffffffffffffff, [{0x7, 0x8, "5450b9f6fe28"}, {0x2, 0xc, "91b0cefc04c6fc567a0e"}, {0x2, 0xf, "4b09767e3b8a5004c18de8d1f7"}, {0x0, 0x7, "6049828eaf"}, {0x0, 0x4, "e039"}, {0x0, 0xe, "e3b64118427d9d6f550ea355"}, {0x1, 0x2}, {0x1, 0x2}]}, @ssrr={0x89, 0xb, 0xd2, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0x14, 0x23, 0x1, 0x3, [{@remote, 0x6}, {@rand_addr=0x64010102, 0x1}]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x24, 0x4f, 0x1, 0x0, [{@dev={0xac, 0x14, 0x14, 0x20}, 0x5}, {@multicast1, 0x7}, {@local}, {@broadcast, 0x4}]}]}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0xff}}, @ip_retopts={{0x38, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x2c, 0x50, 0x3, 0x7, [{@rand_addr=0x64010101, 0x1}, {@empty, 0x6}, {@multicast2, 0x2}, {@loopback, 0xe62}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8}]}]}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x92}}, @ip_retopts={{0x54, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0xf5, 0x0, 0x6, [0x0, 0x3]}, @timestamp_prespec={0x44, 0xc, 0xbe, 0x3, 0x6, [{@local, 0x7}]}, @noop, @lsrr={0x83, 0x7, 0xa8, [@empty]}, @ssrr={0x89, 0x23, 0xb6, [@rand_addr=0x64010102, @local, @local, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x27}, @multicast1]}, @ra={0x94, 0x4, 0x1}, @end]}}}], 0x148}}, {{&(0x7f0000001340)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f00000014c0)=[{&(0x7f0000001380)="a38fddcca9948fa78b1aa90df4ea7e243752", 0x12}, {&(0x7f00000013c0)="2e1cb959bca31f571d0ab4508c818d7b3650c2c89f2099b4e11644d11a4d9d63c892277fa2d90c92a878ea0759319cfbfa59c2820c73d828648abc7db0856f162e3780d6ae1df923a8249cd5b70e84ab6cc7859583347401f92609e9134c91f6d0e37ac95445dbb2543963995ac7e07a814988517c2d38b284fbb77f293bc89890f4785b39c0198772399445cfb678cbd213096ae2175a67a97a59e6bb58ba20b5615595312fe21cb4bab6450406a8b419136325744cb2a4b5e9be5176afbbad5ac701634a26f7100501b095d8e7f007e0e14fb47721754009053d5d44a8c73f12cff885b7e1fda1958fcd8266bd1d2c6fd155474980632271c353bdd6", 0xfd}], 0x2, &(0x7f0000001500)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @broadcast, @private=0xa010101}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x50}}, @ip_ttl={{0x10}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x8}}, @ip_retopts={{0x5c, 0x0, 0x7, {[@timestamp_addr={0x44, 0xc, 0xcf, 0x1, 0x8, [{@loopback, 0x281}]}, @ssrr={0x89, 0x1f, 0x23, [@private=0xa010102, @remote, @private=0xa010101, @multicast1, @private=0xa010100, @broadcast, @remote]}, @rr={0x7, 0xb, 0x20, [@broadcast, @multicast2]}, @noop, @ra={0x94, 0x4}, @lsrr={0x83, 0x13, 0xa7, [@private=0xa010100, @remote, @loopback, @broadcast]}]}}}, @ip_retopts={{0x58, 0x0, 0x7, {[@ra={0x94, 0x4}, @rr={0x7, 0x1b, 0xf9, [@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @empty, @loopback, @multicast1, @dev={0xac, 0x14, 0x14, 0x3a}]}, @ssrr={0x89, 0x13, 0x14, [@private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @broadcast]}, @lsrr={0x83, 0xf, 0xaf, [@empty, @broadcast, @empty]}, @noop, @ssrr={0x89, 0x7, 0x51, [@broadcast]}, @noop]}}}, @ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x14, 0xd9, 0x0, 0x6, [0x9, 0x85ec, 0x479d, 0x200]}]}}}], 0x11c}}, {{&(0x7f0000001640)={0x2, 0x4e22, @loopback}, 0x10, &(0x7f0000001700)=[{&(0x7f0000001680)="4c3321390bdf34af204909c60a876a7df8d6353931f960a3a230642871c20b9b11c7ac7992619c95f7e64b38143ebbc6791ca0953e09db009916ce0b1e65e235f5b8ed7c7cb527cc8e4cc8f51f8e50c701d2d1e2", 0x54}], 0x1, &(0x7f0000001740)=[@ip_tos_int={{0x10, 0x0, 0x1, 0x6}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x6cde}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x8}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @multicast2, @rand_addr=0x64010102}}}], 0x48}}, {{&(0x7f00000017c0)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000001c00)=[{&(0x7f0000001800)="dd4d87d43b301dbf0247b274cea3a8884aac32bda3042dccfaf960c447754c6dba3e2932b4a3d76c8e26244179e96ffea552f019e78d2feeeef7c716158192d3e7bc6c67d7efa5cf", 0x48}, {&(0x7f0000001880)="6f2a2f1056965d6e089c75aeeb5d85ab413f6fceabcc9e470e8ebce010c7063838dd7ad6a86e9dbdca6c6daccc6512adbbc42692d1c443a5c77b8973db08c4d30c20f897726e621cd98b40ff47cf80adc2724ebb4c93d981186eef78aa983cc22ffd24bb444b922c290307e1eff477682b5f5258fff5d5616f921393df7d5cde15d4", 0x82}, {&(0x7f0000001940)="f88dcb3b7a2397c25407fe1c7376fcbead0c69a05f45bdb79e0a5302ba6941ef02bec9d79658904526790475d6ac344817a22e29ca9c46c636371c8b154e8ad14d44e9fc4afbd843712a53c7cffa31d77498aa97a0fd8fd5133e87445644476237ebf6581a31c5415cf7438dfd40e14d0bf69bb410a9ee769e07dcad0c6220abdba837e059f2c2c567789d65d50b2ad0aafc226156e595757ebb3d59a723b5c0ae5cfb0875", 0xa5}, {&(0x7f0000001a00)="7920ad367502cd8b30aabe5b6a1d65212e7119b6743c91dc2218122fc3721226649be5b3f3e8e847ab83aa5b9972b1b59485882e23bec2c2a266565dd6e27526f197e1e7b035e8800466853f2af6866c573c8b397e5f49510f49219491cc1f72132c7d281e9a8402107686a170b3549023f8a92f819ce7beca491e304dd8d81f5333023a4df27d7faac937e6782c969a2127131b44e2cb992b4d98e6174619fcee03c668530b6e18211446bcce2c3f39812aa5b87b53904e08a53b24101ac307b17486602ac8c84a4f916667e6c6798215c9ab231691cf025680155d8f215da8e4c87018d1baabfdf9627d731076b1c40c19ec6b097d93747cddb9", 0xfb}, {&(0x7f0000001b00)}, {&(0x7f0000001b40)="df8085cff49170ffd88eb0ac4ca0eb229d62271fe40173dd21c4a5e9990b5419f6882e38071079998e80ea1e68428c77e70a0fe3043e7ea4198c46d1485d0e3b3fc7c79ef16a8f60ea75e41ab7f23d2c2acfbf6187de561dc230f1acd6c3ec7e05f7505f10310d94b5119d1e04a828", 0x6f}, {&(0x7f0000001bc0)="9e20b50df3652c4f11e270fb2311d1ba1b7d3de97b984c618d20c682705c1663005e0836c812d7f33aee591b8a118952736e9ce1c06f8cbc", 0x38}], 0x7, &(0x7f0000001c40)=[@ip_ttl={{0x10, 0x0, 0x2, 0xe915}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @empty, @remote}}}, @ip_ttl={{0x10, 0x0, 0x2, 0x89c0}}, @ip_retopts={{0xc}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x3}}, @ip_ttl={{0x10, 0x0, 0x2, 0x3}}], 0x64}}, {{&(0x7f0000001cc0)={0x2, 0x4e22, @rand_addr=0x64010100}, 0x10, &(0x7f0000002100)=[{&(0x7f0000001d00)="a7c99f4875c18279d0e265d1087639ff1da47ab8a4f8a8406138cac132e103cc9c3c63f91c9d87389503fcd3494711d567ba0bd7892ffd7532c542d11bc31e0c5f7fa6e705b8ab452da6473b7356a5a385b3d74373ae911fce584963d25c66552a8b84383e2702e1e1f1ff96319ba542a07f65be28c4937b2d36c99ab6f646fc2f004d88e79bab8eb13021082f9ca2a642201e40a2492deb84554e08c916e7a615c4", 0xa2}, {&(0x7f0000001dc0)="747b9a57545c860249e9d3eea5b1ed103713e5f4ec8dd3f587e9f3601ea223b4452e8f452518e4a7d2a47c3143feedcbf4ff862c138ef91399f13b54c6ccfa8ad24f6cf513052cf3dd5210e28465d6b88b6997b249ba5d6fbe296d9a0a6e08c3a380569c82edb488623d9e0bf1544c7981b834566fd74637d6f009f04cc173818282ee984dd5540360ab6b45deae37c727be598170f40c552ad15a", 0x9b}, {&(0x7f0000001e80)="9d8c3acdae36e6bd2df042ed6f1611481d4d570c919428c3f7edf5a8e5ea76a5305028c546cbdee1b6be7f1e15b8f1e898f29887c65d9642a85b2e9d29124d4a84367e377fb3ff8d", 0x48}, {&(0x7f0000001f00)="158cbcedabd99a3f9ed8ae3f0d95f7ddabd8535249fbdc1cd865a71bd779ae77d54a3077ccb1aabcbaf2e6b73a462e1af9b84b47113f334643b4daaa327aa6b1e15e4f476b1a7e2f8d4e891f28d6361588af6cfad6ae17869cea256c2ce1adca578b5004eaea99aaf342796bee46205c994ec7202ca1f9a146b75297931eb1e3a790354c4bbacb43587b433f7e82bf649c47522e9a01161c871a7eee455977dd21ec27b6954c8d3e27f0281869da4df6949485d890dc46625940c71444b2ff1b35fb2d9754b74cf09030f1160169aa4ee59539b559bddfcfd1dc73faf9cc6e26f5c58a642f4a28f868277e959f1497c24cba521bea05367ad11cc959", 0xfc}, {&(0x7f0000002000)="6d0304e41d25d4b433f46944f5d1a90dd309750c62d5b0914585cc7ef57a81ec9c80318c2a95bcaa6e3ba7bef07ea9d514cdffd6b5b00ad9ac9e9ce3e64e6be2d45d9937b1053a03c6c170eaa445e871edae115f9cd053b52abe3f7fab285772d9bbcad08a3a78f8447221407475f5f894716c4f4222865f14444a96d6f1f0900a3087f4780d3dd90c873aa4df6a88a69bd607afd76fff00f9d39ea05c23265463e0cd8a511b66f516a3b32d0de759f2691876b3f4b11f1edcaa1d032e445db7a0077618ebae4968b0f90c8a8272b3702988d0069ca0185acd472db3deca89cbe7edf0878e02d33f9704274b4a4130a3", 0xf0}], 0x5, &(0x7f0000002140)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x23}, @local}}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @broadcast}}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x9}}, @ip_ttl={{0x10}}, @ip_ttl={{0x10, 0x0, 0x2, 0x2}}, @ip_tos_int={{0x10, 0x0, 0x1, 0xb}}, @ip_tos_int={{0x10}}, @ip_ttl={{0x10, 0x0, 0x2, 0x3}}, @ip_retopts={{0x48, 0x0, 0x7, {[@ssrr={0x89, 0xb, 0x68, [@local, @remote]}, @lsrr={0x83, 0x17, 0x45, [@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2e}, @rand_addr=0x64010102, @empty]}, @timestamp_prespec={0x44, 0x14, 0xd8, 0x3, 0x6, [{@multicast1, 0x7}, {@rand_addr=0x64010102, 0x1}]}, @noop, @lsrr={0x83, 0x3, 0x6}]}}}], 0xd8}}], 0x7, 0x40)
getdents(0xffffffffffffffff, &(0x7f0000000040)=""/44, 0x2c)

2.318553931s ago: executing program 0 (id=556):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x440, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000009c0), 0x4)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002cbd701004000000050000000600010005000000080009000200000008000b000000000008000c"], 0x40}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r6, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000002b40), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01000000000000000000060000000e0001006ee77673696d0000000f0002006e657464657673696d3000000800030002000000080091000200000006001400020000000500120000ed0c00ee9a2ba3a0ab7a6db2971307b600d5991e0506ea8c533a297fb5902ed28d02f4b849552f99b6c43d26d3db7cd5f29bb73081449e57edc66af3bbb1480c5b3b00863769f984859064c84484e9"], 0x54}}, 0x24008004)
ioctl$KVM_SET_IRQCHIP(r8, 0xc048aec8, &(0x7f0000000980)={0x2, 0x0, @ioapic={0x1002, 0x9, 0x1, 0x4, 0x0, [{0x7, 0x7, 0xfb, '\x00', 0x3}, {0x1, 0xf, 0x0, '\x00', 0x7}, {0xc, 0x9f, 0xa5, '\x00', 0x2}, {0x4, 0x3, 0x1, '\x00', 0xc}, {0x6, 0x2, 0x7, '\x00', 0x1}, {0x2, 0x0, 0x4, '\x00', 0x1}, {0x4, 0x2, 0xc, '\x00', 0xb}, {0x4, 0x8, 0xcf, '\x00', 0x5}, {0x5, 0x8, 0x1}, {0x7, 0x2, 0x5, '\x00', 0x4}, {0x8, 0x1, 0x4, '\x00', 0x73}, {0x9, 0x4, 0x40, '\x00', 0x14}, {0x1e, 0x2, 0xc0, '\x00', 0x8}, {0x6, 0xf3, 0x8}, {0xff, 0x1, 0x81, '\x00', 0x8}, {0x8, 0x10, 0x7, '\x00', 0xb}, {0x4, 0x3, 0x9, '\x00', 0x5}, {0xe8, 0x6, 0xa9, '\x00', 0x6}, {0x6, 0x4, 0xd9, '\x00', 0x6}, {0xff, 0x0, 0xe6, '\x00', 0x2}, {0x6, 0x17, 0x7, '\x00', 0x8}, {0x0, 0x1, 0x3, '\x00', 0x8}, {0x3, 0x7f, 0x81, '\x00', 0x3}, {0x5, 0x7, 0x1, '\x00', 0xb}]}})

2.22864787s ago: executing program 0 (id=557):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x2e6, 0x8f, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x900}, {0x85, 0x0, 0x0, 0x86}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000680)='syzkaller\x00', 0xa, 0x1009, &(0x7f0000001cc0)=""/4105, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)

1.987285765s ago: executing program 3 (id=558):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000003e0007010000000000000000047c0000040012801400018008000300", @ANYRES32=0xee00, @ANYBLOB="080002"], 0x2c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc8}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000003e0007010000000000000000047c0000040012801400018008000300", @ANYRES32=0xee00, @ANYBLOB="080002"], 0x2c}}, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc8}}, 0x0) (async)

1.851611858s ago: executing program 3 (id=559):
syz_emit_ethernet(0x4a, &(0x7f0000000100)=ANY=[@ANYRESOCT, @ANYRES64, @ANYRES32, @ANYRES16=0x0], 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000000)=<r2=>0x0)
setpgid(0x0, r2)
r3 = fsopen(&(0x7f0000000080)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x8, 0x0, 0x0, 0x0)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1003, 0x10122, 0x0)

1.85037345s ago: executing program 1 (id=560):
setresuid(0xee00, 0xee00, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000140)=[{&(0x7f00000000c0)="580000001500add427323b472545b4560a117fff0b0082001b59000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee0000000000000000020000", 0x56}, {&(0x7f0000000000)="abd9", 0x2}], 0x2)
r1 = openat$bsg(0xffffff9c, &(0x7f0000000000)='/dev/bsg/0:0:0:0\x00', 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x61901, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000004090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000029680088d81e0a05010000000000000000070000000900020073797a31000000000900010073797a30000000003c00038038000080340001802d000100fefe807eb37bc2a7a6110a370abbe10adf32aa848edc90232d4665de2ae1583b710c20da83360e33e6000000140000001000010000000000000000000084000a"], 0xec}}, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r10=>0x0)
io_submit(r10, 0x1, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r8, 0x0, 0xfe, 0x1f000000}])
r11 = syz_genetlink_get_family_id$team(&(0x7f0000000200), r3)
r12 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_mtu(r12, 0x29, 0x17, &(0x7f0000000600), &(0x7f0000000640)=0x4)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f00000002c0)={'team0\x00', <r13=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000300)={'team0\x00', <r14=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000340)={'vcan0\x00', <r15=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000480)={'team0\x00', <r16=>0x0})
getpeername$packet(r3, &(0x7f00000004c0)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000500)=0x14)
sendmsg$TEAM_CMD_PORT_LIST_GET(r8, &(0x7f0000000c80)={&(0x7f0000000180), 0xc, &(0x7f0000000580)={&(0x7f0000001300)=ANY=[@ANYBLOB="78060000", @ANYRES16=r11, @ANYBLOB="00012abd7000fcdbdf250300000008000100", @ANYRES32=r13, @ANYBLOB="7c00028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e63650038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004008000000008000100", @ANYRES32=r14, @ANYBLOB="b400028040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004003401000008000600", @ANYRES32=r7, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000800000038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000800000008000100", @ANYRES32=r7, @ANYBLOB="f80002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r7, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r15, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004001b0b000008000600", @ANYRES32=r7, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r7, @ANYBLOB="080007000000000008000100", @ANYRES32=r7, @ANYBLOB="b8000280400000000000000000005f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300f87ad1f774484a0e000008000400", @ANYRES32=r7, @ANYBLOB="08000700000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r7, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000400000008000100", @ANYRES32=r7, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e63650008000100", @ANYRES32=r16, @ANYBLOB="4801028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=r7, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040002000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000800000008000700000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400780a000008000100", @ANYRES32=r17, @ANYBLOB="bc00028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000008000008000600", @ANYRES32=r7, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400b17a000008000600", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="fc0002803c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000000c0004000b002a05030000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r7, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000500000008000600", @ANYRES32=r7, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r7, @ANYBLOB='\b\x00\a\x00\x00\x00\x00\x00'], 0x678}}, 0x20000000)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r7, {0x0, 0x7}, {}, {0xffff, 0x8}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x800)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r18=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x500, r18, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
ioctl$BSG_IO(r1, 0x2285, &(0x7f0000000380)={0x51, 0x20, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x30, 0x0, 0x6})

1.675837481s ago: executing program 1 (id=561):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x15, &(0x7f0000000680)={0x3, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000001c0)={0x70003, 0x0, [0x7, 0xb, 0x2, 0x9, 0x7, 0xa472, 0x3000000002, 0xfffffffffffffded]})
syz_emit_ethernet(0xb6, &(0x7f0000000080)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x25}, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b81923", 0x80, 0x0, 0x0, @local, @local, {[@hopopts={0x84, 0xf, '\x00', [@enc_lim={0x4, 0x1, 0x1}, @generic={0xe, 0x6f, "a36407298e821989a714ecef29818daa3bbee32678e8a5abae5001c2e2587c062caf35dd4f01a2b18498fc29170d913e79a8bcda387286a06efd36ff2d041578b1b126b49567851dbab6603c07ce46049f4a21ec23d6894684b7d7d213a377ed206f5541041132abc5eff69ee8c80d"}, @ra={0x5, 0x2, 0x4}]}]}}}}}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.675284637s ago: executing program 2 (id=562):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x1)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
move_mount(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x247)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x4044094)
setresuid(0xee01, 0xee00, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f00030000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1)
recvfrom$inet_nvme(0xffffffffffffffff, &(0x7f0000000500)=""/184, 0xb8, 0x1, &(0x7f0000000080)=@phonet={0x23, 0x7, 0x40, 0x4}, 0x80)
r1 = syz_io_uring_setup(0x460, &(0x7f0000000480)={0x0, 0x4000001f, 0x10, 0x2, 0x34f}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x2f, 0x1, 0x0, 0x4}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x59, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81e8943c, &(0x7f0000000280)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, <r4=>0x0})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r1, 0x50009417, &(0x7f0000001500)={{r1}, r4, 0x10, @unused=[0x3, 0x7, 0x400, 0xde9], @subvolid=0xfffffffffffffffd})

1.619209467s ago: executing program 2 (id=563):
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
close(0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, 0x0, 0x2004c8c0)
bpf$LINK_DETACH(0x22, &(0x7f0000000000), 0x4)
writev(0xffffffffffffffff, &(0x7f0000000740), 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04080400c9"], 0x7)

1.558801394s ago: executing program 2 (id=564):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0xc0002160, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000180)={'syztnl2\x00', &(0x7f0000000140)={'syztnl1\x00', <r2=>0x0, 0x8, 0x7800, 0xf6e9, 0x7ff, {{0x7, 0x4, 0x1, 0x2, 0x1c, 0x66, 0x0, 0x0, 0x29, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@rr={0x7, 0x7, 0x11, [@rand_addr=0x64010100]}]}}}}})
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=@newtclass={0x30, 0x28, 0x400, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0x8}, {0x1, 0x4}, {0x8, 0xfff3}}, [@tclass_kind_options=@c_clsact={0xb}]}, 0x30}, 0x1, 0x0, 0x0, 0x8048}, 0x40000)
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x200a})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r5 = dup3(r4, r3, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000240)={0x8, 0x0, &(0x7f0000000000)=[@increfs], 0x0, 0x0, 0x0})
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000300000010"], 0x0)
r6 = fsopen(&(0x7f00000000c0)='hfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000040)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/pid_for_children\x00')

1.500098922s ago: executing program 1 (id=565):
syz_emit_ethernet(0x4a, &(0x7f0000000100)=ANY=[@ANYRESOCT, @ANYRES64, @ANYRES32, @ANYRES16=0x0], 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r2 = fsopen(&(0x7f0000000080)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x8, 0x0, 0x0, 0x0)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1, 0x0, 0x0, 0x1003}}], 0x1003, 0x10122, 0x0)

1.339709107s ago: executing program 3 (id=566):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x3}, &(0x7f0000000100)=<r0=>0x0, 0x0)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000040)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
socket(0x2, 0x5, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
mknod(&(0x7f0000000000)='./file1\x00', 0x100, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
write$FUSE_IOCTL(r3, &(0x7f0000000100)={0x20, 0x0, 0x0, {0x0, 0x0, 0x0, 0x3}}, 0x20)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r2, 0x0, 0x0)
r5 = syz_open_dev$usbmon(&(0x7f0000001b80), 0x4, 0x400)
poll(&(0x7f00000002c0)=[{r5, 0x10}], 0x1, 0x4)
epoll_create(0x1)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000040)})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
mount(0x0, 0x0, 0x0, 0x40078, 0x0)
mount$9p_virtio(&(0x7f0000000200), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x10, 0x0)

