last executing test programs:

2m55.164293338s ago: executing program 1 (id=1523):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000b80), r0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000640)="f3", 0x1}], 0x1)
read$msr(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000005c0), 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYBLOB="000000000000000408000a00", @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
setsockopt$packet_int(r6, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
r8 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000300), 0x10480, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x8, &(0x7f0000000340)=0x81, 0x4)
recvmmsg(r6, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x39}, 0x0, 0x1, 0x0, 0x4}, 0x0)

2m53.951421848s ago: executing program 1 (id=1532):
r0 = fsopen(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000080)=0x48)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x103)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003c0007010000000000000000010000000400fc800c00018008000600ffff0000080002800400728008000900"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002a80)=ANY=[], 0x6c}}, 0x20)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYRES32=r0, @ANYRES8=0x0], 0x7c}}, 0x4000000)
sendmsg$NFT_BATCH(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
syz_emit_ethernet(0x22, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa429e82211cf80800450200140067000002059078ac1414bbac141425"], 0x0)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_qrtr_TIOCOUTQ(r8, 0x5411, &(0x7f0000000000))
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2m52.901285732s ago: executing program 1 (id=1541):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vimc2(0xffffff9c, &(0x7f00000002c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'erspan0\x00', 0x0})
setsockopt$inet_mreqn(r0, 0x0, 0x24, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f600"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x7, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
socket$l2tp6(0xa, 0x2, 0x73)
syz_open_dev$cec(&(0x7f0000000180), 0x0, 0x52d802)
r4 = fsopen(&(0x7f0000000080)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x7, 0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x21, 0x0, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
readv(r5, &(0x7f0000000080), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0500000001000000080000000800000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000082be0752d238855233eafc300d31139db9e72e06606af6aa0f28a41bb69890197d9da13bbd07d422832cc0b3c49f48023bd8fd6d4e93da", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

2m51.951036184s ago: executing program 1 (id=1547):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700e, 0xec00)

2m51.871565424s ago: executing program 1 (id=1548):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc01cf509, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x100010, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x48}}, 0x0)
sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)={0x44, 0xa, 0x6, 0x101, 0xd000000, 0x0, {0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz2\x00'}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_LINENO={0x8}]}, 0x44}}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

2m51.549400265s ago: executing program 1 (id=1550):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x6, 0x0, 0x7fff0006}]})
mkdir(0x0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x25dfdbff, {}, [{0x90, 0x1, [@m_ct={0x44, 0x5, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000884}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f91524fc60", 0x14}], 0x1}, 0x40048820)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setrlimit(0x1e3d50de03aa3d1, &(0x7f0000000180)={0x2})
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000841, 0x0, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='btrfs\x00', 0x208000, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xc, 0x1c, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x107a655, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r7 = fsopen(&(0x7f0000000080)='gadgetfs\x00', 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x7ffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
write$cgroup_int(r4, &(0x7f0000000040)=0x1c9, 0x12)

2m51.455859487s ago: executing program 32 (id=1550):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x6, 0x0, 0x7fff0006}]})
mkdir(0x0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x25dfdbff, {}, [{0x90, 0x1, [@m_ct={0x44, 0x5, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000884}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f91524fc60", 0x14}], 0x1}, 0x40048820)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setrlimit(0x1e3d50de03aa3d1, &(0x7f0000000180)={0x2})
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000841, 0x0, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='btrfs\x00', 0x208000, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xc, 0x1c, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x107a655, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r7 = fsopen(&(0x7f0000000080)='gadgetfs\x00', 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x7ffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
write$cgroup_int(r4, &(0x7f0000000040)=0x1c9, 0x12)

7.5100809s ago: executing program 3 (id=2477):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000040006"], 0x20}}, 0x0)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000200)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x50, r2, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x2800c884}, 0x80)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000000)=0x1)
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000140)={0x0, 0x0})

7.360157348s ago: executing program 3 (id=2479):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x38, 0x1412, 0x1, 0x0, 0xf00, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x38}}, 0x4000)

7.269957198s ago: executing program 3 (id=2481):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x8b32, 0x0)
syz_io_uring_setup(0x5425, &(0x7f00000002c0)={0x0, 0x4533, 0x800, 0x4000000, 0x207}, &(0x7f0000000180)=<r0=>0x0, &(0x7f0000000340)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfe, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x8000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$pokeuser(0x6, r5, 0x118, 0x50000089)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000000200)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0xfffffffd, @loopback}, 0x1c)
recvmmsg(r6, &(0x7f00000051c0)=[{{0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000001e80)=""/77, 0x4d}], 0x1}, 0x6}], 0x1, 0x123, 0x0)

6.379198646s ago: executing program 3 (id=2484):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x3, 0x1d}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000600)=<r6=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x40002202, 0x1, {0x1}})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)