1.239911477s ago: executing program 0 (id=567):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc3600040543a34b195c6a8fc054282cd41b264906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af41000000000000007f5ab0d534b8d63e4ca3be71f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733097f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b017d23c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b9ee4a0a0b9636bef4c23788494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74587100e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f26c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada4764320889000000000000000000000000000000a790af4fc17872b55b10db99e212d18193235659df45627da300959eafc8bfb44f70d250f8f2e86532700254c9a8b14999f59c8b9034c4bb2448eaeff5db21d4a7f3d974790d4c3cba7c402f50585b9289d86400679e5c2bcacb2841ca074d51fdb4a29e84d72b6c996cfbee06aa52cd632e82ba068e8e1572ef2eb414ba5fccfc3c03e64df6a9cc3936c604aa2c0e2ec7b777475023f29b146af003472ce146a5ff997ba53c51026c0096154f9280a34bbf21d66f57a250b5397766122fc86950ce5252e96868cd04df54764cf2082153d6cedd8aaf9700c734aa4a1cb33a2e0a13c5687be4de327511bff9816d13c3219dac1c1535f10243db6f96960ea6a621f5e1b7babbedf0a6bf0cf74123d2e78d01be2b048883a2459eec630fb0293d28d9799fd3a792caff693fd9f002f14c43fb5a1051cc686b7f114d7927eed559bdf2e8ddea3e61d5d942b63fe90230b2e1948fc563ef94d437281671d2fe5032d2a091fa842b0af2e116ba"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r2, 0xe0, &(0x7f0000000580)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000840)={r3}, 0x4)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240)={0x0, <r5=>0x0})
sched_setaffinity(r5, 0x8, &(0x7f0000000180)=0x7ff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x2f00020b, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xae5b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000340)={0xffffffff, 0x8, 0x81, 0x2, 0x9}, 0x14)
bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0x10)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)={0xc8, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @remote}}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @private}}}}]}, @CTA_EXPECT_MASK={0x3c, 0x3, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @remote}}}]}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @local}}}]}]}, 0xc8}}, 0x0)
sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x1, 0x0, 0x0, "0000000000000003"}, 0x10}}, 0x20000000)
read(r2, &(0x7f0000002340)=""/230, 0xe6)

1.146942234s ago: executing program 0 (id=568):
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x80008, 0xc, 0x414}, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x58, 0x24, 0xf0b, 0x70bd2b, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x24, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x5}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x6}, @TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x3}, @TCA_FQ_CODEL_MEMORY_LIMIT={0x6, 0x9, 0x3}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x804}, 0x4004800)
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002240)=[{{&(0x7f00000001c0)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000200)=[{&(0x7f00000004c0)="ffd9f5217a2b391fb91b48145a1f4381c7c007616b5fc2523af28967277ed39426eba0f7d773717fe404933687a1f52f79fd7b4e07c7b55fea118093a558c02b79001679747aa43d4e351518a9d12f80fb2ac2418b9c46572a8e3688dc87c3e0adb117259ac9bd34d5ca204a3931a3f1696b233aa4df74f5c0de8f79fc641283fa5210d5dbf651664ea471ad5e6444a0bc4b84882e6fa7196c7b544ae0df0ed2d3a5060b96db28c946df0f7568050bab32c5cd76328b8937b9eb54203c42ee9c5f484f92bf755274a77f6b17dfb849effe2ea064e2f95bb399a6290a86c487a8bb051ce7c49b1ec8ca08ce65b81b33ad7ed582ec9b5cd00f339079c9f79068", 0xff}, {&(0x7f00000005c0)="4eb49cacd7db5e8fa3517156ee0f9fc2370d77593d205832cf7c1ab44c1e4b04ab54da616978244a4d4bcc55f65934a33fabb285abcbbc4093f6f08f24e9c12b0e5fe76fd46b29785bbec435ecbdf064552f6af5b9e4f2cf0cfbd364744008274dff91b08ba37cf3502d77ad2dec05c833bc9f0cb4f225264316af65faed4b8c24b0d4b4df3477bb780abac1c8e1d7f21ef1809c5179153a462149b8fd243b28bf6eed5c617002784a5c9f25924844478521fc", 0xb3}, {&(0x7f0000000680)="f179c9990a03bace70805a2126fb6a790261df8147470e3ff09b7380be0b25d670148d743c96ef91ff19cce6b4944d9c067579b4cbb10caed08ef8afaa525060ac58189f6c0b1b4c44bf92d1425dcb1e8b5fae2137944f2aad11aa62ca63fde07525601a7c81870ef24dd8d16075624cca411fcb6ae438fb7bc008d83aae7341cdf37254b6d84abaeaa75d1d232b29b394b1ee03b9ba17dedd500846fd0fe4fb9d71030bc7f835ec97e686cf5aa31473ff3ae3671a16e63c000f88b85f5303c695055b78ab4b4153d7a5bf0b30108b99f7b95ccab8a49574ebc7da2c778a13ca45f74f1e637aed41e2ed6b926c24d99faf2a52f0f27938f84efd694a0b34", 0xfe}, {&(0x7f0000000780)="380026e363053ffa5b6c20eaba2466c811c403cbadf5233994bbff009af12a5792dbdce65aca099201714f771072737be2c2ecd88037abdd83a2fb565badba185bbf5a94da84df53d79a8f8ad21c9640bbce81a577b74d111135c55ccc95840ae080eb642530ae72fda369d81dd8a45fe13c40d3c671863d92b2bacabb28fcf2f44ca58ff28df40197a7cd7458773d499c592b6fe986c98f6d94f97af33b5d440e7be694219a33912c05a5f2d4ea438a40c27461b507d5aecef3fe2898c36da6cfb7fe1c66353240ac63631ac9cc2711e35127cda1a475f716507290dbdc47d98ab04d59dd8d579ffa26c19b4cf53c42a1b513534f38dea6381cd5872509cc", 0xff}], 0x4, &(0x7f0000000400)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x18}}, {{&(0x7f0000000880)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000980)=[{&(0x7f00000008c0)="3ba1fbb0f2f2ebc88987aec1030ba4d6a572d39cf29057b8ccb03262b75f7f2623c826d9f8977f1bd10d100a55d8855f4528ce6c325bc0c64697e6e961c8327265214ae57e6275fdf348b9ec5678d7c257709f0979664e18572f726ba918579ba05e82f947511fc4b92396623bc5378a36ca89223ed6574512c6bdf22fb27ae34b48443b8ecf08efb56068eb5b3ff6e9c4f922879f54738be48eafc59b21e35462b0f248849e118d0a991a833708", 0xae}], 0x1, &(0x7f0000000b40)=[@ip_tos_int={{0x10, 0x0, 0x1, 0x2}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x81}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_retopts={{0x30, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x14, 0x52, 0x3, 0x9, [{@loopback, 0x3ff}, {@dev={0xac, 0x14, 0x14, 0x3e}, 0x83}]}, @noop, @cipso={0x86, 0xe, 0x2, [{0x6, 0x8, "1e8f66435f17"}]}]}}}, @ip_retopts={{0x64, 0x0, 0x7, {[@rr={0x7, 0xf, 0x2d, [@multicast2, @broadcast, @dev={0xac, 0x14, 0x14, 0x1b}]}, @rr={0x7, 0x13, 0xf6, [@empty, @multicast2, @loopback, @multicast1]}, @ssrr={0x89, 0xb, 0xa7, [@initdev={0xac, 0x1e, 0x0, 0x0}, @local]}, @ssrr={0x89, 0x2b, 0xee, [@broadcast, @broadcast, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010101, @loopback, @local, @broadcast, @empty, @private=0xa010102]}]}}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @broadcast}}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @empty, @rand_addr=0x64010100}}}], 0xfc}}, {{0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000c40)="992daad6c6c366177d74775759b2e491bcdcff42a6e25160587da231b51f81636de353f6b42c0173ce964b6d18e32fd53de4feb0ae967c8c5f137240e9b171a144b93c970c", 0x45}, {&(0x7f0000000d80)="c346c41dad46270ce559313626e7058ed5ee6facb3b1f335293ccef2037a8d271c7d845e034851bc02752fc9495be81da0f67cccbb106479a0a12d819161da43b6e5850c49f5aa6c948ce3e89119fb7458c13fed6d13817f33c4b481ce6354d1319342624b16572ec1c66b1e6375b474c35ee15cdb8bbdd1891ab75bf6d4f42eb1d4c181178492c7f910d6b23af9c89277e8766d0af5a4b80c8fb5fb2732dfd971801a8bf1da9c57c7a7aef1de210d5d5153b2ea09373843341f95c85a436565d1a672144b5cb7b492c940a8860e66a5f3aa61477f53f26dd916236d0e13187467e3cb1445f8c0c3bc8254eb8ab383cde5ae", 0xf2}, {&(0x7f0000000e80)="726d578fa618eac35416b821a7cb0321c7418a7e9af7daaae30ef7bfcfb40a8d5d71e9d7d1ca4d3fbbcc5dc219d3d4f6c1c90285b5c18f4d5f2d12c548c1fb6ee91427280d6fea165f8f5c481527a1dd0342cd832851158ac84ed7f38f22c2919d85c1d31ffcfaf5f85c916bbdc55c4491a5bd2dcb24f3dc175d96fafc46d4edb1a3f48052ed97526ef002a9772aa209ad3b6e22d9879a85e72e01063f51698897ccb6a591b98e58be6b4e225b3d45d57c8b9fc22d6834478d65a933a334c09221b45ef15c01024867", 0xc9}, {&(0x7f0000000f80)="b674094639fb871ea268b27ef4d160b8f6825999146a7d46cdeaa787e96e96632499151c355eef2e5328c1beada173eecd8fc2d581587f9fef4ae64671e025c9ed50d080442c6c0979a7c4fc", 0x4c}, {&(0x7f0000001000)="153bfaa126af6273098f2a6897ece488cf6f76785563855fc73411290d0b7db3a75a3bb6beb240bb12f0edc7033b9a000fc510620e6fadcf205359401c5b7fec079d1427a63a0d3b90caed6ec3d1ef5abc4cc159e879a21397c28fa9ada7eb91baa88cb75fbe1ecdd9aa5082f725691998702c101e489ac09477ceba5363d369a34aa5ac346a887f25075f94e47a929b9593", 0x92}, {&(0x7f00000010c0)="a193400e67d1a7fb6b40ea82e60fbf1439d15dd15670ca805ee4946af90e532307d528214f3d5eded4246721666dd0ff1b2e2a39f263e9c902869959c9cc359493dcfcf52e4457b17c8e27a2f3da953d4e143760ae6eb4b39849f93a957c81a1f68eb6d1f2a135f07eaa2359e882192bc4aa913eafecbb0f5821cc25de7ca22834150867b4f072e7ebdf5262e592e486697cfac6abff266e06cc416f29af274071360da0c1eec411c51faae3a21ed9d57bc63c76383e1d953313a194d2a135eee7c48bd688a59852d1c8ae2a70564eb75a627ae46110cf647904adab8e7c827929c0a3829b399ee125372f62596c9bf93370c2ce0462e519e2c0", 0xfa}], 0x6, &(0x7f0000002340)=[@ip_retopts={{0x9c, 0x0, 0x7, {[@cipso={0x86, 0x46, 0xffffffffffffffff, [{0x7, 0x8, "5450b9f6fe28"}, {0x2, 0xc, "91b0cefc04c6fc567a0e"}, {0x2, 0xf, "4b09767e3b8a5004c18de8d1f7"}, {0x0, 0x7, "6049828eaf"}, {0x0, 0x4, "e039"}, {0x0, 0xe, "e3b64118427d9d6f550ea355"}, {0x1, 0x2}, {0x1, 0x2}]}, @ssrr={0x89, 0xb, 0xd2, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0x14, 0x23, 0x1, 0x3, [{@remote, 0x6}, {@rand_addr=0x64010102, 0x1}]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x24, 0x4f, 0x1, 0x0, [{@dev={0xac, 0x14, 0x14, 0x20}, 0x5}, {@multicast1, 0x7}, {@local}, {@broadcast, 0x4}]}]}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0xff}}, @ip_retopts={{0x38, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x2c, 0x50, 0x3, 0x7, [{@rand_addr=0x64010101, 0x1}, {@empty, 0x6}, {@multicast2, 0x2}, {@loopback, 0xe62}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8}]}]}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x92}}, @ip_retopts={{0x54, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0xf5, 0x0, 0x6, [0x0, 0x3]}, @timestamp_prespec={0x44, 0xc, 0xbe, 0x3, 0x6, [{@local, 0x7}]}, @noop, @lsrr={0x83, 0x7, 0xa8, [@empty]}, @ssrr={0x89, 0x23, 0xb6, [@rand_addr=0x64010102, @local, @local, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x27}, @multicast1]}, @ra={0x94, 0x4, 0x1}, @end]}}}], 0x148}}, {{&(0x7f0000001340)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f00000014c0)=[{&(0x7f0000001380)="a38fddcca9948fa78b1aa90df4ea7e243752", 0x12}, {&(0x7f00000013c0)="2e1cb959bca31f571d0ab4508c818d7b3650c2c89f2099b4e11644d11a4d9d63c892277fa2d90c92a878ea0759319cfbfa59c2820c73d828648abc7db0856f162e3780d6ae1df923a8249cd5b70e84ab6cc7859583347401f92609e9134c91f6d0e37ac95445dbb2543963995ac7e07a814988517c2d38b284fbb77f293bc89890f4785b39c0198772399445cfb678cbd213096ae2175a67a97a59e6bb58ba20b5615595312fe21cb4bab6450406a8b419136325744cb2a4b5e9be5176afbbad5ac701634a26f7100501b095d8e7f007e0e14fb47721754009053d5d44a8c73f12cff885b7e1fda1958fcd8266bd1d2c6fd155474980632271c353bdd6", 0xfd}], 0x2, &(0x7f0000001500)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @broadcast, @private=0xa010101}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x50}}, @ip_ttl={{0x10}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x8}}, @ip_retopts={{0x5c, 0x0, 0x7, {[@timestamp_addr={0x44, 0xc, 0xcf, 0x1, 0x8, [{@loopback, 0x281}]}, @ssrr={0x89, 0x1f, 0x23, [@private=0xa010102, @remote, @private=0xa010101, @multicast1, @private=0xa010100, @broadcast, @remote]}, @rr={0x7, 0xb, 0x20, [@broadcast, @multicast2]}, @noop, @ra={0x94, 0x4}, @lsrr={0x83, 0x13, 0xa7, [@private=0xa010100, @remote, @loopback, @broadcast]}]}}}, @ip_retopts={{0x58, 0x0, 0x7, {[@ra={0x94, 0x4}, @rr={0x7, 0x1b, 0xf9, [@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @empty, @loopback, @multicast1, @dev={0xac, 0x14, 0x14, 0x3a}]}, @ssrr={0x89, 0x13, 0x14, [@private=0xa010102, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @broadcast]}, @lsrr={0x83, 0xf, 0xaf, [@empty, @broadcast, @empty]}, @noop, @ssrr={0x89, 0x7, 0x51, [@broadcast]}, @noop]}}}, @ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x14, 0xd9, 0x0, 0x6, [0x9, 0x85ec, 0x479d, 0x200]}]}}}], 0x11c}}, {{&(0x7f0000001640)={0x2, 0x4e22, @loopback}, 0x10, &(0x7f0000001700)=[{&(0x7f0000001680)="4c3321390bdf34af204909c60a876a7df8d6353931f960a3a230642871c20b9b11c7ac7992619c95f7e64b38143ebbc6791ca0953e09db009916ce0b1e65e235f5b8ed7c7cb527cc8e4cc8f51f8e50c701d2d1e2", 0x54}], 0x1, &(0x7f0000001740)=[@ip_tos_int={{0x10, 0x0, 0x1, 0x6}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x6cde}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x8}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @multicast2, @rand_addr=0x64010102}}}], 0x48}}, {{&(0x7f00000017c0)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000001c00)=[{&(0x7f0000001800)="dd4d87d43b301dbf0247b274cea3a8884aac32bda3042dccfaf960c447754c6dba3e2932b4a3d76c8e26244179e96ffea552f019e78d2feeeef7c716158192d3e7bc6c67d7efa5cf", 0x48}, {&(0x7f0000001880)="6f2a2f1056965d6e089c75aeeb5d85ab413f6fceabcc9e470e8ebce010c7063838dd7ad6a86e9dbdca6c6daccc6512adbbc42692d1c443a5c77b8973db08c4d30c20f897726e621cd98b40ff47cf80adc2724ebb4c93d981186eef78aa983cc22ffd24bb444b922c290307e1eff477682b5f5258fff5d5616f921393df7d5cde15d4", 0x82}, {&(0x7f0000001940)="f88dcb3b7a2397c25407fe1c7376fcbead0c69a05f45bdb79e0a5302ba6941ef02bec9d79658904526790475d6ac344817a22e29ca9c46c636371c8b154e8ad14d44e9fc4afbd843712a53c7cffa31d77498aa97a0fd8fd5133e87445644476237ebf6581a31c5415cf7438dfd40e14d0bf69bb410a9ee769e07dcad0c6220abdba837e059f2c2c567789d65d50b2ad0aafc226156e595757ebb3d59a723b5c0ae5cfb0875", 0xa5}, {&(0x7f0000001a00)="7920ad367502cd8b30aabe5b6a1d65212e7119b6743c91dc2218122fc3721226649be5b3f3e8e847ab83aa5b9972b1b59485882e23bec2c2a266565dd6e27526f197e1e7b035e8800466853f2af6866c573c8b397e5f49510f49219491cc1f72132c7d281e9a8402107686a170b3549023f8a92f819ce7beca491e304dd8d81f5333023a4df27d7faac937e6782c969a2127131b44e2cb992b4d98e6174619fcee03c668530b6e18211446bcce2c3f39812aa5b87b53904e08a53b24101ac307b17486602ac8c84a4f916667e6c6798215c9ab231691cf025680155d8f215da8e4c87018d1baabfdf9627d731076b1c40c19ec6b097d93747cddb9", 0xfb}, {&(0x7f0000001b00)}, {&(0x7f0000001b40)="df8085cff49170ffd88eb0ac4ca0eb229d62271fe40173dd21c4a5e9990b5419f6882e38071079998e80ea1e68428c77e70a0fe3043e7ea4198c46d1485d0e3b3fc7c79ef16a8f60ea75e41ab7f23d2c2acfbf6187de561dc230f1acd6c3ec7e05f7505f10310d94b5119d1e04a828", 0x6f}, {&(0x7f0000001bc0)="9e20b50df3652c4f11e270fb2311d1ba1b7d3de97b984c618d20c682705c1663005e0836c812d7f33aee591b8a118952736e9ce1c06f8cbc", 0x38}], 0x7, &(0x7f0000001c40)=[@ip_ttl={{0x10, 0x0, 0x2, 0xe915}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @empty, @remote}}}, @ip_ttl={{0x10, 0x0, 0x2, 0x89c0}}, @ip_retopts={{0xc}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x3}}, @ip_ttl={{0x10, 0x0, 0x2, 0x3}}], 0x64}}, {{&(0x7f0000001cc0)={0x2, 0x4e22, @rand_addr=0x64010100}, 0x10, &(0x7f0000002100)=[{&(0x7f0000001d00)="a7c99f4875c18279d0e265d1087639ff1da47ab8a4f8a8406138cac132e103cc9c3c63f91c9d87389503fcd3494711d567ba0bd7892ffd7532c542d11bc31e0c5f7fa6e705b8ab452da6473b7356a5a385b3d74373ae911fce584963d25c66552a8b84383e2702e1e1f1ff96319ba542a07f65be28c4937b2d36c99ab6f646fc2f004d88e79bab8eb13021082f9ca2a642201e40a2492deb84554e08c916e7a615c4", 0xa2}, {&(0x7f0000001dc0)="747b9a57545c860249e9d3eea5b1ed103713e5f4ec8dd3f587e9f3601ea223b4452e8f452518e4a7d2a47c3143feedcbf4ff862c138ef91399f13b54c6ccfa8ad24f6cf513052cf3dd5210e28465d6b88b6997b249ba5d6fbe296d9a0a6e08c3a380569c82edb488623d9e0bf1544c7981b834566fd74637d6f009f04cc173818282ee984dd5540360ab6b45deae37c727be598170f40c552ad15a", 0x9b}, {&(0x7f0000001e80)="9d8c3acdae36e6bd2df042ed6f1611481d4d570c919428c3f7edf5a8e5ea76a5305028c546cbdee1b6be7f1e15b8f1e898f29887c65d9642a85b2e9d29124d4a84367e377fb3ff8d", 0x48}, {&(0x7f0000001f00)="158cbcedabd99a3f9ed8ae3f0d95f7ddabd8535249fbdc1cd865a71bd779ae77d54a3077ccb1aabcbaf2e6b73a462e1af9b84b47113f334643b4daaa327aa6b1e15e4f476b1a7e2f8d4e891f28d6361588af6cfad6ae17869cea256c2ce1adca578b5004eaea99aaf342796bee46205c994ec7202ca1f9a146b75297931eb1e3a790354c4bbacb43587b433f7e82bf649c47522e9a01161c871a7eee455977dd21ec27b6954c8d3e27f0281869da4df6949485d890dc46625940c71444b2ff1b35fb2d9754b74cf09030f1160169aa4ee59539b559bddfcfd1dc73faf9cc6e26f5c58a642f4a28f868277e959f1497c24cba521bea05367ad11cc959", 0xfc}, {&(0x7f0000002000)="6d0304e41d25d4b433f46944f5d1a90dd309750c62d5b0914585cc7ef57a81ec9c80318c2a95bcaa6e3ba7bef07ea9d514cdffd6b5b00ad9ac9e9ce3e64e6be2d45d9937b1053a03c6c170eaa445e871edae115f9cd053b52abe3f7fab285772d9bbcad08a3a78f8447221407475f5f894716c4f4222865f14444a96d6f1f0900a3087f4780d3dd90c873aa4df6a88a69bd607afd76fff00f9d39ea05c23265463e0cd8a511b66f516a3b32d0de759f2691876b3f4b11f1edcaa1d032e445db7a0077618ebae4968b0f90c8a8272b3702988d0069ca0185acd472db3deca89cbe7edf0878e02d33f9704274b4a4130a3", 0xf0}], 0x5, &(0x7f0000002140)=[@ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x23}, @local}}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @broadcast}}}, @ip_tos_int={{0x10, 0x0, 0x1, 0x9}}, @ip_ttl={{0x10}}, @ip_ttl={{0x10, 0x0, 0x2, 0x2}}, @ip_tos_int={{0x10, 0x0, 0x1, 0xb}}, @ip_tos_int={{0x10}}, @ip_ttl={{0x10, 0x0, 0x2, 0x3}}, @ip_retopts={{0x48, 0x0, 0x7, {[@ssrr={0x89, 0xb, 0x68, [@local, @remote]}, @lsrr={0x83, 0x17, 0x45, [@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2e}, @rand_addr=0x64010102, @empty]}, @timestamp_prespec={0x44, 0x14, 0xd8, 0x3, 0x6, [{@multicast1, 0x7}, {@rand_addr=0x64010102, 0x1}]}, @noop, @lsrr={0x83, 0x3, 0x6}]}}}], 0xd8}}], 0x7, 0x40)
getdents(0xffffffffffffffff, &(0x7f0000000040)=""/44, 0x2c)

1.065283867s ago: executing program 1 (id=569):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x9, 0x7fff7ffc}]})
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r1, &(0x7f0000000100)=@other={'lock', ' ', 'mem'}, 0x9)
write$vga_arbiter(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB='lock io'], 0xc)
close_range(r0, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000700)=ANY=[@ANYBLOB="63e1c5410250b00249144bc4f5ac150f06f23b3d880d549c05bf9970dffae56b605596e6138b94a8a9026ca8779b6037762df8cdf0d6e7aca7db1cf21374d3439db07e81503cfffb4335877a0de9015b7c96a24e7fb418e01740ea3a6799848524598dc9f249cd6a4a14a595cc4759d82c8c9b5e41ae25840f8f020fe8893402da5949c7ceb0b20c4c5f38e32a9d2d1588bc393c3f54d8996398dec822017d091e4fe1613179a9f3c1c0bba69353ae498604003bb4b80d5448e214ab3e", @ANYRES8=r1, @ANYRES64=r1, @ANYRES64=r0, @ANYRESOCT=r0, @ANYRES64=r1, @ANYRESDEC=r1], 0x17)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), r2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$IEEE802154_ASSOCIATE_REQ(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c00004c133b8985fca744312ec7d0761e045d35dab424cb075542fe1efd828983886cd95f012564d5ee6024a128f2879e42403a7252f384d7c1b7b233d09e9a33c501bdd635ba08b33ac765bc70e5c9cb83a1bc6a337aaddc559f2ed8d16a24c168c9f7250eab5d71ccd58c6b47423d2d4bb67e099be99adc0749a825aa1c15d995e2af833e120eda07f0e4b5662471190ae76acea640374920a1606c0c1dd353e45d79e9d3cc60a6c9298794f1fee2f360c361ed9e9686a23f82d7a0525b58579f786d9bcba98ec75ad1c4", @ANYRES32, @ANYBLOB="010027bd7000ffdbdf2501006f62cff0c4086f387cab"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4008000)
r3 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x800, 0x0)
ioctl$BINDER_CTL_ADD(r3, 0xc1086201, 0x0)
r4 = socket$pptp(0x18, 0x1, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000002180)=ANY=[@ANYBLOB="9feb0100180000000000000010000000100000000500000004000000000d000e04000000000001000000000000"], 0x0, 0x2d}, 0x28)
close(r4)

888.529122ms ago: executing program 1 (id=570):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sync_file_range(r0, 0x6b, 0x7, 0x7)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='qdisc_enqueue\x00', r3}, 0x18)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYRESHEX=r4, @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
listen(r1, 0x8000)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r7, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980903})
r8 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r8, 0x4020565a, &(0x7f0000000280)={0x3, 0x980900, 0x2eae0342ca72d7e8})
ioctl$VIDIOC_QUERYMENU(r8, 0xc008561c, &(0x7f0000000180)={0x980900, 0x3, @name="51da06bc7338e17dfebb1580e15b95473b09f0d1fb8aa1e9959ef9dc00"})
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=@gettfilter={0x2c, 0x2e, 0x100, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r6, {0xffff, 0x7}, {0xffe0, 0x1}, {0x1, 0xfff2}}, [{0x8, 0xb, 0x9}]}, 0x2c}}, 0x4000080)
bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r1, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)
r9 = openat$snapshot(0xffffff9c, &(0x7f0000000200), 0x4000, 0x0)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r9, 0x80083314, &(0x7f0000000240))

491.496544ms ago: executing program 2 (id=571):
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000680)='1', 0x1)
r2 = eventfd2(0x0, 0x0)
r3 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000080))
io_setup(0x4, &(0x7f00000001c0)=<r4=>0x0)
io_submit(r4, 0x2, &(0x7f0000000300)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r2}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x3, r2, &(0x7f0000000580)="27dfdb74ad047fec7ab616f4333021e5889d935acb0b7a2ca80b79d7150306d3547e805acbc5b4eacc827a5de5f701108fbf8bd46bec57e198cf367fe628a4f8c930ef27320aefd4ccbba0abd596500ccdf2d1cfc0995276b235b335447224568c1f0dad859b3e4d22a8d791c8c0e611fc27dff85513f4ca0986a80f7a14727d53f78d443dceb2b297e550fd7aba9607b64d7cce2c27682ff4988f0cbbe4de72426bab520416187aa3127056d56c72eec920531342d8670abea66e0b28244699c38838fee6574f9f442ce7fa", 0xcc, 0x0, 0x0, 0x1}])
r5 = syz_io_uring_setup(0x593a, &(0x7f0000000380)={0x0, 0x20b20f, 0x100fc, 0x1, 0x38a}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000004c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x10, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
inotify_init1(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$9p_virtio(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x190, &(0x7f0000000200)=ANY=[@ANYBLOB='t2ans=virtio,debug=0x0000000000000401,\x00', @ANYRESHEX=r2, @ANYRES8=r6])
r8 = syz_open_procfs(0x0, &(0x7f0000000480)='mounts\x00')
pread64(r8, &(0x7f0000001b80)=""/4084, 0xff4, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={&(0x7f0000000140)="17e89526a4730e15f15d7004baab12", 0x0, 0x0, 0x0, 0xc6}, 0x38)
setitimer(0x0, &(0x7f0000000040)={{}, {0x0, 0xea60}}, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0xfa7e}, 0x0)
r9 = syz_io_uring_setup(0x445e, &(0x7f0000000500)={0x0, 0x9526, 0x4, 0x1, 0x370, 0x0, r8}, &(0x7f0000000000)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r9, 0x75fa, 0xe475, 0x0, 0x0, 0x0)
io_uring_enter(r5, 0x708, 0x41e3, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
open_tree(r1, &(0x7f0000000140)='./file0\x00', 0x1000)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r8, 0xc02054a5, &(0x7f0000000400)={0x1000009, r8, 'id0\x00'})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)=ANY=[], 0x50)
clock_gettime(0x0, &(0x7f0000000080))

379.415714ms ago: executing program 3 (id=572):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x5})
r2 = eventfd2(0x0, 0x0)
r3 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000580)=0xf)
socket$netlink(0x10, 0x3, 0x13)
ioctl$PIO_FONTX(r3, 0x4b6c, &(0x7f00000001c0)={0x1c1, 0x14, &(0x7f00000005c0)="6fbf961cc781e33fd88ef20f789fbf7ed0b173b85b2c5f48a7cfb7df2fae17dda651d89fdd1036b3c1b99449f518dc6210a737aebbe6bf31a70c1a3a9da8d94e27b1055a4f610f0a7fb8d0b72ca0b566d274d6f3e2eddf742218328fceda188238a5aa5bb05e7ccb3ad0e518f41b1e6ae540524f14d9b3459e7db9d8ccdde048bdaf7e01519bd925cc3b168a02da210fe4498223d4ad281cb7a14e28823847746397e6f1ea9347aecda2bea72140b2c974d2448ce5c3d1982517ef53b952a5973030f138e5ffe970b1e0e268becf977f99d706ee0eb807dc05e1188ac5937b30291c6f5fe2864ac0631df925e41eb4b50289b366a0ba9c2d3eb02d3c99e22df7f52e884a0aa840b88b8a72c2fbd6c259a05f718b07be05f41af6248c076a3d44108ef6c2853e481185db3e9be183eb8a0a4eaedd06d9a00b14085711d27029c4a7a03f98b24b286c1cb50649d62bdc8b162da9659cc8cbfe11801b5cf83243c6c59dc3ff2d92348a9f7ed1c042e26c6e63898e891ddeed66d9f127255627b60d2abe360d5058299ab94a978bfd1a1c800bdbf9269048fc76f717020db10c46deb268b8793c5781ae1f39a334c4123be32e97356272b8fb8cff3d32def80405af13ca9304cd9cd13dc79f3172affe0076938f80d2a204497f7c3726f4783839d28b57013fb0be43b317b18c108f02739fd75426838297a156c9829bc7173dd3c9025416164f0c4fc8142ea1a0b5c41df13cd41f66c76fb258b9ccfe0e14a90b3983ed709c1ba920356fd7381a5b96dbfd9a2afd19f1ae701b55baa2644138c788207951b2fb8ccea527e1f5c9c62acf93185ff65c0de66c9b7583dd1a7170bf4c4aac4970e78007a38d049094fbb8b0137839561f2b8cdbdc59565e016e59bf12bf3c296c995492ae206d3a1d3d3289c6b5616df1f41089d1a7d4853534d7684432113548889f537b2fc8cf2ead66731952895c9b671bcca3c651c9710fdd947389d9f3e6c0ef84365de45526fa166eeaef6619a7de81e26fbb8077fe509046bd251290d16d7c2a15bb92c129ce9a471e1b0d7bd5ecd9dbfa5466da0f48d676d637bd461116ca466ff9882abc08c906489c47e1fbd920a574e003815af35a5c4e222e0c0566b1df63399b34bdddab29a51089dc7f54228626168761fdaed7c7051a0a8ae0a03b6ed4384fe08782f5eeca11d3dff26d97ba0d55551e8eacf421c5c2a1aa01054d9ef725e745d9f133c960abbc37512fec74219ab19097fe38fcc1a26ffcdb5d749d61b798f23f8459e4c9606d192f453a60a7b7777e0d8d67f73167f5fa1f3d1c7ca686ad1d5b6010627e71db76d111539d64fc4a24c860f12d39b61688892d9ba56b2298110b547b4bf8fd176210c5ae565d27840aac4eb12499a926746aff081c9bba520c75186c1052981f38201a69f2212dbda073361578fa"})
r4 = socket$rxrpc(0x21, 0x2, 0xa)
r5 = epoll_create(0x752)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000100))
setsockopt$sock_int(r4, 0x1, 0x7, &(0x7f00000002c0), 0x4)
r6 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000080)={0x0, 0x0, 0x6, &(0x7f0000000000)={0x0, "e922fe53e14fcad1ebe6ff00000000000000080000000000000000000021b49d61"}})
r7 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCXONC(r7, 0x540a, 0x0)
ioctl$TCXONC(r7, 0x540a, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
mount$binder(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0xe2ca6, &(0x7f0000000200)=ANY=[@ANYBLOB='max'])
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = socket(0x400000000010, 0x3, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r11, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c00)=@newtfilter={0x60, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r11, {0xfff2, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_basic={{0xa}, {0x30, 0x2, [@TCA_BASIC_EMATCHES={0x2c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x20, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0x7, 0x3, 0xbb1}, {0x6, 0x9, 0x3, 0x2}}}]}]}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x0)
write$eventfd(r2, &(0x7f00000000c0)=0x33482a89, 0x8)

278.808598ms ago: executing program 2 (id=573):
syz_open_procfs(0xffffffffffffffff, &(0x7f00000007c0)='children\x00') (async)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000007c0)='children\x00')
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/120, 0x78}], 0x1, 0x4, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0, {0x1}}, './file0\x00'})
fcntl$getownex(r0, 0x10, &(0x7f0000000180)={0x0, <r2=>0x0})
syz_open_procfs(r2, &(0x7f0000000100)='smaps_rollup\x00') (async)
r3 = syz_open_procfs(r2, &(0x7f0000000100)='smaps_rollup\x00')
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r4}, 0x18)
ioctl(r4, 0x6, &(0x7f00000001c0)) (async)
ioctl(r4, 0x6, &(0x7f00000001c0))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xa)
dup(r3) (async)
dup(r3)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r9, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) (async)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r9, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket(0x1, 0x803, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) (async)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x44, 0x10, 0x609, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88a8ffa7}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r12}]}, 0x44}}, 0x0)
r13 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r13, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r14], 0x5c}}, 0x40) (async)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r14], 0x5c}}, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000100)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c643c, &(0x7f0000000300)={0x0, 0x0, r1})

277.966444ms ago: executing program 0 (id=574):
mknod(&(0x7f00000000c0)='./file0\x00', 0x80, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000000400)={0xfffff117, 0x4, {0xffffffffffffffff}, {<r0=>0xffffffffffffffff}, 0xf296, 0x3})
quotactl$Q_QUOTAOFF(0x7fffffffc0000180, &(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, r0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000500)={0x601, 0x1, &(0x7f0000000180)=[r3], 0x0, &(0x7f0000000580), 0x0})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000280)={0x50, 0x0, r4, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000008380)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110e22fff6)
ioctl$BTRFS_IOC_INO_PATHS(r6, 0xc0389423, &(0x7f0000000080)={0x8000, 0x48, [0x6, 0x3, 0x8d8d, 0x81], &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
lseek(r5, 0x0, 0x2)

217.583808ms ago: executing program 0 (id=575):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYRES16=0x0, @ANYRES64], 0x0, 0x44}, 0x28)
fsopen(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x10, 0x37}, 0x94)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@random="e331105e1bfd", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0400", 0x18, 0x3a, 0xff, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], @ndisc_na={0x88, 0x0, 0x0, 0x67, '\x00', @loopback}}}}}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
timerfd_create(0x9, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r3, 0x10c, 0x6, &(0x7f0000000000)=0xdc, 0x4)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)='grpquota')
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a31000000000800044000000000090001007379"], 0x64}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x1d}, {0x7, [{0xc8, 0xd46c}, {0xc8, 0xff77}, {0xc8, 0xfff}, {0xc9, 0xffff}, {0xc9, 0xa9}, {0xc8, 0x9}, {0xc9, 0x2}]}}}, 0x20)
write$apparmor_exec(0xffffffffffffffff, 0x0, 0x11)

0s ago: executing program 2 (id=576):
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup(0x5ef9, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x2100)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000ab9ff0), 0x8)
r0 = socket$inet6(0xa, 0x3, 0x20)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e24, 0xa, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x8}, 0x46)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, 0x3}, 0x1c)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000200)=""/143, &(0x7f0000000000)=0x8f)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r3 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @none}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r4, 0x112, 0xf, &(0x7f00000000c0)=0x2, 0x12)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r6}, 0x1e)
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r5], &(0x7f0000000180), &(0x7f0000000200), 0x0})
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)

kernel console output (not intermixed with test programs):