5.257709114s ago: executing program 3 (id=2491):
r0 = socket$inet6(0xa, 0x3, 0x5)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1, 0x5}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000001080)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r1, &(0x7f00000040c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=""/17, 0x11}, 0x10001}], 0x1, 0x10022, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd74)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000140), &(0x7f0000000240))
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="5b299c00", @ANYRES16=r6, @ANYBLOB="0103fcffffff000000002b0000000c0006000100000001000000"], 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r7=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r7, 0x21eae, 0x162}, [@IFLA_PROMISCUITY={0x8, 0x1e, 0x80000001}, @IFLA_ADDRESS={0xa, 0x1, @remote}, @IFLA_ALT_IFNAME={0x14, 0x35, 'syzkaller0\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000004}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00'})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r9)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x7e, &(0x7f0000000340)=ANY=[], 0x0)
recvmsg(r10, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
ioctl$SIOCSIFHWADDR(r9, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618000000008553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

4.959791877s ago: executing program 4 (id=2493):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r2)
connect$llc(0xffffffffffffffff, &(0x7f0000000340)={0x1a, 0x322, 0x0, 0x0, 0x4, 0x90, @random="48bd00"}, 0x10)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0)

4.959244542s ago: executing program 2 (id=2494):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r1, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r3 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000001140), 0x20402, 0x0)
write$P9_RXATTRCREATE(r3, 0x0, 0x12)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd74)
bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
connect$llc(0xffffffffffffffff, &(0x7f0000000340)={0x1a, 0x322, 0x0, 0x0, 0x4, 0x90, @random="48bd00"}, 0x10)
bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
r6 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r6, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
recvmmsg(r1, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)

4.328239382s ago: executing program 3 (id=2495):
r0 = fsopen(&(0x7f0000000300)='befs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000480)='iocharset', &(0x7f0000000040)='-/\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f00000000c0)='io#harset', 0x0)

4.075938825s ago: executing program 4 (id=2498):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x0, 0x0, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)={0x1d})
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f00000000c0)={0x0, 0xe39}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000340)=[@in6={0xa, 0x4e23, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3}, @in6={0xa, 0x4e21, 0x3, @remote, 0x5}], 0x38)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r7 = dup3(r6, r5, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000824000/0x2000)=nil, 0x2000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)

3.665769452s ago: executing program 0 (id=2499):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffffc0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r1, 0x0)
shutdown(r1, 0x0)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
getpeername(r2, 0x0, 0x0)

3.665444825s ago: executing program 0 (id=2500):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r0, 0xad)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYRESHEX=r0], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xc6, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f00000000c0)=0x40, 0x4)
bind$xdp(r3, &(0x7f00000001c0), 0x2a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x2, 0x7fff0002}]})
r4 = getpid()
r5 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r5, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4}})
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r6, &(0x7f0000002140)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(r6, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0x100, 0x0, {0x4, 0x0, 0x200000000e, 0xffff, 0x369, 0x7, 0x4, 0x0, 0x0, 0x6000, 0x0, r7, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r8 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r8, 0x929, 0x0)

3.039880913s ago: executing program 4 (id=2501):
mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x28102)
dup(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180)=[<r2=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000840)=[0x0], &(0x7f0000000880), 0x0, 0x1, 0x0, 0x0, r2})
prctl$PR_SET_IO_FLUSHER(0x41, 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pread64(r0, &(0x7f0000000400)=""/231, 0xe7, 0x1)
r3 = dup(0xffffffffffffffff)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0xfff, &(0x7f0000000380)={0x0, 0x1ffff9, 0x10100, 0xfffffffd, 0xd3}, &(0x7f0000000080)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {0x8230}, 0x3})
read$FUSE(r3, &(0x7f0000001500)={0x2020}, 0x2020)
io_uring_enter(r4, 0x6094, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2.759648223s ago: executing program 0 (id=2502):
r0 = memfd_create(&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaaSc\xf3]WhI\xf4\x89\x85!mPl\x90\xa5\x93\x19\f\x9a\xae\xd5a\x9bU5\x1a\x86\x9d)5y\xef\x90\xea5\x81\xfeO;\xd4zh?\xbdW\xe0\x84\xe6\x9d\xcb\xcd\xb6\xad3\x7fWY\x02\xa2\x8baG\x00\x0e\x8e/\xc1\xaf\xd0\xbcH9\x04\x00\x00\x00z\x16\xdf\xf3hLpLaA\x89n]>,^M\x82\x8e\xe40\x97_\x809y)Z\xeb\x9d\xbawv\xe9\xc0\x16\xdc\xf5\xcb\xdb\x96\xd6\xba@\xa7\x1bl\xca\xe0\x1e3\x81\xc6S\x86\xf7\xf0\xba\x1b\x14N\xa2\x04\xdb\xb5X\xe4y\xef\xe8\xdb\xd5r\x11\xfb\xe4v\xbcV\xbb\x00\x96CR\xe0~5\x16=:A2\x9c\b\xd9\xa0CB\r\xe9\xb8$\xfe\x8d\xb1Gg\xa9\xac<\xbf\x10]\b9\xd9\x89\xaf\xa6\xd1\x10\x1fq\xba\x06_NW\xdb67Xv(\xa8\xce\x1b\xe6\xbd\x947\x8f)8\xe5\xb3\xac;\x7f+\xf67\xea\x1ei\x92w-)\xa1B/M\x0e7:9\xdb~V\xb7\xd5\x13^v\x14\xe6O\xea\x00\x87\x8dkG\xdf%\xebe\x83\xb97\x01| \xb3\xd8W\xe8o\x17\x97\xd9\x14o\x92\xb9\x9a\x8c\xd7\xcf\xa2\x11\xc3\xa5\xb3\xd2\xdeQ\xa7\x05\x7f\x99Lq(\xcd\\\xa2y\x14or\x1efn\xf2\x97\x96c\xda7\t,', 0x5)
ftruncate(r0, 0x40000000) (fail_nth: 1)