 0000000000000004 RCX: 00000000c0185500
[   73.795296][ T6439] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[   73.795305][ T6439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   73.795314][ T6439] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   73.795323][ T6439] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   73.795343][ T6439]  </TASK>
[   74.352250][ T6419] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   74.437713][ T6466] FAULT_INJECTION: forcing a failure.
[   74.437713][ T6466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.444645][ T6466] CPU: 2 UID: 0 PID: 6466 Comm: syz.2.102 Not tainted syzkaller #0 PREEMPT(full) 
[   74.444662][ T6466] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.444669][ T6466] Call Trace:
[   74.444673][ T6466]  <TASK>
[   74.444677][ T6466]  dump_stack_lvl+0x16c/0x1f0
[   74.444696][ T6466]  should_fail_ex+0x512/0x640
[   74.444714][ T6466]  _copy_to_user+0x32/0xd0
[   74.444725][ T6466]  snd_pcm_status_user_compat64+0x362/0x390
[   74.444742][ T6466]  ? __pfx_snd_pcm_status_user_compat64+0x10/0x10
[   74.444767][ T6466]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   74.444788][ T6466]  snd_pcm_ioctl_compat+0x4f5/0x850
[   74.444800][ T6466]  ? hook_file_ioctl_common+0x145/0x410
[   74.444816][ T6466]  ? __pfx_snd_pcm_ioctl_compat+0x10/0x10
[   74.444830][ T6466]  ? __fget_files+0x20e/0x3c0
[   74.444844][ T6466]  ? __pfx_snd_pcm_ioctl_compat+0x10/0x10
[   74.444858][ T6466]  __ia32_compat_sys_ioctl+0x242/0x370
[   74.444876][ T6466]  __do_fast_syscall_32+0x7c/0x3a0
[   74.444892][ T6466]  do_fast_syscall_32+0x32/0x80
[   74.444907][ T6466]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   74.444921][ T6466] RIP: 0023:0xf7f94579
[   74.444929][ T6466] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   74.444939][ T6466] RSP: 002b:00000000f549555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   74.444950][ T6466] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0804124
[   74.444956][ T6466] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[   74.444962][ T6466] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   74.444968][ T6466] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   74.444974][ T6466] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   74.444986][ T6466]  </TASK>
[   74.469164][ T6464] netlink: 20 bytes leftover after parsing attributes in process `syz.1.101'.
[   74.547683][ T6471] tipc: Started in network mode
[   74.553875][ T6471] tipc: Node identity a652a356e55c, cluster identity 4711
[   74.556208][ T6471] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   74.558956][ T6471] syzkaller0: entered promiscuous mode
[   74.561346][ T6471] syzkaller0: entered allmulticast mode
[   74.594511][ T6471] tipc: Resetting bearer <eth:syzkaller0>
[   74.599089][ T6470] tipc: Resetting bearer <eth:syzkaller0>
[   74.610504][ T6470] tipc: Disabling bearer <eth:syzkaller0>
[   74.757812][ T6475] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   74.763542][ T6475] FAULT_INJECTION: forcing a failure.
[   74.763542][ T6475] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.767717][ T6475] CPU: 3 UID: 0 PID: 6475 Comm: syz.2.106 Not tainted syzkaller #0 PREEMPT(full) 
[   74.767732][ T6475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.767738][ T6475] Call Trace:
[   74.767743][ T6475]  <TASK>
[   74.767748][ T6475]  dump_stack_lvl+0x16c/0x1f0
[   74.767765][ T6475]  should_fail_ex+0x512/0x640
[   74.767783][ T6475]  _copy_from_user+0x2e/0xd0
[   74.767800][ T6475]  get_compat_msghdr+0xa7/0x170
[   74.767815][ T6475]  ? __pfx_get_compat_msghdr+0x10/0x10
[   74.767832][ T6475]  ___sys_sendmsg+0x1ae/0x1d0
[   74.767853][ T6475]  ? __pfx____sys_sendmsg+0x10/0x10
[   74.767873][ T6475]  ? find_held_lock+0x2b/0x80
[   74.767893][ T6475]  __sys_sendmsg+0x16d/0x220
[   74.767908][ T6475]  ? __pfx___sys_sendmsg+0x10/0x10
[   74.767927][ T6475]  ? rcu_is_watching+0x12/0xc0
[   74.767940][ T6475]  __do_fast_syscall_32+0x7c/0x3a0
[   74.767956][ T6475]  do_fast_syscall_32+0x32/0x80
[   74.767970][ T6475]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   74.767984][ T6475] RIP: 0023:0xf7f94579
[   74.767992][ T6475] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   74.768002][ T6475] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   74.768013][ T6475] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[   74.768019][ T6475] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[   74.768025][ T6475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   74.768030][ T6475] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   74.768037][ T6475] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   74.768049][ T6475]  </TASK>
[   75.305477][ T6492] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[   75.307725][ T6492] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   75.310997][ T6492] vhci_hcd vhci_hcd.0: Device attached
[   75.350332][   T24] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   75.509734][   T24] usb 7-1: Using ep0 maxpacket: 8
[   75.537297][   T24] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[   75.550689][   T24] usb 7-1: config 0 has no interface number 0
[   75.558797][   T24] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   75.571114][   T24] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[   75.581358][  T838] usb 43-1: new high-speed USB device number 2 using vhci_hcd
[   75.588956][   T24] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   75.623695][   T24] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[   75.669357][   T24] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[   75.684331][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.771513][   T24] usb 7-1: config 0 descriptor??
[   75.997666][   T24] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[   76.056194][ T6493] vhci_hcd: connection reset by peer
[   76.082273][ T1151] vhci_hcd: stop threads
[   76.085910][ T1151] vhci_hcd: release socket
[   76.113922][ T1151] vhci_hcd: disconnect device
[   76.164997][   T24] usb 7-1: USB disconnect, device number 2
[   76.286269][   T24] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[   77.565611][ T6506] =======================================================
[   77.565611][ T6506] WARNING: The mand mount option has been deprecated and
[   77.565611][ T6506]          and is ignored by this kernel. Remove the mand
[   77.565611][ T6506]          option from the mount to silence this warning.
[   77.565611][ T6506] =======================================================
[   77.591056][ T6506] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   77.602315][ T6507] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   77.605168][ T6506] evm: overlay not supported
[   77.608956][ T6507] syzkaller0: entered promiscuous mode
[   77.611529][ T6507] syzkaller0: entered allmulticast mode
[   77.621713][ T6507] tipc: Resetting bearer <eth:syzkaller0>
[   77.624840][ T6504] tipc: Resetting bearer <eth:syzkaller0>
[   77.631931][ T6504] tipc: Disabling bearer <eth:syzkaller0>
[   77.918510][ T6512] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   78.347742][ T6524] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[   78.371728][ T6524] ubi: mtd0 is already attached to ubi31
[   78.811856][ T6533] FAULT_INJECTION: forcing a failure.
[   78.811856][ T6533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.815990][ T6533] CPU: 3 UID: 0 PID: 6533 Comm: syz.1.123 Not tainted syzkaller #0 PREEMPT(full) 
[   78.816005][ T6533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.816011][ T6533] Call Trace:
[   78.816016][ T6533]  <TASK>
[   78.816021][ T6533]  dump_stack_lvl+0x16c/0x1f0
[   78.816039][ T6533]  should_fail_ex+0x512/0x640
[   78.816057][ T6533]  _copy_from_user+0x2e/0xd0
[   78.816074][ T6533]  __sys_bpf+0x21d/0x4de0
[   78.816093][ T6533]  ? __pfx___sys_bpf+0x10/0x10
[   78.816108][ T6533]  ? ksys_write+0x190/0x250
[   78.816123][ T6533]  ? __mutex_unlock_slowpath+0x161/0x7b0
[   78.816145][ T6533]  ? fput+0x9b/0xd0
[   78.816159][ T6533]  ? ksys_write+0x1ac/0x250
[   78.816170][ T6533]  ? __pfx_ksys_write+0x10/0x10
[   78.816184][ T6533]  __ia32_sys_bpf+0x76/0xe0
[   78.816201][ T6533]  __do_fast_syscall_32+0x7c/0x3a0
[   78.816217][ T6533]  do_fast_syscall_32+0x32/0x80
[   78.816231][ T6533]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   78.816244][ T6533] RIP: 0023:0xf703e579
[   78.816253][ T6533] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   78.816263][ T6533] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[   78.816274][ T6533] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000180
[   78.816280][ T6533] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[   78.816286][ T6533] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   78.816292][ T6533] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   78.816297][ T6533] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   78.816309][ T6533]  </TASK>
[   79.507558][ T6555] FAULT_INJECTION: forcing a failure.
[   79.507558][ T6555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.513012][ T6555] CPU: 3 UID: 0 PID: 6555 Comm: syz.0.127 Not tainted syzkaller #0 PREEMPT(full) 
[   79.513029][ T6555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.513036][ T6555] Call Trace:
[   79.513040][ T6555]  <TASK>
[   79.513045][ T6555]  dump_stack_lvl+0x16c/0x1f0
[   79.513065][ T6555]  should_fail_ex+0x512/0x640
[   79.513084][ T6555]  _copy_from_user+0x2e/0xd0
[   79.513103][ T6555]  __ia32_compat_sys_socketcall+0x187/0x770
[   79.513120][ T6555]  ? __fget_files+0x20e/0x3c0
[   79.513133][ T6555]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[   79.513151][ T6555]  ? fput+0x9b/0xd0
[   79.513167][ T6555]  ? ksys_write+0x1ac/0x250
[   79.513180][ T6555]  ? __pfx_ksys_write+0x10/0x10
[   79.513194][ T6555]  ? rcu_is_watching+0x12/0xc0
[   79.513208][ T6555]  __do_fast_syscall_32+0x7c/0x3a0
[   79.513225][ T6555]  do_fast_syscall_32+0x32/0x80
[   79.513241][ T6555]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.513255][ T6555] RIP: 0023:0xf7f91579
[   79.513265][ T6555] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.513276][ T6555] RSP: 002b:00000000f54b5430 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[   79.513287][ T6555] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f54b5444
[   79.513294][ T6555] RDX: 0000000000000000 RSI: 00000000f54b5560 RDI: 00000000f7424ff4
[   79.513301][ T6555] RBP: 00000000f54b5560 R08: 0000000000000000 R09: 0000000000000000
[   79.513307][ T6555] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.513313][ T6555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.513327][ T6555]  </TASK>
[   79.679295][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.131'.
[   79.731594][ T6561] FAULT_INJECTION: forcing a failure.
[   79.731594][ T6561] name failslab, interval 1, probability 0, space 0, times 0
[   79.735625][ T6561] CPU: 0 UID: 0 PID: 6561 Comm: syz.0.130 Not tainted syzkaller #0 PREEMPT(full) 
[   79.735643][ T6561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.735650][ T6561] Call Trace:
[   79.735654][ T6561]  <TASK>
[   79.735659][ T6561]  dump_stack_lvl+0x16c/0x1f0
[   79.735678][ T6561]  should_fail_ex+0x512/0x640
[   79.735693][ T6561]  ? __kmalloc_noprof+0xbf/0x510
[   79.735707][ T6561]  ? process_vm_rw_core.constprop.0+0x1d8/0x970
[   79.735721][ T6561]  should_failslab+0xc2/0x120
[   79.735735][ T6561]  __kmalloc_noprof+0xd2/0x510
[   79.735750][ T6561]  process_vm_rw_core.constprop.0+0x1d8/0x970
[   79.735767][ T6561]  ? __lock_acquire+0x62e/0x1ce0
[   79.735782][ T6561]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[   79.735799][ T6561]  ? import_ubuf+0x1b6/0x220
[   79.735820][ T6561]  ? iovec_from_user+0xbb/0x140
[   79.735833][ T6561]  process_vm_rw+0x216/0x2c0
[   79.735850][ T6561]  ? __pfx_process_vm_rw+0x10/0x10
[   79.735867][ T6561]  ? ksys_write+0x190/0x250
[   79.735884][ T6561]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   79.735905][ T6561]  ? ksys_write+0x1ac/0x250
[   79.735919][ T6561]  __ia32_sys_process_vm_writev+0xdf/0x1b0
[   79.735933][ T6561]  ? lockdep_hardirqs_on+0x7c/0x110
[   79.735946][ T6561]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   79.735961][ T6561]  __do_fast_syscall_32+0x7c/0x3a0
[   79.735976][ T6561]  do_fast_syscall_32+0x32/0x80
[   79.735991][ T6561]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.736004][ T6561] RIP: 0023:0xf7f91579
[   79.736013][ T6561] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.736022][ T6561] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 000000000000015c
[   79.736032][ T6561] RAX: ffffffffffffffda RBX: 0000000000000077 RCX: 0000000080001c80
[   79.736039][ T6561] RDX: 0000000000000001 RSI: 0000000080001d80 RDI: 0000000000000001
[   79.736045][ T6561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.736050][ T6561] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.736056][ T6561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.736068][ T6561]  </TASK>
[   79.808996][ T6536] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   80.691579][ T6600] FAULT_INJECTION: forcing a failure.
[   80.691579][ T6600] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.696490][ T6600] CPU: 3 UID: 0 PID: 6600 Comm: syz.3.139 Not tainted syzkaller #0 PREEMPT(full) 
[   80.696505][ T6600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.696511][ T6600] Call Trace:
[   80.696516][ T6600]  <TASK>
[   80.696520][ T6600]  dump_stack_lvl+0x16c/0x1f0
[   80.696538][ T6600]  should_fail_ex+0x512/0x640
[   80.696555][ T6600]  _copy_from_user+0x2e/0xd0
[   80.696572][ T6600]  get_compat_msghdr+0xa7/0x170
[   80.696586][ T6600]  ? __pfx_get_compat_msghdr+0x10/0x10
[   80.696604][ T6600]  ___sys_sendmsg+0x1ae/0x1d0
[   80.696619][ T6600]  ? __pfx____sys_sendmsg+0x10/0x10
[   80.696639][ T6600]  ? find_held_lock+0x2b/0x80
[   80.696658][ T6600]  __sys_sendmsg+0x16d/0x220
[   80.696672][ T6600]  ? __pfx___sys_sendmsg+0x10/0x10
[   80.696691][ T6600]  ? rcu_is_watching+0x12/0xc0
[   80.696705][ T6600]  __do_fast_syscall_32+0x7c/0x3a0
[   80.696721][ T6600]  do_fast_syscall_32+0x32/0x80
[   80.696735][ T6600]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   80.696748][ T6600] RIP: 0023:0xf712e579
[   80.696756][ T6600] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   80.696766][ T6600] RSP: 002b:00000000f551e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   80.696777][ T6600] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[   80.696783][ T6600] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   80.696789][ T6600] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   80.696794][ T6600] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   80.696800][ T6600] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   80.696812][ T6600]  </TASK>
[   80.713503][ T6601] netlink: 12 bytes leftover after parsing attributes in process `syz.2.138'.
[   80.739729][  T838] vhci_hcd: vhci_device speed not set
[   80.739838][ T6064] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   80.957681][ T6064] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   80.960853][ T6064] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   80.963736][ T6064] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   80.972292][ T6064] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   80.975464][ T6064] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.978050][ T6064] usb 6-1: Product: syz
[   80.979415][ T6064] usb 6-1: Manufacturer: syz
[   80.982784][ T6064] usb 6-1: SerialNumber: syz
[   80.988831][ T6064] hub 6-1:1.0: bad descriptor, ignoring hub
[   80.992309][ T6064] hub 6-1:1.0: probe with driver hub failed with error -5
[   81.242168][ T6631] FAULT_INJECTION: forcing a failure.
[   81.242168][ T6631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.247804][ T6631] CPU: 3 UID: 0 PID: 6631 Comm: syz.3.143 Not tainted syzkaller #0 PREEMPT(full) 
[   81.247831][ T6631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.247842][ T6631] Call Trace:
[   81.247851][ T6631]  <TASK>
[   81.247859][ T6631]  dump_stack_lvl+0x16c/0x1f0
[   81.247892][ T6631]  should_fail_ex+0x512/0x640
[   81.247923][ T6631]  _copy_from_user+0x2e/0xd0
[   81.247952][ T6631]  move_addr_to_kernel+0x65/0x170
[   81.247973][ T6631]  __sys_connect+0xb1/0x160
[   81.247993][ T6631]  ? __pfx___sys_connect+0x10/0x10
[   81.248011][ T6631]  ? handle_mm_fault+0x200/0xd10
[   81.248038][ T6631]  ? __pfx_ksys_write+0x10/0x10
[   81.248065][ T6631]  __ia32_sys_connect+0x71/0xb0
[   81.248084][ T6631]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   81.248109][ T6631]  __do_fast_syscall_32+0x7c/0x3a0
[   81.248132][ T6631]  do_fast_syscall_32+0x32/0x80
[   81.248150][ T6631]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   81.248169][ T6631] RIP: 0023:0xf712e579
[   81.248200][ T6631] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   81.248214][ T6631] RSP: 002b:00000000f551e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[   81.248228][ T6631] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000300
[   81.248235][ T6631] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[   81.248241][ T6631] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   81.248247][ T6631] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   81.248253][ T6631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.248265][ T6631]  </TASK>
[   81.427145][ T1948] cfg80211: failed to load regulatory.db
[   81.446074][ T6064] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   81.899755][ T6064] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[   82.061518][ T6064] usb 7-1: config index 0 descriptor too short (expected 52428, got 18)
[   82.064316][ T6064] usb 7-1: config 152 has an invalid descriptor of length 176, skipping remainder of the config
[   82.067712][ T6064] usb 7-1: config 152 has 0 interfaces, different from the descriptor's value: 11
[   82.072515][ T6064] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   82.075920][ T6064] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.234617][ T6655] FAULT_INJECTION: forcing a failure.
[   82.234617][ T6655] name failslab, interval 1, probability 0, space 0, times 0
[   82.238727][ T6655] CPU: 2 UID: 0 PID: 6655 Comm: syz.3.148 Not tainted syzkaller #0 PREEMPT(full) 
[   82.238742][ T6655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   82.238748][ T6655] Call Trace:
[   82.238754][ T6655]  <TASK>
[   82.238759][ T6655]  dump_stack_lvl+0x16c/0x1f0
[   82.238778][ T6655]  should_fail_ex+0x512/0x640
[   82.238794][ T6655]  ? fs_reclaim_acquire+0xae/0x150
[   82.238811][ T6655]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[   82.238831][ T6655]  should_failslab+0xc2/0x120
[   82.238846][ T6655]  __kmalloc_noprof+0xd2/0x510
[   82.238861][ T6655]  tomoyo_realpath_from_path+0xc2/0x6e0
[   82.238878][ T6655]  ? tomoyo_profile+0x47/0x60
[   82.238888][ T6655]  tomoyo_path_number_perm+0x245/0x580
[   82.238901][ T6655]  ? tomoyo_path_number_perm+0x237/0x580
[   82.238915][ T6655]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   82.238941][ T6655]  ? find_held_lock+0x2b/0x80
[   82.238951][ T6655]  ? hook_file_ioctl_common+0x145/0x410
[   82.238968][ T6655]  ? __fget_files+0x20e/0x3c0
[   82.238982][ T6655]  security_file_ioctl_compat+0x9b/0x240
[   82.238998][ T6655]  __ia32_compat_sys_ioctl+0xc3/0x370
[   82.239016][ T6655]  __do_fast_syscall_32+0x7c/0x3a0
[   82.239033][ T6655]  do_fast_syscall_32+0x32/0x80
[   82.239047][ T6655]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   82.239062][ T6655] RIP: 0023:0xf712e579
[   82.239071][ T6655] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   82.239081][ T6655] RSP: 002b:00000000f551e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   82.239092][ T6655] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[   82.239098][ T6655] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   82.239104][ T6655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   82.239110][ T6655] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   82.239115][ T6655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   82.239128][ T6655]  </TASK>
[   82.239133][ T6655] ERROR: Out of memory at tomoyo_realpath_from_path.
[   82.328845][ T6643] netlink: 'syz.2.145': attribute type 9 has an invalid length.
[   82.332489][ T6643] netlink: 'syz.2.145': attribute type 7 has an invalid length.
[   82.335759][ T6643] netlink: 'syz.2.145': attribute type 8 has an invalid length.
[   82.410901][ T6584] usb 6-1: reset high-speed USB device number 3 using dummy_hcd
[   82.533014][ T6064] usb 7-1: string descriptor 0 read error: -71
[   82.536032][ T6064] usb 7-1: USB disconnect, device number 3
[   82.811009][   T34] usb 6-1: USB disconnect, device number 3
[   82.815078][   T34] usblp0: removed
[   83.111939][ T6672] netlink: 'syz.0.152': attribute type 3 has an invalid length.
[   83.880699][ T6064] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   84.053440][ T6064] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   84.060213][ T6064] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   84.066521][ T6064] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[   84.069466][ T6064] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   84.078166][ T6064] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   84.081303][ T6064] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   84.083840][ T6064] usb 8-1: Product: syz
[   84.086802][ T6064] usb 8-1: Manufacturer: syz
[   84.285803][ T6683] netlink: 12 bytes leftover after parsing attributes in process `syz.1.154'.
[   85.756825][ T6706] vivid-007: disconnect
[   85.758537][ T6706] vivid-007: reconnect
[   85.794204][ T6713] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   85.797044][ T6713] syzkaller0: entered promiscuous mode
[   85.798877][ T6713] syzkaller0: entered allmulticast mode
[   85.815442][ T6713] tipc: Resetting bearer <eth:syzkaller0>
[   85.822948][ T6710] tipc: Resetting bearer <eth:syzkaller0>
[   85.834137][ T6710] tipc: Disabling bearer <eth:syzkaller0>
[   86.401199][ T6064] usb 8-1: USB disconnect, device number 2
[   87.213856][ T6735] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   87.217040][ T6735] syzkaller0: entered promiscuous mode
[   87.218716][ T6735] syzkaller0: entered allmulticast mode
[   87.238636][ T6735] tipc: Resetting bearer <eth:syzkaller0>
[   87.244525][ T6734] tipc: Resetting bearer <eth:syzkaller0>
[   87.255663][ T6734] tipc: Disabling bearer <eth:syzkaller0>
[   87.390088][ T6749] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   87.393861][ T6749] syzkaller0: entered promiscuous mode
[   87.395550][ T6749] syzkaller0: entered allmulticast mode
[   87.408302][ T6749] tipc: Resetting bearer <eth:syzkaller0>
[   87.413313][ T6748] tipc: Resetting bearer <eth:syzkaller0>
[   87.432640][ T6748] tipc: Disabling bearer <eth:syzkaller0>
[   87.544775][ T6756] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[   87.546852][ T6756] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   87.549920][ T6756] vhci_hcd vhci_hcd.0: Device attached
[   87.558184][ T6756] binder: 6752:6756 ioctl c0306201 80000040 returned -14
[   87.561831][ T6756] binder: 6752:6756 ioctl c0306201 80000640 returned -22
[   87.789705][ T6064] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[   87.917005][ T6761] FAULT_INJECTION: forcing a failure.
[   87.917005][ T6761] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.939718][ T6761] CPU: 1 UID: 0 PID: 6761 Comm: syz.3.176 Not tainted syzkaller #0 PREEMPT(full) 
[   87.939738][ T6761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.939745][ T6761] Call Trace:
[   87.939750][ T6761]  <TASK>
[   87.939755][ T6761]  dump_stack_lvl+0x16c/0x1f0
[   87.939776][ T6761]  should_fail_ex+0x512/0x640
[   87.939796][ T6761]  _copy_from_user+0x2e/0xd0
[   87.939817][ T6761]  __sys_bpf+0x21d/0x4de0
[   87.939838][ T6761]  ? __pfx___sys_bpf+0x10/0x10
[   87.939856][ T6761]  ? ksys_write+0x190/0x250
[   87.939874][ T6761]  ? __mutex_unlock_slowpath+0x161/0x7b0
[   87.939900][ T6761]  ? fput+0x9b/0xd0
[   87.939917][ T6761]  ? ksys_write+0x1ac/0x250
[   87.939930][ T6761]  ? __pfx_ksys_write+0x10/0x10
[   87.939948][ T6761]  __ia32_sys_bpf+0x76/0xe0
[   87.939967][ T6761]  __do_fast_syscall_32+0x7c/0x3a0
[   87.939986][ T6761]  do_fast_syscall_32+0x32/0x80
[   87.940002][ T6761]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   87.940018][ T6761] RIP: 0023:0xf712e579
[   87.940028][ T6761] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   87.940040][ T6761] RSP: 002b:00000000f551e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[   87.940051][ T6761] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[   87.940059][ T6761] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[   87.940066][ T6761] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   87.940073][ T6761] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   87.940079][ T6761] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   87.940094][ T6761]  </TASK>
[   88.086067][ T6759] ubi: mtd0 is already attached to ubi31
[   88.308917][ T6757] vhci_hcd: connection closed
[   88.310464][   T46] vhci_hcd: stop threads
[   88.314838][   T46] vhci_hcd: release socket
[   88.317681][   T46] vhci_hcd: disconnect device
[   88.702495][ T6772] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[   88.711402][ T6772] CIFS mount error: No usable UNC path provided in device string!
[   88.711402][ T6772] 
[   88.714578][ T6772] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[   89.204355][ T6779] warning: `syz.0.181' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   89.252640][ T6781] netlink: 'syz.0.182': attribute type 1 has an invalid length.
[   89.264504][ T6781] bond1: entered promiscuous mode
[   89.266295][ T6781] 8021q: adding VLAN 0 to HW filter on device bond1
[   89.271621][ T6781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.182'.
[   89.301067][ T6784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.183'.
[   89.315108][ T6784] FAULT_INJECTION: forcing a failure.
[   89.315108][ T6784] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.319206][ T6784] CPU: 0 UID: 0 PID: 6784 Comm: syz.0.183 Not tainted syzkaller #0 PREEMPT(full) 
[   89.319221][ T6784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.319242][ T6784] Call Trace:
[   89.319247][ T6784]  <TASK>
[   89.319251][ T6784]  dump_stack_lvl+0x16c/0x1f0
[   89.319269][ T6784]  should_fail_ex+0x512/0x640
[   89.319287][ T6784]  _copy_from_user+0x2e/0xd0
[   89.319304][ T6784]  move_addr_to_kernel+0x65/0x170
[   89.319316][ T6784]  __sys_sendto+0x1be/0x520
[   89.319329][ T6784]  ? __pfx___sys_sendto+0x10/0x10
[   89.319352][ T6784]  ? ksys_write+0x1ac/0x250
[   89.319364][ T6784]  ? __pfx_ksys_write+0x10/0x10
[   89.319378][ T6784]  __ia32_sys_sendto+0xdd/0x1b0
[   89.319390][ T6784]  ? lockdep_hardirqs_on+0x7c/0x110
[   89.319403][ T6784]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   89.319418][ T6784]  __do_fast_syscall_32+0x7c/0x3a0
[   89.319434][ T6784]  do_fast_syscall_32+0x32/0x80
[   89.319448][ T6784]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   89.319462][ T6784] RIP: 0023:0xf7f91579
[   89.319471][ T6784] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   89.319481][ T6784] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[   89.319492][ T6784] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000480
[   89.319498][ T6784] RDX: 00000000000000ac RSI: 0000000000000094 RDI: 0000000080000140
[   89.319504][ T6784] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[   89.319514][ T6784] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   89.319520][ T6784] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   89.319532][ T6784]  </TASK>
[   89.471195][ T6791] dvmrp0: entered allmulticast mode
[   89.720329][ T6793] syz.2.186 (6793): drop_caches: 2
[   89.733562][ T6793] syz.2.186 (6793): drop_caches: 2
[   90.519939][   T34] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   90.695684][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.699786][   T34] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   90.703801][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.746694][   T34] usb 5-1: config 0 descriptor??
[   90.998160][   T34] usbhid 5-1:0.0: can't add hid device: -71
[   91.001677][   T34] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[   91.017685][   T34] usb 5-1: USB disconnect, device number 2
[   91.479802][   T34] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   91.819776][ T6062] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   91.889788][   T34] usb 5-1: Using ep0 maxpacket: 32
[   91.893878][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.897598][   T34] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[   91.901083][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.905255][   T34] usb 5-1: config 0 descriptor??
[   91.908804][   T34] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   91.914345][   T34] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   91.982034][ T6062] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   91.984872][ T6062] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   91.988184][ T6062] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[   91.992140][ T6062] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   91.999515][ T6062] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   92.004602][ T6062] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   92.008117][ T6062] usb 6-1: Product: syz
[   92.009587][ T6062] usb 6-1: Manufacturer: syz
[   92.894695][ T6064] vhci_hcd: vhci_device speed not set
[   93.228255][ T6804] trusted_key: syz.0.190 sent an empty control message without MSG_MORE.
[   93.294097][ T6858] FAULT_INJECTION: forcing a failure.
[   93.294097][ T6858] name failslab, interval 1, probability 0, space 0, times 0
[   93.298330][ T6858] CPU: 0 UID: 0 PID: 6858 Comm: syz.3.200 Not tainted syzkaller #0 PREEMPT(full) 
[   93.298358][ T6858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.298365][ T6858] Call Trace:
[   93.298377][ T6858]  <TASK>
[   93.298381][ T6858]  dump_stack_lvl+0x16c/0x1f0
[   93.298411][ T6858]  should_fail_ex+0x512/0x640
[   93.298426][ T6858]  ? fs_reclaim_acquire+0xae/0x150
[   93.298443][ T6858]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[   93.298459][ T6858]  should_failslab+0xc2/0x120
[   93.298473][ T6858]  __kmalloc_noprof+0xd2/0x510
[   93.298488][ T6858]  tomoyo_realpath_from_path+0xc2/0x6e0
[   93.298505][ T6858]  ? tomoyo_profile+0x47/0x60
[   93.298515][ T6858]  tomoyo_path_number_perm+0x245/0x580
[   93.298527][ T6858]  ? tomoyo_path_number_perm+0x237/0x580
[   93.298541][ T6858]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   93.298568][ T6858]  ? find_held_lock+0x2b/0x80
[   93.298578][ T6858]  ? hook_file_ioctl_common+0x145/0x410
[   93.298595][ T6858]  ? __fget_files+0x20e/0x3c0
[   93.298610][ T6858]  security_file_ioctl_compat+0x9b/0x240
[   93.298624][ T6858]  __ia32_compat_sys_ioctl+0xc3/0x370
[   93.298643][ T6858]  __do_fast_syscall_32+0x7c/0x3a0
[   93.298659][ T6858]  do_fast_syscall_32+0x32/0x80
[   93.298674][ T6858]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   93.298687][ T6858] RIP: 0023:0xf712e579
[   93.298696][ T6858] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   93.298705][ T6858] RSP: 002b:00000000f54fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   93.298715][ T6858] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000000002275
[   93.298722][ T6858] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[   93.298728][ T6858] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   93.298733][ T6858] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   93.298739][ T6858] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   93.298752][ T6858]  </TASK>
[   93.298813][ T6858] ERROR: Out of memory at tomoyo_realpath_from_path.
[   93.476661][   T34] usb 5-1: USB disconnect, device number 3
[   93.511109][   T34] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[   93.659020][ T6860] ubi: mtd0 is already attached to ubi31
[   94.242769][ T6871] FAULT_INJECTION: forcing a failure.
[   94.242769][ T6871] name failslab, interval 1, probability 0, space 0, times 0
[   94.251712][ T6871] CPU: 2 UID: 0 PID: 6871 Comm: syz.3.204 Not tainted syzkaller #0 PREEMPT(full) 
[   94.251738][ T6871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.251749][ T6871] Call Trace:
[   94.251755][ T6871]  <TASK>
[   94.251763][ T6871]  dump_stack_lvl+0x16c/0x1f0
[   94.251792][ T6871]  should_fail_ex+0x512/0x640
[   94.251816][ T6871]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   94.251841][ T6871]  should_failslab+0xc2/0x120
[   94.251865][ T6871]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   94.251888][ T6871]  ? fuse_request_alloc+0x22/0x200
[   94.251912][ T6871]  fuse_request_alloc+0x22/0x200
[   94.251932][ T6871]  fuse_get_req+0x748/0xfd0
[   94.251959][ T6871]  ? __pfx_fuse_get_req+0x10/0x10
[   94.251978][ T6871]  ? find_held_lock+0x2b/0x80
[   94.251998][ T6871]  ? __page_table_check_zero+0x33c/0x5d0
[   94.252021][ T6871]  ? __kasan_check_byte+0x13/0x50
[   94.252046][ T6871]  ? unwind_next_frame+0x3f4/0x20a0
[   94.252069][ T6871]  __fuse_simple_request+0xb8/0xcb0
[   94.252097][ T6871]  fuse_getxattr+0x255/0x420
[   94.252117][ T6871]  ? __pfx_fuse_getxattr+0x10/0x10
[   94.252136][ T6871]  ? is_bpf_text_address+0x94/0x1a0
[   94.252159][ T6871]  ? kernel_text_address+0x8d/0x100
[   94.252175][ T6871]  ? __kasan_check_byte+0x13/0x50
[   94.252213][ T6871]  ? unwind_get_return_address+0x59/0xa0
[   94.252244][ T6871]  ? stack_trace_save+0x8e/0xc0
[   94.252266][ T6871]  ? __pfx_stack_trace_save+0x10/0x10
[   94.252291][ T6871]  ? __pfx_fuse_xattr_get+0x10/0x10
[   94.252308][ T6871]  fuse_xattr_get+0x7b/0xb0
[   94.252328][ T6871]  __vfs_getxattr+0x13a/0x1a0
[   94.252351][ T6871]  ? __pfx___vfs_getxattr+0x10/0x10
[   94.252370][ T6871]  ? lockdep_unlock+0x64/0xe0
[   94.252387][ T6871]  ? __lock_acquire+0x107f/0x1ce0
[   94.252415][ T6871]  cap_inode_need_killpriv+0x40/0x60
[   94.252435][ T6871]  security_inode_need_killpriv+0x1b9/0x1e0
[   94.252460][ T6871]  file_remove_privs_flags+0x331/0x580
[   94.252487][ T6871]  ? __pfx_file_remove_privs_flags+0x10/0x10
[   94.252513][ T6871]  ? __pfx___might_resched+0x10/0x10
[   94.252531][ T6871]  ? generic_write_check_limits+0x1f1/0x290
[   94.252552][ T6871]  ? generic_write_checks+0x311/0x480
[   94.252574][ T6871]  ? __pfx_generic_write_checks+0x10/0x10
[   94.252598][ T6871]  kiocb_modified+0x8b/0x2c0
[   94.252623][ T6871]  fuse_file_write_iter+0x34d/0x990
[   94.252652][ T6871]  do_iter_readv_writev+0x65f/0x9e0
[   94.252674][ T6871]  ? __pfx_do_iter_readv_writev+0x10/0x10
[   94.252711][ T6871]  vfs_writev+0x35f/0xde0
[   94.252733][ T6871]  ? __lock_acquire+0x62e/0x1ce0
[   94.252759][ T6871]  ? __pfx_vfs_writev+0x10/0x10
[   94.252796][ T6871]  ? __fget_files+0x20e/0x3c0
[   94.252822][ T6871]  ? do_pwritev+0x1a6/0x270
[   94.252840][ T6871]  do_pwritev+0x1a6/0x270
[   94.252860][ T6871]  ? __pfx_do_pwritev+0x10/0x10
[   94.252880][ T6871]  ? ksys_write+0x1ac/0x250
[   94.252900][ T6871]  ? __pfx_ksys_write+0x10/0x10
[   94.252924][ T6871]  __ia32_compat_sys_pwritev2+0x121/0x1b0
[   94.252947][ T6871]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   94.252976][ T6871]  __do_fast_syscall_32+0x7c/0x3a0
[   94.253003][ T6871]  do_fast_syscall_32+0x32/0x80
[   94.253026][ T6871]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   94.253049][ T6871] RIP: 0023:0xf712e579
[   94.253065][ T6871] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   94.253082][ T6871] RSP: 002b:00000000f551e55c EFLAGS: 00000296 ORIG_RAX: 000000000000017b
[   94.253098][ T6871] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800004c0
[   94.253110][ T6871] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 00000000000003ff
[   94.253121][ T6871] RBP: 0000000000000011 R08: 0000000000000000 R09: 0000000000000000
[   94.253146][ T6871] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   94.253155][ T6871] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   94.253179][ T6871]  </TASK>
[   94.501407][ T6062] usb 6-1: USB disconnect, device number 4
[   96.311292][ T6888] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   96.664175][ T6038] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   96.823060][ T6038] usb 6-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[   96.834234][ T6038] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[   96.837950][ T6038] usb 6-1: Product: syz
[   96.839570][ T6038] usb 6-1: Manufacturer: syz
[   96.841268][ T6038] usb 6-1: SerialNumber: syz
[   96.858412][ T6038] usb 6-1: config 0 descriptor??
[   96.876842][ T6038] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[   96.880499][ T6038] dvb-usb: bulk message failed: -22 (2/0)
[   96.901156][ T6038] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   96.906068][ T6038] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[   96.908968][ T6038] usb 6-1: media controller created
[   96.986032][ T6038] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   97.082290][ T6907] cxusb: i2c rd: len=80 is too big!
[   97.082290][ T6907] 
[   97.189837][  T838] usb 8-1: new low-speed USB device number 3 using dummy_hcd
[   97.342639][  T838] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[   97.345625][  T838] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[   97.349580][  T838] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   97.353506][  T838] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[   97.357075][  T838] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[   97.362964][  T838] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[   97.365522][  T838] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[   97.369550][  T838] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   97.374405][  T838] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[   97.378320][  T838] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[   97.383700][  T838] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[   97.389951][  T838] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[   97.393388][  T838] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   97.398333][  T838] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[   97.401481][ T6038] cxusb: set interface failed
[   97.402147][  T838] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[   97.409838][  T838] usb 8-1: string descriptor 0 read error: -22
[   97.410149][ T6038] dvb-usb: bulk message failed: -22 (1/0)
[   97.411889][  T838] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   97.411904][  T838] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.431471][  T838] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[   97.456468][ T6038] DVB: Unable to find symbol mt352_attach()
[   97.465776][ T6038] dvb-usb: bulk message failed: -22 (5/0)
[   97.469033][ T6038] zl10353_read_register: readreg error (reg=127, ret==-121)
[   97.474074][ T6038] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[   97.539917][ T6038] rc_core: IR keymap rc-dvico-mce not found
[   97.546205][ T6038] Registered IR keymap rc-empty
[   97.563813][ T6038] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0
[   97.577544][ T6038] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input8
[   97.590788][ T6038] dvb-usb: schedule remote query interval to 100 msecs.
[   97.593470][ T6038] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[   97.622509][ T6038] usb 6-1: USB disconnect, device number 5
[   97.659316][ T1948] usb 8-1: USB disconnect, device number 3
[   97.716631][ T6038] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[   97.930515][ T6923] syzkaller0: entered promiscuous mode
[   97.932948][ T6923] syzkaller0: entered allmulticast mode
[   97.942519][ T6926] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check.
[   97.949833][ T6062] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   98.026741][ T6930] netlink: 36 bytes leftover after parsing attributes in process `syz.1.222'.
[   98.029985][ T6930] netlink: 16 bytes leftover after parsing attributes in process `syz.1.222'.
[   98.032862][ T6930] netlink: 36 bytes leftover after parsing attributes in process `syz.1.222'.
[   98.035711][ T6930] netlink: 36 bytes leftover after parsing attributes in process `syz.1.222'.
[   98.111959][ T6062] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   98.116035][ T6062] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   98.120057][ T6062] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   98.123085][ T6062] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   98.127066][ T6062] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   98.130607][ T6062] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.135446][ T6062] usb 7-1: config 0 descriptor??
[   98.459903][   T34] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[   98.551923][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.554487][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.557151][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.559721][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.562121][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.564877][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.568171][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.571588][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.575683][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.578073][ T6062] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   98.600431][   T34] usb 8-1: device descriptor read/64, error -71
[   98.613163][ T6062] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   98.802128][  T839] usb 7-1: USB disconnect, device number 4
[   98.849903][   T34] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[   98.979847][   T34] usb 8-1: device descriptor read/64, error -71
[   99.061221][ T6940] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   99.091455][   T34] usb usb8-port1: attempt power cycle
[   99.429772][   T34] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[   99.454535][   T34] usb 8-1: device descriptor read/8, error -71
[   99.538780][ T6963] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   99.542677][ T6963] syzkaller0: entered promiscuous mode
[   99.545284][ T6963] syzkaller0: entered allmulticast mode
[   99.563619][ T6963] tipc: Resetting bearer <eth:syzkaller0>
[   99.568911][ T6962] tipc: Resetting bearer <eth:syzkaller0>
[   99.578520][ T6962] tipc: Disabling bearer <eth:syzkaller0>
[   99.658052][ T6965] netlink: 8 bytes leftover after parsing attributes in process `syz.0.232'.
[   99.699821][   T34] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[   99.703625][ T6967] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   99.707048][ T6967] syzkaller0: entered promiscuous mode
[   99.709535][ T6967] syzkaller0: entered allmulticast mode
[   99.722654][ T6967] FAULT_INJECTION: forcing a failure.
[   99.722654][ T6967] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.728034][ T6967] CPU: 1 UID: 0 PID: 6967 Comm: syz.0.233 Not tainted syzkaller #0 PREEMPT(full) 
[   99.728056][ T6967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.728067][ T6967] Call Trace:
[   99.728075][ T6967]  <TASK>
[   99.728082][ T6967]  dump_stack_lvl+0x16c/0x1f0
[   99.728110][ T6967]  should_fail_ex+0x512/0x640
[   99.728137][ T6967]  _copy_from_user+0x2e/0xd0
[   99.728165][ T6967]  get_user_ifreq+0x116/0x1c0
[   99.728192][ T6967]  sock_do_ioctl+0x16b/0x280
[   99.728217][ T6967]  ? __pfx_sock_do_ioctl+0x10/0x10
[   99.728243][ T6967]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   99.728274][ T6967]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   99.728305][ T6967]  compat_sock_ioctl+0x301/0x730
[   99.728324][ T6967]  ? __pfx_compat_sock_ioctl+0x10/0x10
[   99.728346][ T6967]  ? hook_file_ioctl_common+0x145/0x410
[   99.728373][ T6967]  ? __fget_files+0x20e/0x3c0
[   99.728399][ T6967]  ? __pfx_compat_sock_ioctl+0x10/0x10
[   99.728413][ T6967]  __ia32_compat_sys_ioctl+0x242/0x370
[   99.728441][ T6967]  __do_fast_syscall_32+0x7c/0x3a0
[   99.728467][ T6967]  do_fast_syscall_32+0x32/0x80
[   99.728489][ T6967]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   99.728510][ T6967] RIP: 0023:0xf7f91579
[   99.728522][ T6967] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   99.728538][ T6967] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   99.728554][ T6967] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000008922
[   99.728565][ T6967] RDX: 0000000080002280 RSI: 0000000000000000 RDI: 0000000000000000
[   99.728574][ T6967] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   99.728583][ T6967] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   99.728592][ T6967] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   99.728613][ T6967]  </TASK>
[   99.729572][ T6966] tipc: Resetting bearer <eth:syzkaller0>
[   99.730836][   T34] usb 8-1: device descriptor read/8, error -71
[   99.823779][ T6966] tipc: Disabling bearer <eth:syzkaller0>
[   99.920292][   T34] usb usb8-port1: unable to enumerate USB device
[   99.979278][ T6969] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   99.982353][ T6969] syzkaller0: entered promiscuous mode
[   99.984245][ T6969] syzkaller0: entered allmulticast mode
[  100.087771][ T6968] tipc: Resetting bearer <eth:syzkaller0>
[  100.098207][ T6968] tipc: Disabling bearer <eth:syzkaller0>
[  100.342833][ T6982] syzkaller1: entered promiscuous mode
[  100.345447][ T6982] syzkaller1: entered allmulticast mode
[  100.718546][ T6990] syzkaller1: entered promiscuous mode
[  100.719865][ T6987] ntfs3(sr0): Primary boot signature is not NTFS.
[  100.721038][ T6990] syzkaller1: entered allmulticast mode
[  100.725162][ T6987] ntfs3(sr0): try to read out of volume at offset 0xf800
[  100.790804][ T6988] IPVS: set_ctl: invalid protocol: 50 255.255.255.255:20002
[  100.960777][ T6994] syzkaller1: entered promiscuous mode
[  100.962508][ T6994] syzkaller1: entered allmulticast mode
[  101.097257][ T6975] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  101.164708][ T6997] usb usb1: usbfs: process 6997 (syz.0.240) did not claim interface 42 before use
[  103.359071][ T7043] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  103.364324][ T7043] syzkaller0: entered promiscuous mode
[  103.366459][ T7043] syzkaller0: entered allmulticast mode
[  103.390131][ T7043] tipc: Resetting bearer <eth:syzkaller0>
[  103.400403][ T7042] tipc: Resetting bearer <eth:syzkaller0>
[  103.429787][ T7042] tipc: Disabling bearer <eth:syzkaller0>
[  103.595087][ T7050] FAULT_INJECTION: forcing a failure.
[  103.595087][ T7050] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.600641][ T7050] CPU: 2 UID: 0 PID: 7050 Comm: syz.3.253 Not tainted syzkaller #0 PREEMPT(full) 
[  103.600664][ T7050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.600675][ T7050] Call Trace:
[  103.600682][ T7050]  <TASK>
[  103.600689][ T7050]  dump_stack_lvl+0x16c/0x1f0
[  103.600716][ T7050]  should_fail_ex+0x512/0x640
[  103.600743][ T7050]  _copy_from_user+0x2e/0xd0
[  103.600772][ T7050]  get_compat_msghdr+0xa7/0x170
[  103.600794][ T7050]  ? __pfx_get_compat_msghdr+0x10/0x10
[  103.600823][ T7050]  ___sys_sendmsg+0x1ae/0x1d0
[  103.600849][ T7050]  ? __pfx____sys_sendmsg+0x10/0x10
[  103.600884][ T7050]  ? find_held_lock+0x2b/0x80
[  103.600917][ T7050]  __sys_sendmsg+0x16d/0x220
[  103.600940][ T7050]  ? __pfx___sys_sendmsg+0x10/0x10
[  103.600973][ T7050]  ? rcu_is_watching+0x12/0xc0
[  103.600994][ T7050]  __do_fast_syscall_32+0x7c/0x3a0
[  103.601021][ T7050]  do_fast_syscall_32+0x32/0x80
[  103.601044][ T7050]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  103.601065][ T7050] RIP: 0023:0xf712e579
[  103.601078][ T7050] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  103.601094][ T7050] RSP: 002b:00000000f551e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  103.601110][ T7050] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  103.601121][ T7050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  103.601130][ T7050] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  103.601139][ T7050] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  103.601149][ T7050] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  103.601170][ T7050]  </TASK>
[  103.631454][ T7035] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  103.842206][ T7061] tmpfs: Bad value for 'grpquota_block_hardlimit'
[  104.043818][ T7070] netlink: 260 bytes leftover after parsing attributes in process `syz.3.260'.
[  104.083976][ T7073] FAULT_INJECTION: forcing a failure.
[  104.083976][ T7073] name failslab, interval 1, probability 0, space 0, times 0
[  104.087945][ T7073] CPU: 1 UID: 0 PID: 7073 Comm: syz.2.257 Not tainted syzkaller #0 PREEMPT(full) 
[  104.087959][ T7073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.087965][ T7073] Call Trace:
[  104.087969][ T7073]  <TASK>
[  104.087974][ T7073]  dump_stack_lvl+0x16c/0x1f0
[  104.087992][ T7073]  should_fail_ex+0x512/0x640
[  104.088007][ T7073]  ? fs_reclaim_acquire+0xae/0x150
[  104.088024][ T7073]  ? tomoyo_encode2+0x100/0x3e0
[  104.088038][ T7073]  should_failslab+0xc2/0x120
[  104.088053][ T7073]  __kmalloc_noprof+0xd2/0x510
[  104.088065][ T7073]  ? d_absolute_path+0x136/0x1a0
[  104.088082][ T7073]  tomoyo_encode2+0x100/0x3e0
[  104.088098][ T7073]  tomoyo_encode+0x29/0x50
[  104.088112][ T7073]  tomoyo_realpath_from_path+0x18f/0x6e0
[  104.088130][ T7073]  tomoyo_path_number_perm+0x245/0x580
[  104.088143][ T7073]  ? tomoyo_path_number_perm+0x237/0x580
[  104.088156][ T7073]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  104.088182][ T7073]  ? find_held_lock+0x2b/0x80
[  104.088193][ T7073]  ? hook_file_ioctl_common+0x145/0x410
[  104.088210][ T7073]  ? __fget_files+0x20e/0x3c0
[  104.088225][ T7073]  security_file_ioctl_compat+0x9b/0x240
[  104.088240][ T7073]  __ia32_compat_sys_ioctl+0xc3/0x370
[  104.088258][ T7073]  __do_fast_syscall_32+0x7c/0x3a0
[  104.088274][ T7073]  do_fast_syscall_32+0x32/0x80
[  104.088288][ T7073]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  104.088302][ T7073] RIP: 0023:0xf7f94579
[  104.088310][ T7073] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  104.088320][ T7073] RSP: 002b:00000000f547455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  104.088330][ T7073] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040187542
[  104.088337][ T7073] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  104.088342][ T7073] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  104.088348][ T7073] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  104.088354][ T7073] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  104.088367][ T7073]  </TASK>
[  104.088377][ T7073] ERROR: Out of memory at tomoyo_realpath_from_path.
[  104.567452][ T7082] FAULT_INJECTION: forcing a failure.
[  104.567452][ T7082] name failslab, interval 1, probability 0, space 0, times 0
[  104.571832][ T7082] CPU: 2 UID: 0 PID: 7082 Comm: syz.3.263 Not tainted syzkaller #0 PREEMPT(full) 
[  104.571850][ T7082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.571857][ T7082] Call Trace:
[  104.571861][ T7082]  <TASK>
[  104.571865][ T7082]  dump_stack_lvl+0x16c/0x1f0
[  104.571898][ T7082]  should_fail_ex+0x512/0x640
[  104.571914][ T7082]  ? fs_reclaim_acquire+0xae/0x150
[  104.571930][ T7082]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  104.571946][ T7082]  should_failslab+0xc2/0x120
[  104.571960][ T7082]  __kmalloc_noprof+0xd2/0x510
[  104.571975][ T7082]  tomoyo_realpath_from_path+0xc2/0x6e0
[  104.571992][ T7082]  ? tomoyo_profile+0x47/0x60
[  104.572002][ T7082]  tomoyo_path_number_perm+0x245/0x580
[  104.572015][ T7082]  ? tomoyo_path_number_perm+0x237/0x580
[  104.572028][ T7082]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  104.572055][ T7082]  ? find_held_lock+0x2b/0x80
[  104.572066][ T7082]  ? hook_file_ioctl_common+0x145/0x410
[  104.572083][ T7082]  ? __fget_files+0x20e/0x3c0
[  104.572097][ T7082]  security_file_ioctl_compat+0x9b/0x240
[  104.572112][ T7082]  __ia32_compat_sys_ioctl+0xc3/0x370
[  104.572130][ T7082]  __do_fast_syscall_32+0x7c/0x3a0
[  104.572146][ T7082]  do_fast_syscall_32+0x32/0x80
[  104.572160][ T7082]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  104.572173][ T7082] RIP: 0023:0xf712e579
[  104.572181][ T7082] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  104.572191][ T7082] RSP: 002b:00000000f54dc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  104.572202][ T7082] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000c0303e03
[  104.572208][ T7082] RDX: 0000000080000780 RSI: 0000000000000000 RDI: 0000000000000000
[  104.572214][ T7082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  104.572219][ T7082] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  104.572225][ T7082] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  104.572238][ T7082]  </TASK>
[  104.572259][ T7082] ERROR: Out of memory at tomoyo_realpath_from_path.
[  105.084464][ T7094] mmap: syz.1.266 (7094) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  105.221840][ T7099] FAULT_INJECTION: forcing a failure.
[  105.221840][ T7099] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  105.232689][ T7099] CPU: 0 UID: 0 PID: 7099 Comm: syz.0.268 Not tainted syzkaller #0 PREEMPT(full) 
[  105.232725][ T7099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  105.232734][ T7099] Call Trace:
[  105.232742][ T7099]  <TASK>
[  105.232749][ T7099]  dump_stack_lvl+0x16c/0x1f0
[  105.232776][ T7099]  should_fail_ex+0x512/0x640
[  105.232803][ T7099]  should_fail_alloc_page+0xe7/0x130
[  105.232826][ T7099]  prepare_alloc_pages+0x3c2/0x610
[  105.232855][ T7099]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  105.232877][ T7099]  ? __lock_acquire+0xb97/0x1ce0
[  105.232908][ T7099]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  105.232928][ T7099]  ? find_held_lock+0x2b/0x80
[  105.232952][ T7099]  ? __lock_acquire+0x62e/0x1ce0
[  105.232976][ T7099]  ? __lock_acquire+0xb97/0x1ce0
[  105.232996][ T7099]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  105.233021][ T7099]  ? policy_nodemask+0xea/0x4e0
[  105.233045][ T7099]  alloc_pages_mpol+0x1fb/0x550
[  105.233067][ T7099]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  105.233086][ T7099]  ? page_table_check_set+0x627/0x750
[  105.233113][ T7099]  alloc_pages_noprof+0x131/0x390
[  105.233136][ T7099]  pte_alloc_one+0x1c/0x3a0
[  105.233153][ T7099]  __pte_alloc+0x6d/0x3c0
[  105.233175][ T7099]  ? __pfx___pte_alloc+0x10/0x10
[  105.233195][ T7099]  ? __lock_acquire+0x62e/0x1ce0
[  105.233221][ T7099]  do_pte_missing+0x285a/0x3ba0
[  105.233239][ T7099]  ? mtree_range_walk+0x718/0xc00
[  105.233260][ T7099]  ? find_held_lock+0x2b/0x80
[  105.233275][ T7099]  __handle_mm_fault+0x152a/0x2a50
[  105.233300][ T7099]  ? __pfx___handle_mm_fault+0x10/0x10
[  105.233337][ T7099]  handle_mm_fault+0x589/0xd10
[  105.233370][ T7099]  __get_user_pages+0x551/0x34a0
[  105.233402][ T7099]  ? down_read_killable+0x220/0x4b0
[  105.233427][ T7099]  ? __pfx___get_user_pages+0x10/0x10
[  105.233451][ T7099]  ? __gup_longterm_locked+0x1171/0x17e0
[  105.233478][ T7099]  __gup_longterm_locked+0xa92/0x17e0
[  105.233508][ T7099]  ? __pfx___gup_longterm_locked+0x10/0x10
[  105.233539][ T7099]  ? find_held_lock+0x2b/0x80
[  105.233557][ T7099]  gup_fast_fallback+0xf78/0x23f0
[  105.233597][ T7099]  ? __pfx_gup_fast_fallback+0x10/0x10
[  105.233620][ T7099]  ? rcu_is_watching+0x12/0xc0
[  105.233637][ T7099]  ? trace_contention_end+0xdd/0x130
[  105.233660][ T7099]  ? __mutex_lock+0x1c5/0x1060
[  105.233688][ T7099]  get_user_pages_fast+0xa7/0xf0
[  105.233713][ T7099]  ? __pfx_get_user_pages_fast+0x10/0x10
[  105.233738][ T7099]  ? iov_iter_advance+0x7d/0x6c0
[  105.233764][ T7099]  __iov_iter_get_pages_alloc+0x818/0x20a0
[  105.233794][ T7099]  ? pipe_wait_writable+0x4a9/0x560
[  105.233815][ T7099]  ? pipe_wait_writable+0x451/0x560
[  105.233837][ T7099]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[  105.233864][ T7099]  ? __pfx_pipe_wait_writable+0x10/0x10
[  105.233884][ T7099]  ? __pfx___mutex_lock+0x10/0x10
[  105.233906][ T7099]  ? __pfx_autoremove_wake_function+0x10/0x10
[  105.233930][ T7099]  iov_iter_get_pages2+0xa3/0x100
[  105.233953][ T7099]  ? __pfx_iov_iter_get_pages2+0x10/0x10
[  105.233978][ T7099]  ? wait_for_space+0x232/0x2e0
[  105.233995][ T7099]  ? add_to_pipe+0x181/0x3b0
[  105.234013][ T7099]  __do_sys_vmsplice+0xa47/0x11a0
[  105.234037][ T7099]  ? __pfx___do_sys_vmsplice+0x10/0x10
[  105.234058][ T7099]  ? get_pid_task+0x106/0x250
[  105.234082][ T7099]  ? find_held_lock+0x2b/0x80
[  105.234104][ T7099]  ? find_held_lock+0x2b/0x80
[  105.234119][ T7099]  ? ksys_write+0x190/0x250
[  105.234150][ T7099]  ? __fget_files+0x20e/0x3c0
[  105.234176][ T7099]  ? __pfx_ksys_write+0x10/0x10
[  105.234201][ T7099]  ? __do_fast_syscall_32+0x7c/0x3a0
[  105.234224][ T7099]  __do_fast_syscall_32+0x7c/0x3a0
[  105.234247][ T7099]  do_fast_syscall_32+0x32/0x80
[  105.234269][ T7099]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  105.234289][ T7099] RIP: 0023:0xf7f91579
[  105.234303][ T7099] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  105.234318][ T7099] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 000000000000013c
[  105.234335][ T7099] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000140
[  105.234344][ T7099] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  105.234353][ T7099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  105.234369][ T7099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  105.234377][ T7099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  105.234399][ T7099]  </TASK>
[  105.647657][ T7108] afs: Unknown parameter ''
[  105.889766][  T839] usb 8-1: new low-speed USB device number 8 using dummy_hcd
[  105.946460][ T7118] netlink: 68 bytes leftover after parsing attributes in process `syz.2.274'.
[  105.969752][   T29] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  106.051117][  T839] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  106.054277][  T839] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  106.058492][  T839] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  106.063561][  T839] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  106.068398][  T839] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  106.075595][  T839] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  106.078771][  T839] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  106.089095][  T839] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  106.093474][  T839] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  106.097285][  T839] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  106.102666][  T839] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  106.105100][  T839] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  106.108498][  T839] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  106.112656][  T839] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  106.116400][  T839] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  106.123615][  T839] usb 8-1: string descriptor 0 read error: -22
[  106.125580][  T839] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  106.128450][  T839] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.129725][   T29] usb 5-1: Using ep0 maxpacket: 32
[  106.138186][  T839] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  106.140778][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.145534][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.148718][   T29] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  106.171057][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.180688][   T29] usb 5-1: config 0 descriptor??
[  106.603560][   T29] savu 0003:1E7D:2D5A.0004: hiddev1,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  106.794153][  T839] usb 5-1: USB disconnect, device number 4
[  106.911638][ T7130] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.279'.
[  106.986013][ T7131] netlink: 4 bytes leftover after parsing attributes in process `syz.2.277'.
[  107.322770][ T5339] Bluetooth: latency 3388 > 499
[  107.569754][   T29] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  107.732586][   T29] usb 5-1: config 1 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 194, changing to 11
[  107.736207][   T29] usb 5-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  107.752319][   T29] usb 5-1: config 1 interface 0 has no altsetting 0
[  107.758020][   T29] usb 5-1: New USB device found, idVendor=0eef, idProduct=722a, bcdDevice= 0.40
[  107.763156][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.765807][   T29] usb 5-1: Product: �힓힥�ㇻ꣕��憽鋣몶봦戢嘯꫱嵀䷟ꃎ᜖콴쩜ꖙᖿ傖�꫹�ᗦᑌ꜖휯�秦굡푸茸�♒
[  107.777815][   T29] usb 5-1: Manufacturer: 跭훽�븡ì떗ఢ䂯颲㑘圑曖�阾퇤ಾ�ﶹ鞣Ỿ왹燊渂䵀��腠�関ꦫᥡ�﯄�ӛ⇼㺂��꜂ᇯ鹶�Ｍ뇴₦㦦릶䀜ⷨ쎭ᘹ狨�槅齡䧌Ҵ碀��月�㬶�땄䰃휺硲䭪
[  107.791342][   T29] usb 5-1: SerialNumber: 뭥�燰ꊲ䋺鶲㜂瘎싙̫ᅽ䦢闟焰㹒趜ᪧ驎牄�蹱軎㉯屻ᄷ䣗�䰗
[  108.014790][ T7134] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  108.031337][   T29] usbhid 5-1:1.0: can't add hid device: -71
[  108.033760][   T29] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  108.040099][   T29] usb 5-1: USB disconnect, device number 5
[  108.309771][ T6064] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  108.460986][ T6064] usb 6-1: Using ep0 maxpacket: 8
[  108.463994][ T6064] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  108.466619][ T6064] usb 6-1: config 0 has no interface number 0