2.638954419s ago: executing program 0 (id=2503):
r0 = socket$inet6(0xa, 0x3, 0x5)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1, 0x5}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000001080)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r1, &(0x7f00000040c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=""/17, 0x11}, 0x10001}], 0x1, 0x10022, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd74)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000140), &(0x7f0000000240))
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="5b299c00", @ANYRES16=r6, @ANYBLOB="0103fcffffff000000002b0000000c0006000100000001000000"], 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r7=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r7, 0x21eae, 0x162}, [@IFLA_PROMISCUITY={0x8, 0x1e, 0x80000001}, @IFLA_ADDRESS={0xa, 0x1, @remote}, @IFLA_ALT_IFNAME={0x14, 0x35, 'syzkaller0\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000004}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00'})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r9)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x7e, &(0x7f0000000340)=ANY=[], 0x0)
recvmsg(r10, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
ioctl$SIOCSIFHWADDR(r9, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618000000008553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

2.229600733s ago: executing program 2 (id=2504):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x6bcc01, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000003b810000850000007d000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000100)='sys_exit\x00', r1}, 0x10)
getgid()
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prlimit64(0xffffffffffffffff, 0xe, 0x0, 0x0)
r3 = openat$pfkey(0xffffff9c, &(0x7f0000000100), 0x80200, 0x0)
timerfd_settime(r3, 0x2, &(0x7f0000000180)={{}, {0x0, 0x989680}}, 0x0)
r4 = fanotify_init(0x200, 0x40000)
r5 = openat$rtc(0xffffff9c, &(0x7f0000000000), 0x333400, 0x0)
ioctl$RTC_WKALM_RD(r5, 0x80287010, &(0x7f0000000100))
fanotify_mark(r4, 0x201, 0x40000032, r2, 0x0)
pipe2(&(0x7f0000001cc0), 0x800)
close_range(r0, 0xffffffffffffffff, 0x0)

2.166260845s ago: executing program 4 (id=2505):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r2)
connect$llc(0xffffffffffffffff, &(0x7f0000000340)={0x1a, 0x322, 0x0, 0x0, 0x4, 0x90, @random="48bd00"}, 0x10)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x200000006c832, 0xffffffffffffffff, 0x0)