[  108.468583][ T6064] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  108.472198][ T6064] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  108.475837][ T6064] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 48, changing to 9
[  108.479326][ T6064] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  108.483737][ T6064] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  108.486969][ T6064] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.491206][ T6064] usb 6-1: config 0 descriptor??
[  108.496840][ T6064] ldusb 6-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[  108.531240][  T838] usb 8-1: USB disconnect, device number 8
[  109.214800][ T6064] usb 6-1: USB disconnect, device number 6
[  109.272738][ T6064] ldusb 6-1:0.55: LD USB Device #1 now disconnected
[  109.379878][ T5339] Bluetooth: hci2: command tx timeout
[  110.095905][ T7182] afs: Unknown parameter 'flozk'
[  110.496782][   T40] kauditd_printk_skb: 481 callbacks suppressed
[  110.496794][   T40] audit: type=1326 audit(1756251279.542:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.513529][   T40] audit: type=1326 audit(1756251279.562:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.521058][   T40] audit: type=1326 audit(1756251279.562:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.525996][ T7189] netlink: 8 bytes leftover after parsing attributes in process `syz.1.296'.
[  110.529854][   T40] audit: type=1326 audit(1756251279.562:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.548990][   T40] audit: type=1326 audit(1756251279.562:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.556940][   T40] audit: type=1326 audit(1756251279.562:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.566349][   T40] audit: type=1326 audit(1756251279.562:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.574324][   T40] audit: type=1326 audit(1756251279.572:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.582150][   T40] audit: type=1326 audit(1756251279.572:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.588711][   T40] audit: type=1326 audit(1756251279.572:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.1.296" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  110.698680][ T7201] afs: Unknown parameter ''
[  110.820265][   T61] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  110.969761][  T838] usb 7-1: new low-speed USB device number 5 using dummy_hcd
[  111.151893][  T838] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  111.154478][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  111.157831][  T838] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  111.161437][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  111.164962][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  111.169445][  T838] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  111.172133][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  111.175653][  T838] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  111.179714][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  111.183663][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  111.188101][  T838] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  111.190817][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  111.194046][  T838] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  111.198092][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  111.202167][  T838] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  111.211717][  T838] usb 7-1: string descriptor 0 read error: -22
[  111.215152][  T838] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  111.220692][  T838] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.233296][  T838] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  111.528105][ T7231] FAULT_INJECTION: forcing a failure.
[  111.528105][ T7231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.535016][ T7231] CPU: 2 UID: 0 PID: 7231 Comm: syz.0.302 Not tainted syzkaller #0 PREEMPT(full) 
[  111.535068][ T7231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.535079][ T7231] Call Trace:
[  111.535086][ T7231]  <TASK>
[  111.535093][ T7231]  dump_stack_lvl+0x16c/0x1f0
[  111.535122][ T7231]  should_fail_ex+0x512/0x640
[  111.535150][ T7231]  _copy_to_user+0x32/0xd0
[  111.535176][ T7231]  simple_read_from_buffer+0xcb/0x170
[  111.535197][ T7231]  proc_fail_nth_read+0x197/0x240
[  111.535217][ T7231]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  111.535239][ T7231]  ? rw_verify_area+0xcf/0x6c0
[  111.535261][ T7231]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  111.535280][ T7231]  vfs_read+0x1e4/0xcf0
[  111.535305][ T7231]  ? __pfx_vfs_read+0x10/0x10
[  111.535323][ T7231]  ? find_held_lock+0x2b/0x80
[  111.535348][ T7231]  ? __fget_files+0x20e/0x3c0
[  111.535375][ T7231]  ksys_read+0x12a/0x250
[  111.535394][ T7231]  ? __pfx_ksys_read+0x10/0x10
[  111.535416][ T7231]  ? rcu_is_watching+0x12/0xc0
[  111.535439][ T7231]  __do_fast_syscall_32+0x7c/0x3a0
[  111.535465][ T7231]  do_fast_syscall_32+0x32/0x80
[  111.535488][ T7231]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.535509][ T7231] RIP: 0023:0xf7f91579
[  111.535523][ T7231] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  111.535540][ T7231] RSP: 002b:00000000f5474590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  111.535558][ T7231] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5474620
[  111.535569][ T7231] RDX: 000000000000000f RSI: 00000000f7424ff4 RDI: 0000000000000000
[  111.535579][ T7231] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  111.535589][ T7231] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  111.535599][ T7231] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.535622][ T7231]  </TASK>
[  111.652189][ T7235] FAULT_INJECTION: forcing a failure.
[  111.652189][ T7235] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.656815][ T7235] CPU: 3 UID: 0 PID: 7235 Comm: syz.0.304 Not tainted syzkaller #0 PREEMPT(full) 
[  111.656831][ T7235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.656837][ T7235] Call Trace:
[  111.656842][ T7235]  <TASK>
[  111.656847][ T7235]  dump_stack_lvl+0x16c/0x1f0
[  111.656865][ T7235]  should_fail_ex+0x512/0x640
[  111.656883][ T7235]  _copy_from_user+0x2e/0xd0
[  111.656901][ T7235]  get_compat_msghdr+0xa7/0x170
[  111.656915][ T7235]  ? __pfx_get_compat_msghdr+0x10/0x10
[  111.656933][ T7235]  ___sys_sendmsg+0x1ae/0x1d0
[  111.656948][ T7235]  ? __pfx____sys_sendmsg+0x10/0x10
[  111.656969][ T7235]  ? find_held_lock+0x2b/0x80
[  111.656989][ T7235]  __sys_sendmsg+0x16d/0x220
[  111.657003][ T7235]  ? __pfx___sys_sendmsg+0x10/0x10
[  111.657022][ T7235]  ? rcu_is_watching+0x12/0xc0
[  111.657036][ T7235]  __do_fast_syscall_32+0x7c/0x3a0
[  111.657052][ T7235]  do_fast_syscall_32+0x32/0x80
[  111.657066][ T7235]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.657080][ T7235] RIP: 0023:0xf7f91579
[  111.657089][ T7235] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  111.657101][ T7235] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  111.657112][ T7235] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000000
[  111.657119][ T7235] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  111.657125][ T7235] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  111.657130][ T7235] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  111.657136][ T7235] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.657149][ T7235]  </TASK>
[  111.657290][ T7238] tty tty1: ldisc open failed (-12), clearing slot 0
[  111.658788][ T7235] netlink: 4 bytes leftover after parsing attributes in process `syz.0.304'.
[  111.791922][ T7242] netlink: 148 bytes leftover after parsing attributes in process `syz.1.306'.
[  112.863055][ T7250] netlink: 12 bytes leftover after parsing attributes in process `syz.3.308'.
[  112.909305][ T7253] netlink: 4 bytes leftover after parsing attributes in process `syz.3.308'.
[  113.575644][ T6062] usb 7-1: USB disconnect, device number 5
[  119.914028][ T7289] FAULT_INJECTION: forcing a failure.
[  119.914028][ T7289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.918845][ T7289] CPU: 2 UID: 0 PID: 7289 Comm: syz.3.312 Not tainted syzkaller #0 PREEMPT(full) 
[  119.918863][ T7289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.918870][ T7289] Call Trace:
[  119.918875][ T7289]  <TASK>
[  119.918881][ T7289]  dump_stack_lvl+0x16c/0x1f0
[  119.918900][ T7289]  should_fail_ex+0x512/0x640
[  119.918921][ T7289]  _copy_to_user+0x32/0xd0
[  119.918933][ T7289]  csum_and_copy_to_iter+0x716/0x1e00
[  119.918976][ T7289]  ? __pfx_csum_and_copy_to_iter+0x10/0x10
[  119.918991][ T7289]  ? do_raw_spin_lock+0x12c/0x2b0
[  119.919010][ T7289]  ? find_held_lock+0x2b/0x80
[  119.919022][ T7289]  ? __skb_recv_udp+0x720/0x940
[  119.919037][ T7289]  ? rcu_is_watching+0x12/0xc0
[  119.919052][ T7289]  __skb_datagram_iter+0x7fc/0x900
[  119.919064][ T7289]  ? __skb_recv_udp+0x3a9/0x940
[  119.919078][ T7289]  ? __pfx_csum_and_copy_to_iter+0x10/0x10
[  119.919092][ T7289]  ? do_csum+0x26f/0x2d0
[  119.919106][ T7289]  skb_copy_and_csum_datagram_msg+0x239/0x3a0
[  119.919120][ T7289]  ? __pfx_skb_copy_and_csum_datagram_msg+0x10/0x10
[  119.919134][ T7289]  ? get_page_from_freelist+0x132b/0x38e0
[  119.919157][ T7289]  udp_recvmsg+0x781/0x1300
[  119.919178][ T7289]  ? __pfx_udp_recvmsg+0x10/0x10
[  119.919201][ T7289]  ? __pfx_udp_recvmsg+0x10/0x10
[  119.919216][ T7289]  inet_recvmsg+0x444/0x6a0
[  119.919229][ T7289]  ? __pfx_inet_recvmsg+0x10/0x10
[  119.919242][ T7289]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  119.919258][ T7289]  sock_recvmsg+0x1b2/0x250
[  119.919270][ T7289]  ____sys_recvmsg+0x218/0x6b0
[  119.919284][ T7289]  ? __pfx_____sys_recvmsg+0x10/0x10
[  119.919294][ T7289]  ? import_iovec+0x86/0xb0
[  119.919310][ T7289]  ? __lock_acquire+0x62e/0x1ce0
[  119.919328][ T7289]  ___sys_recvmsg+0x114/0x1a0
[  119.919345][ T7289]  ? __pfx____sys_recvmsg+0x10/0x10
[  119.919362][ T7289]  ? find_held_lock+0x2b/0x80
[  119.919383][ T7289]  do_recvmmsg+0x55d/0x750
[  119.919400][ T7289]  ? __pfx_do_recvmmsg+0x10/0x10
[  119.919426][ T7289]  ? __fget_files+0x20e/0x3c0
[  119.919439][ T7289]  ? handle_mm_fault+0x200/0xd10
[  119.919453][ T7289]  __sys_recvmmsg+0x21c/0x280
[  119.919469][ T7289]  ? __pfx___sys_recvmmsg+0x10/0x10
[  119.919487][ T7289]  ? __pfx_ksys_write+0x10/0x10
[  119.919503][ T7289]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  119.919520][ T7289]  ? lockdep_hardirqs_on+0x7c/0x110
[  119.919535][ T7289]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  119.919552][ T7289]  __do_fast_syscall_32+0x7c/0x3a0
[  119.919569][ T7289]  do_fast_syscall_32+0x32/0x80
[  119.919586][ T7289]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  119.919600][ T7289] RIP: 0023:0xf712e579
[  119.919610][ T7289] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  119.919634][ T7289] RSP: 002b:00000000f54dc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  119.919647][ T7289] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000a40
[  119.919654][ T7289] RDX: 0000000000000001 RSI: 0000000000010000 RDI: 0000000000000000
[  119.919661][ T7289] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  119.919668][ T7289] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  119.919674][ T7289] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.919689][ T7289]  </TASK>
[  120.576829][ T7273] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  120.847131][ T7307] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  122.187367][ T7335] ubi: mtd0 is already attached to ubi31
[  122.456415][ T7346] cgroup2: Unknown parameter 'blkio'
[  123.514629][ T7356] FAULT_INJECTION: forcing a failure.
[  123.514629][ T7356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.518905][ T7356] CPU: 3 UID: 0 PID: 7356 Comm: syz.2.328 Not tainted syzkaller #0 PREEMPT(full) 
[  123.518939][ T7356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.518945][ T7356] Call Trace:
[  123.518950][ T7356]  <TASK>
[  123.518955][ T7356]  dump_stack_lvl+0x16c/0x1f0
[  123.518973][ T7356]  should_fail_ex+0x512/0x640
[  123.518991][ T7356]  _copy_to_user+0x32/0xd0
[  123.519003][ T7356]  simple_read_from_buffer+0xcb/0x170
[  123.519015][ T7356]  proc_fail_nth_read+0x197/0x240
[  123.519028][ T7356]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.519040][ T7356]  ? rw_verify_area+0xcf/0x6c0
[  123.519050][ T7356]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.519062][ T7356]  vfs_read+0x1e4/0xcf0
[  123.519076][ T7356]  ? __pfx_vfs_read+0x10/0x10
[  123.519087][ T7356]  ? find_held_lock+0x2b/0x80
[  123.519101][ T7356]  ? __fget_files+0x20e/0x3c0
[  123.519117][ T7356]  ksys_read+0x12a/0x250
[  123.519140][ T7356]  ? __pfx_ksys_read+0x10/0x10
[  123.519153][ T7356]  ? fput+0x9b/0xd0
[  123.519167][ T7356]  ? rcu_is_watching+0x12/0xc0
[  123.519180][ T7356]  __do_fast_syscall_32+0x7c/0x3a0
[  123.519196][ T7356]  do_fast_syscall_32+0x32/0x80
[  123.519210][ T7356]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  123.519224][ T7356] RIP: 0023:0xf7f94579
[  123.519232][ T7356] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  123.519243][ T7356] RSP: 002b:00000000f5495590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  123.519254][ T7356] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f5495620
[  123.519260][ T7356] RDX: 000000000000000f RSI: 00000000f7424ff4 RDI: 0000000000000000
[  123.519266][ T7356] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  123.519272][ T7356] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  123.519278][ T7356] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  123.519291][ T7356]  </TASK>
[  123.619960][ T5339] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  123.620006][   T63] Bluetooth: hci4: command 0x1003 tx timeout
[  125.763591][ T7392] FAULT_INJECTION: forcing a failure.
[  125.763591][ T7392] name failslab, interval 1, probability 0, space 0, times 0
[  125.768798][ T7392] CPU: 2 UID: 0 PID: 7392 Comm: syz.0.337 Not tainted syzkaller #0 PREEMPT(full) 
[  125.768834][ T7392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.768844][ T7392] Call Trace:
[  125.768851][ T7392]  <TASK>
[  125.768858][ T7392]  dump_stack_lvl+0x16c/0x1f0
[  125.768884][ T7392]  should_fail_ex+0x512/0x640
[  125.768905][ T7392]  ? fs_reclaim_acquire+0xae/0x150
[  125.768929][ T7392]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  125.768950][ T7392]  should_failslab+0xc2/0x120
[  125.768970][ T7392]  __kmalloc_noprof+0xd2/0x510
[  125.768993][ T7392]  tomoyo_realpath_from_path+0xc2/0x6e0
[  125.769016][ T7392]  ? tomoyo_profile+0x47/0x60
[  125.769033][ T7392]  tomoyo_path_number_perm+0x245/0x580
[  125.769050][ T7392]  ? tomoyo_path_number_perm+0x237/0x580
[  125.769068][ T7392]  ? finish_task_switch.isra.0+0x124/0xc10
[  125.769084][ T7392]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  125.769101][ T7392]  ? rcu_is_watching+0x12/0xc0
[  125.769151][ T7392]  ? find_held_lock+0x2b/0x80
[  125.769166][ T7392]  ? hook_file_ioctl_common+0x145/0x410
[  125.769192][ T7392]  ? __fget_files+0x20e/0x3c0
[  125.769213][ T7392]  security_file_ioctl_compat+0x9b/0x240
[  125.769235][ T7392]  __ia32_compat_sys_ioctl+0xc3/0x370
[  125.769262][ T7392]  __do_fast_syscall_32+0x7c/0x3a0
[  125.769284][ T7392]  do_fast_syscall_32+0x32/0x80
[  125.769304][ T7392]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  125.769322][ T7392] RIP: 0023:0xf7f91579
[  125.769334][ T7392] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  125.769350][ T7392] RSP: 002b:00000000f549555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  125.769366][ T7392] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000000002285
[  125.769376][ T7392] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  125.769385][ T7392] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  125.769394][ T7392] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  125.769403][ T7392] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  125.769424][ T7392]  </TASK>
[  125.769458][ T7392] ERROR: Out of memory at tomoyo_realpath_from_path.
[  125.834529][ T7394] loop8: detected capacity change from 0 to 16384
[  125.933631][ T7395] ubi: mtd0 is already attached to ubi31
[  127.387937][ T7418] netlink: 16 bytes leftover after parsing attributes in process `syz.3.343'.
[  127.495617][   T29] IPVS: starting estimator thread 0...
[  127.513581][   T40] kauditd_printk_skb: 33 callbacks suppressed
[  127.513591][   T40] audit: type=1326 audit(1756251296.562:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7425 comm="syz.3.346" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x0
[  127.579809][ T7424] IPVS: using max 43 ests per chain, 103200 per kthread
[  127.819853][  T839] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  127.905821][ T7432] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  127.969713][  T839] usb 8-1: Using ep0 maxpacket: 8
[  127.974290][  T839] usb 8-1: config index 0 descriptor too short (expected 5924, got 36)
[  127.977913][  T839] usb 8-1: config 250 has an invalid interface number: 228 but max is -1
[  127.983543][  T839] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0
[  127.988787][  T839] usb 8-1: config 250 has no interface number 0
[  127.994852][  T839] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  128.000643][  T839] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  128.009762][  T839] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  128.015828][  T839] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  128.025949][  T839] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  128.039781][  T839] usb 8-1: config 250 interface 228 has no altsetting 0
[  128.044966][  T839] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  128.048864][  T839] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  128.052358][  T839] usb 8-1: Product: syz
[  128.054087][  T839] usb 8-1: SerialNumber: syz
[  128.060378][  T839] hub 8-1:250.228: bad descriptor, ignoring hub
[  128.064600][  T839] hub 8-1:250.228: probe with driver hub failed with error -5
[  128.359751][  T839] usblp 8-1:250.228: usblp0: USB Bidirectional printer dev 9 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  128.448820][ T7446] netlink: 12 bytes leftover after parsing attributes in process `syz.1.349'.
[  128.742744][ T4900] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  128.901729][ T4900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.905246][ T4900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.908526][ T4900] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  128.912844][ T4900] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  128.916160][ T4900] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.919903][ T4900] usb 6-1: config 0 descriptor??
[  129.955035][ T7464] Bluetooth: MGMT ver 1.23
[  130.659892][  T839] usb 8-1: USB disconnect, device number 9
[  130.852888][  T839] usblp0: removed
[  131.520313][ T4900] usbhid 6-1:0.0: can't add hid device: -71
[  131.522347][ T4900] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  131.541158][ T4900] usb 6-1: USB disconnect, device number 7
[  131.712612][ T7483] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  131.715559][ T7483] syzkaller0: entered promiscuous mode
[  131.717466][ T7483] syzkaller0: entered allmulticast mode
[  131.728275][ T7483] tipc: Resetting bearer <eth:syzkaller0>
[  131.731826][ T7482] tipc: Resetting bearer <eth:syzkaller0>
[  131.738827][ T7482] tipc: Disabling bearer <eth:syzkaller0>
[  132.331066][ T7506] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  132.334204][ T7506] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  132.338375][ T7506] vhci_hcd vhci_hcd.0: Device attached
[  132.342483][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  132.362035][ T7506] netdevsim netdevsim0: Direct firmware load for @ failed with error -2
[  132.365502][ T7506] netdevsim netdevsim0: Falling back to sysfs fallback for: @
[  132.459849][   T34] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  132.589824][   T61] usb 37-1: new low-speed USB device number 3 using vhci_hcd
[  132.621557][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  132.625736][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  132.629213][   T34] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  132.633619][   T34] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  132.636736][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.644588][   T34] usb 7-1: config 0 descriptor??
[  132.706305][ T7507] vhci_hcd: connection reset by peer
[  132.710224][   T68] vhci_hcd: stop threads
[  132.712332][   T68] vhci_hcd: release socket
[  132.714725][   T68] vhci_hcd: disconnect device
[  132.751382][ T7514] Illegal XDP return value 8 on prog  (id 53) dev N/A, expect packet loss!
[  133.110154][ T5339] Bluetooth: hci1: unexpected event 0x09 length: 6 > 3
[  133.988042][ T7530] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  135.267959][   T34] usbhid 7-1:0.0: can't add hid device: -71
[  135.271076][   T34] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  135.276990][   T34] usb 7-1: USB disconnect, device number 6
[  135.674713][ T7560] FAULT_INJECTION: forcing a failure.
[  135.674713][ T7560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.679215][ T7560] CPU: 1 UID: 0 PID: 7560 Comm: syz.0.382 Not tainted syzkaller #0 PREEMPT(full) 
[  135.679231][ T7560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.679238][ T7560] Call Trace:
[  135.679243][ T7560]  <TASK>
[  135.679248][ T7560]  dump_stack_lvl+0x16c/0x1f0
[  135.679269][ T7560]  should_fail_ex+0x512/0x640
[  135.679287][ T7560]  _copy_from_iter+0x29f/0x1720
[  135.679307][ T7560]  ? __pfx__copy_from_iter+0x10/0x10
[  135.679323][ T7560]  ? rcu_is_watching+0x12/0xc0
[  135.679335][ T7560]  ? rcu_is_watching+0x12/0xc0
[  135.679345][ T7560]  ? kfree+0x24f/0x4d0
[  135.679355][ T7560]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[  135.679372][ T7560]  file_tty_write.constprop.0+0x488/0x9b0
[  135.679391][ T7560]  vfs_write+0x7d0/0x11d0
[  135.679404][ T7560]  ? __pfx_tty_write+0x10/0x10
[  135.679418][ T7560]  ? __pfx_vfs_write+0x10/0x10
[  135.679429][ T7560]  ? find_held_lock+0x2b/0x80
[  135.679454][ T7560]  ksys_write+0x12a/0x250
[  135.679511][ T7560]  ? __pfx_ksys_write+0x10/0x10
[  135.679525][ T7560]  ? rcu_is_watching+0x12/0xc0
[  135.679538][ T7560]  __do_fast_syscall_32+0x7c/0x3a0
[  135.679555][ T7560]  do_fast_syscall_32+0x32/0x80
[  135.679573][ T7560]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.679586][ T7560] RIP: 0023:0xf7f91579
[  135.679595][ T7560] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.679606][ T7560] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  135.679616][ T7560] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[  135.679651][ T7560] RDX: 000000000000ff2e RSI: 0000000000000000 RDI: 0000000000000000
[  135.679657][ T7560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.679663][ T7560] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  135.679672][ T7560] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.679686][ T7560]  </TASK>
[  135.791501][ T7564] netlink: 8 bytes leftover after parsing attributes in process `syz.0.383'.
[  135.797822][ T7564] bridge0: port 3(syz_tun) entered blocking state
[  135.802474][ T7564] bridge0: port 3(syz_tun) entered disabled state
[  135.805431][ T7564] syz_tun: entered allmulticast mode
[  135.808761][ T7564] syz_tun: entered promiscuous mode
[  135.809835][   T29] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  135.811527][ T7564] bridge0: port 3(syz_tun) entered blocking state
[  135.816617][ T7564] bridge0: port 3(syz_tun) entered forwarding state
[  135.973768][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.978627][   T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.983081][   T29] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  135.987577][   T29] usb 7-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[  135.990990][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.995183][   T29] usb 7-1: config 0 descriptor??
[  136.418613][   T29] usbhid 7-1:0.0: can't add hid device: -71
[  136.429830][   T29] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  136.436219][   T29] usb 7-1: USB disconnect, device number 7
[  137.182960][ T7579] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  137.667816][ T7599] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  137.689778][   T61] vhci_hcd: vhci_device speed not set
[  138.802207][ T7618] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.805306][ T7618] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.864390][ T7618] vxcan1: left allmulticast mode
[  138.957554][ T7618] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.962124][ T7618] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.033759][   T46] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.036619][   T46] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.041566][   T46] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.045582][   T46] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  139.212123][ T7633] netlink: 'syz.2.401': attribute type 10 has an invalid length.
[  139.218082][ T7633] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  139.221981][ T7633] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  139.225790][ T7633] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  139.321411][ T7642] netlink: 'syz.1.407': attribute type 10 has an invalid length.
[  139.324393][ T7642] bond0: (slave wlan1): Opening slave failed
[  139.439188][ T7641] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  139.459769][   T34] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  139.610212][   T34] usb 5-1: Using ep0 maxpacket: 32
[  139.621743][   T34] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  139.626603][   T34] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  139.630482][   T34] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  139.633677][   T34] usb 5-1: Product: syz
[  139.635502][   T34] usb 5-1: Manufacturer: syz
[  139.637512][   T34] usb 5-1: SerialNumber: syz
[  139.640759][   T34] usb 5-1: config 0 descriptor??
[  139.643519][ T7638] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  139.647600][   T34] hub 5-1:0.0: bad descriptor, ignoring hub
[  139.650062][   T34] hub 5-1:0.0: probe with driver hub failed with error -5
[  139.893952][ T7656] ubi: mtd0 is already attached to ubi31
[  140.009945][   T34] usb 5-1: USB disconnect, device number 6
[  140.452741][ T7662] use of bytesused == 0 is deprecated and will be removed in the future,
[  140.455563][ T7662] use the actual size instead.
[  140.835435][ T7666] kvm: requested 7542 ns i8254 timer period limited to 200000 ns
[  141.109391][ T7676] netlink: 'syz.2.419': attribute type 1 has an invalid length.
[  141.119295][ T7676] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  141.170802][ T7678] netlink: 24 bytes leftover after parsing attributes in process `syz.3.421'.
[  141.323341][ T7683] lo speed is unknown, defaulting to 1000
[  141.325969][ T7683] lo speed is unknown, defaulting to 1000
[  141.333482][ T7683] lo speed is unknown, defaulting to 1000
[  141.344301][ T7683] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  141.352788][ T7683] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  141.376778][ T7683] lo speed is unknown, defaulting to 1000
[  141.380897][ T7683] lo speed is unknown, defaulting to 1000
[  141.383875][ T7683] lo speed is unknown, defaulting to 1000
[  141.391563][ T7683] lo speed is unknown, defaulting to 1000
[  141.966678][ T7695] syz.2.425 (7695): /proc/7694/oom_adj is deprecated, please use /proc/7694/oom_score_adj instead.
[  142.036304][ T7695] netlink: 8 bytes leftover after parsing attributes in process `syz.2.425'.
[  142.449758][   T29] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  142.692933][   T29] usb 8-1: device descriptor read/64, error -71
[  143.035885][ T7714] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.039097][ T7714] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.104266][ T7714] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.121115][ T7714] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.246307][   T29] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  143.489855][ T1141] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.494424][   T29] usb 8-1: device descriptor read/64, error -71
[  143.495663][ T1141] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.520709][ T1141] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.526269][ T1141] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.529963][ T7725] lo speed is unknown, defaulting to 1000
[  143.610217][   T29] usb usb8-port1: attempt power cycle
[  143.739806][ T7719] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  143.979863][   T29] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  144.020179][   T29] usb 8-1: device descriptor read/8, error -71
[  144.119529][ T7759] lo speed is unknown, defaulting to 1000
[  144.299791][   T29] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  144.330279][   T29] usb 8-1: device descriptor read/8, error -71
[  144.358276][ T7762] netlink: 12 bytes leftover after parsing attributes in process `syz.2.444'.
[  144.398315][   T40] audit: type=1326 audit(1756251313.442:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7766 comm="syz.1.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  144.408155][ T7769] tty tty23: ldisc open failed (-12), clearing slot 22
[  144.410885][   T40] audit: type=1326 audit(1756251313.442:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7766 comm="syz.1.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  144.420137][   T40] audit: type=1326 audit(1756251313.442:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7766 comm="syz.1.445" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf703e579 code=0x7ffc0000
[  144.430869][   T40] audit: type=1326 audit(1756251313.442:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7766 comm="syz.1.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  144.440982][   T40] audit: type=1326 audit(1756251313.452:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7766 comm="syz.1.445" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf703e579 code=0x7ffc0000
[  144.449309][   T40] audit: type=1326 audit(1756251313.452:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7766 comm="syz.1.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  144.449911][   T29] usb usb8-port1: unable to enumerate USB device
[  144.460084][   T40] audit: type=1326 audit(1756251313.452:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7766 comm="syz.1.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  144.739173][ T7791] overlayfs: missing 'workdir'
[  144.743685][ T7791] netlink: 40 bytes leftover after parsing attributes in process `syz.2.452'.
[  144.835953][ T7745] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  144.958067][ T7794] lo speed is unknown, defaulting to 1000
[  145.280058][ T4900] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  145.435515][ T4900] usb 6-1: config 195 has an invalid interface number: 145 but max is 0
[  145.439002][ T4900] usb 6-1: config 195 has no interface number 0
[  145.441503][ T4900] usb 6-1: config 195 interface 145 has no altsetting 0
[  145.451515][ T4900] usb 6-1: New USB device found, idVendor=055f, idProduct=c211, bcdDevice=9b.e4
[  145.454418][ T4900] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.457107][ T4900] usb 6-1: Product: syz
[  145.458524][ T4900] usb 6-1: Manufacturer: syz
[  145.460380][ T4900] usb 6-1: SerialNumber: syz
[  145.705265][ T7810] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  145.730539][ T7809] tipc: Disabling bearer <eth:syzkaller0>
[  145.835584][ T4900] gspca_main: sunplus-2.14.0 probing 055f:c211
[  145.840154][ T4900] gspca_sunplus: reg_r err -71
[  147.010071][ T4900] sunplus 6-1:195.145: probe with driver sunplus failed with error -71
[  147.011988][ T4900] usb 6-1: USB disconnect, device number 8
[  147.296002][ T7830] netlink: 'syz.0.466': attribute type 10 has an invalid length.
[  147.298386][ T7830] netlink: 40 bytes leftover after parsing attributes in process `syz.0.466'.
[  147.301782][ T7830] batman_adv: batadv0: Adding interface: vlan1
[  147.303702][ T7830] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.311650][ T7830] batman_adv: batadv0: Interface activated: vlan1
[  147.516691][ T7849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.468'.
[  148.104026][ T7855] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  148.423221][ T7860] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  148.425447][ T7860] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  148.429589][ T7860] vhci_hcd vhci_hcd.0: Device attached
[  148.468675][ T7860] netdevsim netdevsim1: Direct firmware load for @ failed with error -2
[  148.489585][ T7860] netdevsim netdevsim1: Falling back to sysfs fallback for: @
[  148.778438][ T7866] FAULT_INJECTION: forcing a failure.
[  148.778438][ T7866] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.784129][ T7866] CPU: 3 UID: 0 PID: 7866 Comm: syz.3.474 Not tainted syzkaller #0 PREEMPT(full) 
[  148.784152][ T7866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.784163][ T7866] Call Trace:
[  148.784169][ T7866]  <TASK>
[  148.784175][ T7866]  dump_stack_lvl+0x16c/0x1f0
[  148.784202][ T7866]  should_fail_ex+0x512/0x640
[  148.784236][ T7866]  _copy_from_user+0x2e/0xd0
[  148.784260][ T7866]  move_addr_to_kernel+0x65/0x170
[  148.784280][ T7866]  __sys_sendto+0x1be/0x520
[  148.784300][ T7866]  ? __pfx___sys_sendto+0x10/0x10
[  148.784340][ T7866]  ? ksys_write+0x1ac/0x250
[  148.784360][ T7866]  ? __pfx_ksys_write+0x10/0x10
[  148.784383][ T7866]  __ia32_sys_sendto+0xdd/0x1b0
[  148.784402][ T7866]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.784423][ T7866]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  148.784446][ T7866]  __do_fast_syscall_32+0x7c/0x3a0
[  148.784468][ T7866]  do_fast_syscall_32+0x32/0x80
[  148.784487][ T7866]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.784504][ T7866] RIP: 0023:0xf712e579
[  148.784516][ T7866] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  148.784530][ T7866] RSP: 002b:00000000f551e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  148.784545][ T7866] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  148.784554][ T7866] RDX: 000000000000004d RSI: 00000000200047ee RDI: 0000000080000080
[  148.784563][ T7866] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  148.784571][ T7866] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  148.784579][ T7866] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  148.784597][ T7866]  </TASK>
[  148.879781][ T6058] usb 40-1: SetAddress Request (2) to port 0
[  148.882040][ T6058] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  148.984876][ T7861] vhci_hcd: connection reset by peer
[  148.987744][ T1141] vhci_hcd: stop threads
[  148.989347][ T1141] vhci_hcd: release socket
[  148.991088][ T1141] vhci_hcd: disconnect device
[  149.142227][ T7877] netlink: 8 bytes leftover after parsing attributes in process `syz.0.479'.
[  149.145033][ T7877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.479'.
[  149.231878][ T7882] netlink: 96 bytes leftover after parsing attributes in process `syz.0.480'.
[  149.406924][ T7884] netlink: 20 bytes leftover after parsing attributes in process `syz.2.481'.
[  149.489765][ T4900] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  149.651125][ T4900] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  149.682882][ T4900] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  149.694430][ T4900] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  149.707777][ T4900] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.722084][ T4900] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  149.725327][ T4900] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  149.730553][ T4900] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.743776][ T4900] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  149.748959][ T4900] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  149.754025][ T4900] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.769310][ T4900] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  149.773188][ T4900] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  149.777186][ T4900] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.782906][ T4900] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  149.787147][ T4900] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  149.791247][ T4900] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.797187][ T4900] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  149.802236][ T4900] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  149.806115][ T4900] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.820758][ T4900] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  149.824568][ T4900] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  149.828615][ T4900] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.833145][ T4900] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  149.836716][ T4900] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  149.840806][ T4900] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.862537][ T4900] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  149.866058][ T4900] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  149.869745][ T4900] usb 5-1: Product: syz
[  149.872002][ T4900] usb 5-1: Manufacturer: syz
[  149.874334][ T4900] usb 5-1: SerialNumber: syz
[  149.922315][ T4900] usb 5-1: config 0 descriptor??
[  150.039446][ T4900] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  150.174169][ T7899] netlink: 8 bytes leftover after parsing attributes in process `syz.3.487'.
[  150.611535][  T839] usb 5-1: USB disconnect, device number 7
[  150.626977][  T839] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  151.162200][ T7907] FAULT_INJECTION: forcing a failure.
[  151.162200][ T7907] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.169177][ T7907] CPU: 1 UID: 0 PID: 7907 Comm: syz.0.490 Not tainted syzkaller #0 PREEMPT(full) 
[  151.169206][ T7907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.169219][ T7907] Call Trace:
[  151.169227][ T7907]  <TASK>
[  151.169235][ T7907]  dump_stack_lvl+0x16c/0x1f0
[  151.169269][ T7907]  should_fail_ex+0x512/0x640
[  151.169297][ T7907]  _copy_from_user+0x2e/0xd0
[  151.169325][ T7907]  get_compat_msghdr+0xa7/0x170
[  151.169354][ T7907]  ? __pfx_get_compat_msghdr+0x10/0x10
[  151.169386][ T7907]  ___sys_sendmsg+0x1ae/0x1d0
[  151.169415][ T7907]  ? __pfx____sys_sendmsg+0x10/0x10
[  151.169454][ T7907]  ? find_held_lock+0x2b/0x80
[  151.169491][ T7907]  __sys_sendmsg+0x16d/0x220
[  151.169519][ T7907]  ? __pfx___sys_sendmsg+0x10/0x10
[  151.169558][ T7907]  ? rcu_is_watching+0x12/0xc0
[  151.169584][ T7907]  __do_fast_syscall_32+0x7c/0x3a0
[  151.169611][ T7907]  do_fast_syscall_32+0x32/0x80
[  151.169660][ T7907]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  151.169686][ T7907] RIP: 0023:0xf7f91579
[  151.169702][ T7907] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  151.169722][ T7907] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  151.169741][ T7907] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000600
[  151.169753][ T7907] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[  151.169763][ T7907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  151.169774][ T7907] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  151.169784][ T7907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  151.169806][ T7907]  </TASK>
[  151.570047][ T6038] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  151.626992][ T7920] netlink: 14 bytes leftover after parsing attributes in process `syz.1.494'.
[  151.730227][ T7920] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  151.753032][ T7920] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  151.761193][ T7920] bond0 (unregistering): Released all slaves
[  151.891292][ T7911] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.902282][ T7911] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.035393][ T7929] netlink: 14 bytes leftover after parsing attributes in process `syz.2.496'.
[  152.049954][   T29] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  152.123482][ T7929] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.128990][ T7929] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.135314][ T7929] bond0 (unregistering): Released all slaves
[  152.209783][   T29] usb 8-1: Using ep0 maxpacket: 8
[  152.213948][   T29] usb 8-1: config index 0 descriptor too short (expected 5924, got 36)
[  152.223947][   T29] usb 8-1: config 250 has an invalid interface number: 228 but max is -1
[  152.243062][   T29] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0
[  152.246141][   T29] usb 8-1: config 250 has no interface number 0
[  152.248442][   T29] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  152.269739][   T29] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  152.275357][   T29] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  152.287711][   T29] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  152.294001][   T29] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  152.298525][   T29] usb 8-1: config 250 interface 228 has no altsetting 0
[  152.302784][   T29] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  152.305773][   T29] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  152.308566][   T29] usb 8-1: Product: syz
[  152.309998][   T29] usb 8-1: SerialNumber: syz
[  152.318718][   T29] hub 8-1:250.228: bad descriptor, ignoring hub
[  152.320920][   T29] hub 8-1:250.228: probe with driver hub failed with error -5
[  152.528559][   T29] usblp 8-1:250.228: usblp0: USB Bidirectional printer dev 14 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  152.529776][ T7922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.536315][ T7922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.549939][   T29] usb 8-1: USB disconnect, device number 14
[  152.553711][   T29] usblp0: removed
[  153.939756][ T6058] usb 40-1: device descriptor read/8, error -110
[  153.992108][ T7966] netlink: 'syz.1.510': attribute type 1 has an invalid length.
[  153.995536][ T7966] netlink: 'syz.1.510': attribute type 2 has an invalid length.
[  154.132634][  T838] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  154.231979][ T7974] netlink: 'syz.1.512': attribute type 1 has an invalid length.
[  154.235008][ T7974] netlink: 224 bytes leftover after parsing attributes in process `syz.1.512'.
[  154.341652][  T838] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  154.355430][  T838] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  154.361087][ T6058] usb usb40-port1: attempt power cycle
[  154.365090][  T838] usb 7-1: config 0 interface 0 has no altsetting 0
[  154.368638][  T838] usb 7-1: New USB device found, idVendor=0403, idProduct=97c1, bcdDevice= 0.00
[  154.372282][  T838] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.398100][  T838] usb 7-1: config 0 descriptor??
[  154.401556][ T7959] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  154.831303][  T838] usbhid 7-1:0.0: can't add hid device: -71
[  154.833537][  T838] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  154.837248][  T838] usb 7-1: USB disconnect, device number 8
[  155.085498][ T6058] usb usb40-port1: unable to enumerate USB device
[  155.382849][ T7993] netlink: 'syz.3.517': attribute type 10 has an invalid length.
[  155.395971][ T7993] bond0: (slave bridge0): Enslaving as an active interface with a down link
[  155.546928][ T7993] infiniband syz1: set down
[  155.548545][ T7993] infiniband syz1: added syz_tun
[  155.589126][ T7993] RDS/IB: syz1: added
[  155.594375][ T7993] smc: adding ib device syz1 with port count 1
[  155.596715][ T7993] smc:    ib device syz1 port 1 has pnetid 
[  156.114051][ T8002] netdevsim netdevsim0: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  156.118032][ T8002] netdevsim netdevsim0: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  156.144551][ T8004] syz_tun: entered promiscuous mode
[  157.033204][ T8014] bridge0: port 3(syz_tun) entered disabled state
[  157.045762][ T8014] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.053484][ T8014] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.070715][   T61] lo speed is unknown, defaulting to 1000
[  157.249293][ T8014] netlink: 'syz.0.523': attribute type 16 has an invalid length.
[  157.252514][ T8014] netlink: 'syz.0.523': attribute type 17 has an invalid length.
[  157.266668][ T8014] bridge0: port 3(syz_tun) entered blocking state
[  157.268860][ T8014] bridge0: port 3(syz_tun) entered forwarding state
[  157.278110][ T8014] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  157.317251][ T8014] netlink: 6 bytes leftover after parsing attributes in process `syz.0.523'.
[  158.939797][ T8050] netlink: 16 bytes leftover after parsing attributes in process `syz.3.532'.
[  158.944759][ T8050] tipc: Started in network mode
[  158.946386][ T8050] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  158.949253][ T8050] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  159.023569][ T8060] FAULT_INJECTION: forcing a failure.
[  159.023569][ T8060] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.029937][ T8060] CPU: 0 UID: 0 PID: 8060 Comm: syz.2.535 Not tainted syzkaller #0 PREEMPT(full) 
[  159.029959][ T8060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.029969][ T8060] Call Trace:
[  159.029975][ T8060]  <TASK>
[  159.029980][ T8060]  dump_stack_lvl+0x16c/0x1f0
[  159.030009][ T8060]  should_fail_ex+0x512/0x640
[  159.030035][ T8060]  _copy_from_user+0x2e/0xd0
[  159.030062][ T8060]  get_compat_msghdr+0xa7/0x170
[  159.030085][ T8060]  ? __pfx_get_compat_msghdr+0x10/0x10
[  159.030108][ T8060]  ? __lock_acquire+0x62e/0x1ce0
[  159.030137][ T8060]  ___sys_recvmsg+0x191/0x1a0
[  159.030161][ T8060]  ? __pfx____sys_recvmsg+0x10/0x10
[  159.030186][ T8060]  ? find_held_lock+0x2b/0x80
[  159.030212][ T8060]  ? __pfx___might_resched+0x10/0x10
[  159.030235][ T8060]  do_recvmmsg+0x55d/0x750
[  159.030262][ T8060]  ? __pfx_do_recvmmsg+0x10/0x10
[  159.030300][ T8060]  ? __fget_files+0x20e/0x3c0
[  159.030317][ T8060]  ? handle_mm_fault+0x200/0xd10
[  159.030337][ T8060]  __sys_recvmmsg+0x21c/0x280
[  159.030361][ T8060]  ? __pfx___sys_recvmmsg+0x10/0x10
[  159.030387][ T8060]  ? __pfx_ksys_write+0x10/0x10
[  159.030410][ T8060]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  159.030434][ T8060]  ? lockdep_hardirqs_on+0x7c/0x110
[  159.030455][ T8060]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  159.030479][ T8060]  __do_fast_syscall_32+0x7c/0x3a0
[  159.030505][ T8060]  do_fast_syscall_32+0x32/0x80
[  159.030527][ T8060]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  159.030549][ T8060] RIP: 0023:0xf7f94579
[  159.030563][ T8060] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  159.030579][ T8060] RSP: 002b:00000000f549555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  159.030619][ T8060] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000780
[  159.030628][ T8060] RDX: 00000000ffffff81 RSI: 0000000000000002 RDI: 0000000000000000
[  159.030637][ T8060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  159.030646][ T8060] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  159.030655][ T8060] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  159.030674][ T8060]  </TASK>
[  159.526124][ T8077] netlink: 28 bytes leftover after parsing attributes in process `syz.1.542'.
[  159.533882][ T8077] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  159.543265][ T8076] tipc: Resetting bearer <eth:syzkaller0>
[  160.664861][ T4900] tipc: Node number set to 1817787867
[  160.674931][ T8076] tipc: Disabling bearer <eth:syzkaller0>
[  160.680737][ T8086] syz_tun: entered allmulticast mode
[  160.713317][ T8090] syz_tun: left allmulticast mode
[  161.128387][ T8115] 9pnet: Could not find request transport: Vd
[  161.228026][ T8118] netlink: 72 bytes leftover after parsing attributes in process `syz.0.554'.
[  161.328185][ T8122] sctp: [Deprecated]: syz.0.556 (pid 8122) Use of int in maxseg socket option.
[  161.328185][ T8122] Use struct sctp_assoc_value instead
[  161.340894][ T8122] netlink: 12 bytes leftover after parsing attributes in process `syz.0.556'.
[  161.365383][ T8122] netlink: 48 bytes leftover after parsing attributes in process `syz.0.556'.
[  161.669363][ T8128] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  162.352691][  T838] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  162.519825][  T838] usb 7-1: Using ep0 maxpacket: 16
[  162.542699][  T838] usb 7-1: unable to get BOS descriptor or descriptor too short
[  162.549140][  T838] usb 7-1: no configurations
[  162.550998][  T838] usb 7-1: can't read configurations, error -22
[  163.191316][ T8168] 9pnet_virtio: no channels available for device syz
[  163.445627][ T8176] devpts: Bad value for 'max'
[  163.475610][ T8172] netlink: 'syz.2.573': attribute type 1 has an invalid length.
[  163.477234][ T8173] netlink: 'syz.2.573': attribute type 1 has an invalid length.
[  163.492072][ T8172] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.501753][ T8173] vlan2: entered promiscuous mode
[  163.504098][ T8173] bond0: entered promiscuous mode
[  163.506522][ T8173] vlan2: entered allmulticast mode
[  163.508669][ T8173] bond0: entered allmulticast mode
[  163.522536][ T8172] bond0: (slave gretap1): making interface the new active one
[  163.526278][ T8172] gretap1: entered promiscuous mode
[  163.528782][ T8172] gretap1: entered allmulticast mode
[  163.533844][ T8172] bond0: (slave gretap1): Enslaving as an active interface with an up link
[  163.638146][ T8187] IPVS: length: 143 != 24
[  163.661025][ T8165] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  163.666650][ T8165] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  163.679491][ T8165] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  163.691022][ T8188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.575'.
[  163.699239][ T8165] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  163.703279][ T8165] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  163.710450][ T5339] ==================================================================
[  163.710590][ T8165] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  163.713066][ T5339] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0x3a/0x60
[  163.718443][ T5339] Read of size 1 at addr ffff88804fa44918 by task kworker/u33:1/5339
[  163.722698][ T5339] 
[  163.724492][ T5339] CPU: 1 UID: 0 PID: 5339 Comm: kworker/u33:1 Not tainted syzkaller #0 PREEMPT(full) 
[  163.724513][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.724523][ T5339] Workqueue: hci2 hci_rx_work
[  163.724543][ T5339] Call Trace:
[  163.724550][ T5339]  <TASK>
[  163.724555][ T5339]  dump_stack_lvl+0x116/0x1f0
[  163.724574][ T5339]  print_report+0xcd/0x630
[  163.724600][ T5339]  ? __virt_addr_valid+0x81/0x610
[  163.724617][ T5339]  ? __phys_addr+0xe8/0x180
[  163.724633][ T5339]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  163.724648][ T5339]  kasan_report+0xe0/0x110
[  163.724664][ T5339]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  163.724680][ T5339]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  163.724694][ T5339]  __kasan_check_byte+0x36/0x50
[  163.724709][ T5339]  lock_acquire+0xfc/0x350
[  163.724727][ T5339]  _raw_spin_lock_irqsave+0x3a/0x60
[  163.724740][ T5339]  ? skb_dequeue+0x20/0x180
[  163.724752][ T5339]  skb_dequeue+0x20/0x180
[  163.724763][ T5339]  hci_conn_tx_dequeue+0xe7/0x1e0
[  163.724780][ T5339]  hci_num_comp_pkts_evt+0x337/0xd10
[  163.724802][ T5339]  hci_event_packet+0xa10/0x11c0
[  163.724815][ T5339]  ? __pfx_hci_num_comp_pkts_evt+0x10/0x10
[  163.724832][ T5339]  ? __pfx_hci_event_packet+0x10/0x10
[  163.724846][ T5339]  ? kcov_remote_start+0x3c9/0x6d0
[  163.724865][ T5339]  ? lockdep_hardirqs_on+0x7c/0x110
[  163.724883][ T5339]  hci_rx_work+0x2c5/0x16b0
[  163.724897][ T5339]  ? rcu_is_watching+0x12/0xc0
[  163.724911][ T5339]  process_one_work+0x9cf/0x1b70
[  163.724932][ T5339]  ? __pfx_process_one_work+0x10/0x10
[  163.724952][ T5339]  ? assign_work+0x1a0/0x250
[  163.724969][ T5339]  worker_thread+0x6c8/0xf10
[  163.724982][ T5339]  ? __pfx_worker_thread+0x10/0x10
[  163.724999][ T5339]  kthread+0x3c5/0x780
[  163.725016][ T5339]  ? __pfx_kthread+0x10/0x10
[  163.725033][ T5339]  ? rcu_is_watching+0x12/0xc0
[  163.725046][ T5339]  ? __pfx_kthread+0x10/0x10
[  163.725062][ T5339]  ret_from_fork+0x5d4/0x6f0
[  163.725081][ T5339]  ? __pfx_kthread+0x10/0x10
[  163.725097][ T5339]  ret_from_fork_asm+0x1a/0x30
[  163.725114][ T5339]  </TASK>
[  163.725118][ T5339] 
[  163.792611][ T5339] Allocated by task 63:
[  163.793928][ T5339]  kasan_save_stack+0x33/0x60
[  163.795482][ T5339]  kasan_save_track+0x14/0x30
[  163.796972][ T5339]  __kasan_kmalloc+0xaa/0xb0
[  163.798470][ T5339]  __hci_conn_add+0x130/0x1bd0
[  163.800206][ T5339]  hci_conn_add_unset+0x6d/0x100
[  163.801933][ T5339]  hci_conn_request_evt+0x88a/0xaf0
[  163.803822][ T5339]  hci_event_packet+0xa10/0x11c0
[  163.805504][ T5339]  hci_rx_work+0x2c5/0x16b0
[  163.807370][ T5339]  process_one_work+0x9cf/0x1b70
[  163.809132][ T5339]  worker_thread+0x6c8/0xf10
[  163.810665][ T5339]  kthread+0x3c5/0x780
[  163.812058][ T5339]  ret_from_fork+0x5d4/0x6f0
[  163.813963][ T5339]  ret_from_fork_asm+0x1a/0x30
[  163.815749][ T5339] 
[  163.816551][ T5339] Freed by task 8165:
[  163.817910][ T5339]  kasan_save_stack+0x33/0x60
[  163.819654][ T5339]  kasan_save_track+0x14/0x30
[  163.821346][ T5339]  kasan_save_free_info+0x3b/0x60
[  163.823169][ T5339]  __kasan_slab_free+0x60/0x70
[  163.824839][ T5339]  kfree+0x2b4/0x4d0
[  163.826096][ T5339]  device_release+0xa4/0x240
[  163.828015][ T5339]  kobject_put+0x1e7/0x5a0
[  163.829498][ T5339]  put_device+0x1f/0x30
[  163.830832][ T5339]  hci_disconnect_all_sync.constprop.0+0x10c/0x3c0
[  163.832894][ T5339]  hci_suspend_sync+0x821/0xb20
[  163.834833][ T5339]  hci_suspend_dev+0x308/0x500
[  163.836567][ T5339]  hci_suspend_notifier+0x28d/0x2f0
[  163.838213][ T5339]  notifier_call_chain+0xbc/0x410
[  163.839884][ T5339]  blocking_notifier_call_chain_robust+0xc8/0x160
[  163.842523][ T5339]  pm_notifier_call_chain_robust+0x27/0x60
[  163.844402][ T5339]  snapshot_open+0x189/0x2b0
[  163.845885][ T5339]  misc_open+0x35a/0x420
[  163.847335][ T5339]  chrdev_open+0x234/0x6a0
[  163.848844][ T5339]  do_dentry_open+0x982/0x1530
[  163.850451][ T5339]  vfs_open+0x82/0x3f0
[  163.851809][ T5339]  path_openat+0x1de4/0x2cb0
[  163.853263][ T5339]  do_filp_open+0x20b/0x470
[  163.854715][ T5339]  do_sys_openat2+0x11b/0x1d0
[  163.856200][ T5339]  __ia32_compat_sys_openat+0x16d/0x210
[  163.857979][ T5339]  __do_fast_syscall_32+0x7c/0x3a0
[  163.859646][ T5339]  do_fast_syscall_32+0x32/0x80
[  163.861156][ T5339]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  163.863349][ T5339] 
[  163.864125][ T5339] The buggy address belongs to the object at ffff88804fa44000
[  163.864125][ T5339]  which belongs to the cache kmalloc-8k of size 8192
[  163.868483][ T5339] The buggy address is located 2328 bytes inside of
[  163.868483][ T5339]  freed 8192-byte region [ffff88804fa44000, ffff88804fa46000)
[  163.873239][ T5339] 
[  163.874126][ T5339] The buggy address belongs to the physical page:
[  163.876313][ T5339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4fa40
[  163.879268][ T5339] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  163.881881][ T5339] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  163.884234][ T5339] page_type: f5(slab)
[  163.885462][ T5339] raw: 04fff00000000040 ffff88801b843180 dead000000000122 0000000000000000
[  163.888082][ T5339] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  163.890797][ T5339] head: 04fff00000000040 ffff88801b843180 dead000000000122 0000000000000000
[  163.893465][ T5339] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  163.896128][ T5339] head: 04fff00000000003 ffffea00013e9001 00000000ffffffff 00000000ffffffff
[  163.898830][ T5339] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  163.901498][ T5339] page dumped because: kasan: bad access detected
[  163.903485][ T5339] page_owner tracks the page as allocated
[  163.905289][ T5339] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5774, tgid 5774 (S50sshd), ts 30322532674, free_ts 29317454322
[  163.911520][ T5339]  post_alloc_hook+0x1c0/0x230
[  163.913032][ T5339]  get_page_from_freelist+0x132b/0x38e0
[  163.914761][ T5339]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  163.916843][ T5339]  alloc_pages_mpol+0x1fb/0x550
[  163.918611][ T5339]  new_slab+0x247/0x330
[  163.920084][ T5339]  ___slab_alloc+0xcf2/0x1740
[  163.921645][ T5339]  __slab_alloc.constprop.0+0x56/0xb0
[  163.923340][ T5339]  __kmalloc_cache_noprof+0xfb/0x3e0
[  163.925089][ T5339]  tomoyo_init_log+0xc8a/0x2140
[  163.926504][ T5339]  tomoyo_supervisor+0x302/0x13b0
[  163.928206][ T5339]  tomoyo_env_perm+0x191/0x200
[  163.929895][ T5339]  tomoyo_find_next_domain+0xec2/0x20b0
[  163.931823][ T5339]  tomoyo_bprm_check_security+0x12e/0x1d0
[  163.933904][ T5339]  security_bprm_check+0x1b9/0x1e0
[  163.935664][ T5339]  bprm_execve+0x81a/0x1640
[  163.937062][ T5339]  do_execveat_common.isra.0+0x4a5/0x610
[  163.938845][ T5339] page last free pid 5727 tgid 5727 stack trace:
[  163.940894][ T5339]  __free_frozen_pages+0x7d5/0x10f0
[  163.942519][ T5339]  __put_partials+0x165/0x1c0
[  163.944052][ T5339]  qlist_free_all+0x4d/0x120
[  163.945509][ T5339]  kasan_quarantine_reduce+0x195/0x1e0
[  163.947237][ T5339]  __kasan_slab_alloc+0x69/0x90
[  163.948788][ T5339]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  163.950619][ T5339]  getname_flags.part.0+0x4c/0x550
[  163.952856][ T5339]  getname_flags+0x93/0xf0
[  163.954533][ T5339]  vfs_fstatat+0xe1/0xf0
[  163.956334][ T5339]  __do_sys_newfstatat+0x97/0x120
[  163.958402][ T5339]  do_syscall_64+0xcd/0x490
[  163.960147][ T5339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.962361][ T5339] 
[  163.963148][ T5339] Memory state around the buggy address:
[  163.964889][ T5339]  ffff88804fa44800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  163.967415][ T5339]  ffff88804fa44880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  163.969907][ T5339] >ffff88804fa44900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  163.972588][ T5339]                             ^
[  163.974266][ T5339]  ffff88804fa44980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  163.977239][ T5339]  ffff88804fa44a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  163.979755][ T5339] ==================================================================
[  163.982228][ T5339] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  163.984522][ T5339] CPU: 1 UID: 0 PID: 5339 Comm: kworker/u33:1 Not tainted syzkaller #0 PREEMPT(full) 
[  163.987472][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.991247][ T5339] Workqueue: hci2 hci_rx_work
[  163.993183][ T5339] Call Trace:
[  163.994646][ T5339]  <TASK>
[  163.995639][ T5339]  dump_stack_lvl+0x3d/0x1f0
[  163.997306][ T5339]  vpanic+0x6e8/0x7a0
[  163.999342][ T5339]  ? __pfx_vpanic+0x10/0x10
[  164.001209][ T5339]  ? __pfx_vprintk_emit+0x10/0x10
[  164.002933][ T5339]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  164.004612][ T5339]  panic+0xca/0xd0
[  164.005830][ T5339]  ? __pfx_panic+0x10/0x10
[  164.007289][ T5339]  ? end_report+0x4c/0x170
[  164.009111][ T5339]  ? rcu_is_watching+0x12/0xc0
[  164.010658][ T5339]  ? lock_release+0x201/0x2f0
[  164.012438][ T5339]  check_panic_on_warn+0xab/0xb0
[  164.014392][ T5339]  end_report+0x107/0x170
[  164.016070][ T5339]  kasan_report+0xee/0x110
[  164.017457][ T5339]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  164.019147][ T5339]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  164.020865][ T5339]  __kasan_check_byte+0x36/0x50
[  164.022712][ T5339]  lock_acquire+0xfc/0x350
[  164.024480][ T5339]  _raw_spin_lock_irqsave+0x3a/0x60
[  164.026520][ T5339]  ? skb_dequeue+0x20/0x180
[  164.028354][ T5339]  skb_dequeue+0x20/0x180
[  164.030099][ T5339]  hci_conn_tx_dequeue+0xe7/0x1e0
[  164.031708][ T5339]  hci_num_comp_pkts_evt+0x337/0xd10
[  164.033366][ T5339]  hci_event_packet+0xa10/0x11c0
[  164.034926][ T5339]  ? __pfx_hci_num_comp_pkts_evt+0x10/0x10
[  164.036754][ T5339]  ? __pfx_hci_event_packet+0x10/0x10
[  164.038432][ T5339]  ? kcov_remote_start+0x3c9/0x6d0
[  164.040250][ T5339]  ? lockdep_hardirqs_on+0x7c/0x110
[  164.041881][ T5339]  hci_rx_work+0x2c5/0x16b0
[  164.043310][ T5339]  ? rcu_is_watching+0x12/0xc0
[  164.044805][ T5339]  process_one_work+0x9cf/0x1b70
[  164.046443][ T5339]  ? __pfx_process_one_work+0x10/0x10
[  164.048144][ T5339]  ? assign_work+0x1a0/0x250
[  164.049629][ T5339]  worker_thread+0x6c8/0xf10
[  164.051103][ T5339]  ? __pfx_worker_thread+0x10/0x10
[  164.052713][ T5339]  kthread+0x3c5/0x780
[  164.054015][ T5339]  ? __pfx_kthread+0x10/0x10
[  164.055514][ T5339]  ? rcu_is_watching+0x12/0xc0
[  164.057014][ T5339]  ? __pfx_kthread+0x10/0x10
[  164.058491][ T5339]  ret_from_fork+0x5d4/0x6f0
[  164.060102][ T5339]  ? __pfx_kthread+0x10/0x10
[  164.061717][ T5339]  ret_from_fork_asm+0x1a/0x30
[  164.063209][ T5339]  </TASK>
[  164.065049][ T5339] Kernel Offset: disabled
[  164.066518][ T5339] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:35:32  Registers:
info registers vcpu 0

CPU#0
RAX=00000000003b19d3 RBX=0000000000000000 RCX=ffffffff8b90abf9 RDX=0000000000000000
RSI=ffffffff8de4cac1 RDI=ffffffff8c162d00 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab8290 R15=0000000000000000
RIP=ffffffff8b90975f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f51abfd2 CR3=000000004c116000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7464ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85617045 RDI=ffffffff9b0f9700 RBP=ffffffff9b0f96c0 RSP=ffffc90021c3f3f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6166343038386552
R12=0000000000000000 R13=0000000000000031 R14=ffffffff9b0f96c0 R15=ffffffff85616fe0
RIP=ffffffff8561706f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3c477e CR3=000000006c2da000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000080000000 RBX=ffff88802543d500 RCX=ffffffff8a367926 RDX=ffff8880235b2440
RSI=ffffffff8a367934 RDI=0000000000000001 RBP=0000000000000002 RSP=ffffc900034bf828
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff88802543da70 R13=0000000000000000 R14=0000000000000000 R15=ffff8880506df680
RIP=ffffffff81bb08b7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880976c3000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000556550e70000 CR3=000000006c2da000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8927ecb4 ffffffff8b877a3a 0000000200000004 0000000600040008
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000248 0000001400000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0175e00008000fff ffffff020a080006 01029032000004ba 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000008000208007c 08000a014cd40004 0000080002800201 c7080008014ab600
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 327265636e657571 65732f7665642f01 ffffffffffffffff df08028003000400
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000e800201c7 0800080143aa0073 636f72702e70756f 7267632f7570632e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 70756f7267632f2e 01ffffffffffffff ffcb080e80030fff ffffff0201080004
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffdf080c 98030e8080808004 88000c9003000484 000c8c031404000c
ZMM25=ec564b66ec564b66 ec564b66ec564b66 ec564b66ec564b66 ec564b66ec564b66 ec564b66ec564b66 ec564b66ec564b66 ec564b66ec564b66 ec564b66ec564b66
ZMM26=2c3f81982c3f8198 2c3f81982c3f8198 2c3f81982c3f8198 2c3f81982c3f8198 2c3f81982c3f8198 2c3f81982c3f8198 2c3f81982c3f8198 2c3f81982c3f8198
ZMM27=550d2aaa550d2aaa 550d2aaa550d2aaa 550d2aaa550d2aaa 550d2aaa550d2aaa 550d2aaa550d2aaa 550d2aaa550d2aaa 550d2aaa550d2aaa 550d2aaa550d2aaa
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0906000009060000 0906000009060000 0906000009060000 0906000009060000 0906000009060000 0906000009060000 0906000009060000 0906000009060000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88802b53b680 RCX=ffffffff81af2933 RDX=ffff88801debc880
RSI=ffffffff81af290d RDI=0000000000000005 RBP=ffffc9000044fd08 RSP=ffffc9000044fbc0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1cb97e6
R12=1ffff92000089f80 R13=0000000000000002 R14=0000000000000001 R15=ffffed10056a76d1
RIP=ffffffff81af290f RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f737a6bc CR3=0000000028a2e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefeffd0 Opmask01=0000000000000003 Opmask02=00000000ffff7fdf Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558e25ce3510
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f47f31f1b20
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f47f3152c80
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030323a32696368 2f326963682f6874 6f6f7465756c622f 6c6175747269762f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005600051f40494c 43055c5155484005 424b4c55554c4e53 004057005b1a0f00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 cec6108bc43972a2 0000000558e25cef 00000000000000e1 0000000000000032
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003a756b733a322e 392d3533712d6370 7276633a3174633a 554d45516e76633a
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a2939 3030322c39484349 2b35335128435064
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70627e322d33 2e36312e312d6e61 696265642d332e36
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000