2.15730036s ago: executing program 2 (id=2506):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r3 = epoll_create(0x10001)
mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
write$vga_arbiter(r1, &(0x7f0000000040)=@other={'lock', ' ', 'io+mem'}, 0xc)
close_range(r0, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xf, 0x0, 0x7ffc1ffb}]})
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'sit0\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4)
add_key(0x0, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x30313953, 0x0, 0xa, [{}, {0x10}, {}, {0xfffffffe}, {}, {}, {0x0, 0xfffffffd}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
r5 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x9c000000, @dev={0xfe, 0x80, '\x00', 0x30}, 0x1df}}, 0x80, 0x0, 0x0, &(0x7f0000001240)=[{0x10, 0x110, 0x1, "dc"}], 0x10}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.888823365s ago: executing program 2 (id=2507):
r0 = memfd_create(&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaaSc\xf3]WhI\xf4\x89\x85!mPl\x90\xa5\x93\x19\f\x9a\xae\xd5a\x9bU5\x1a\x86\x9d)5y\xef\x90\xea5\x81\xfeO;\xd4zh?\xbdW\xe0\x84\xe6\x9d\xcb\xcd\xb6\xad3\x7fWY\x02\xa2\x8baG\x00\x0e\x8e/\xc1\xaf\xd0\xbcH9\x04\x00\x00\x00z\x16\xdf\xf3hLpLaA\x89n]>,^M\x82\x8e\xe40\x97_\x809y)Z\xeb\x9d\xbawv\xe9\xc0\x16\xdc\xf5\xcb\xdb\x96\xd6\xba@\xa7\x1bl\xca\xe0\x1e3\x81\xc6S\x86\xf7\xf0\xba\x1b\x14N\xa2\x04\xdb\xb5X\xe4y\xef\xe8\xdb\xd5r\x11\xfb\xe4v\xbcV\xbb\x00\x96CR\xe0~5\x16=:A2\x9c\b\xd9\xa0CB\r\xe9\xb8$\xfe\x8d\xb1Gg\xa9\xac<\xbf\x10]\b9\xd9\x89\xaf\xa6\xd1\x10\x1fq\xba\x06_NW\xdb67Xv(\xa8\xce\x1b\xe6\xbd\x947\x8f)8\xe5\xb3\xac;\x7f+\xf67\xea\x1ei\x92w-)\xa1B/M\x0e7:9\xdb~V\xb7\xd5\x13^v\x14\xe6O\xea\x00\x87\x8dkG\xdf%\xebe\x83\xb97\x01| \xb3\xd8W\xe8o\x17\x97\xd9\x14o\x92\xb9\x9a\x8c\xd7\xcf\xa2\x11\xc3\xa5\xb3\xd2\xdeQ\xa7\x05\x7f\x99Lq(\xcd\\\xa2y\x14or\x1efn\xf2\x97\x96c\xda7\t,', 0x5)
ftruncate(r0, 0x40000000)

1.888501934s ago: executing program 2 (id=2508):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(0xffffffffffffffff, 0xc0086401, &(0x7f0000000000)={0x4000, 0x0})
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x80000000000002)
fanotify_init(0x20, 0x800)
inotify_init1(0x0)
setresgid(0xee00, 0xee01, 0x0)
setgroups(0x0, 0x0)
setreuid(0xffffffffffffffff, 0xee01)
msgrcv(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1000)
syz_io_uring_setup(0x6011, &(0x7f0000000280)={0x0, 0x0, 0x12021, 0x8006, 0x425b}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x108, &(0x7f0000000080)=0x200, 0x0, 0x4)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_POLL_REMOVE={0x7, 0x37, 0x0, 0x0, 0x0, 0x12345})
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
accept4(r6, 0x0, 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETSTEERINGEBPF(r7, 0x800454e0, &(0x7f0000000040))

1.659770872s ago: executing program 0 (id=2509):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r0, 0xad)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYRESHEX=r0], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xc6, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f00000000c0)=0x40, 0x4)
bind$xdp(r3, &(0x7f00000001c0), 0x2a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x2, 0x7fff0002}]})
r4 = getpid()
r5 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r5, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4}})
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r6, &(0x7f0000002140)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(r6, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0x100, 0x0, {0x4, 0x0, 0x200000000e, 0xffff, 0x369, 0x7, 0x4, 0x0, 0x0, 0x6000, 0x0, r7, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r8 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r8, 0x929, 0x0)

1.266810329s ago: executing program 4 (id=2510):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000026000000000000000100000095"], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a40)=@newsa={0x140, 0x10, 0x713, 0x0, 0x0, {{@in6=@local, @in=@loopback}, {@in=@multicast1, 0x0, 0x32}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @tfcpad={0x8, 0x22, 0x1}]}, 0x140}}, 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x4})
syz_emit_ethernet(0xae, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x78, 0x3a, 0xff, @private1, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1803"}, {0x0, 0x1, "00e9ff06ffffaf64000000a2"}, {0x0, 0x1, "fe906d26efe3"}]}}}}}}, 0x0)
epoll_create1(0x0)
r4 = fsmount(0xffffffffffffffff, 0x1, 0x0)
recvmsg$kcm(r4, &(0x7f00000026c0)={&(0x7f0000000200)=@tipc, 0x80, &(0x7f0000000180)=[{&(0x7f0000000340)=""/160, 0xa0}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/96, 0x60}, {&(0x7f0000001480)=""/93, 0x5d}, {&(0x7f0000001500)=""/254, 0xfe}, {&(0x7f0000001600)=""/145, 0x91}, {&(0x7f00000016c0)=""/4096, 0x1000}], 0x7}, 0x10041)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

1.106969674s ago: executing program 4 (id=2511):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r3 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000001140), 0x20402, 0x0)
write$P9_RXATTRCREATE(r3, 0x0, 0x12)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd74)
bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
connect$llc(0xffffffffffffffff, &(0x7f0000000340)={0x1a, 0x322, 0x0, 0x0, 0x4, 0x90, @random="48bd00"}, 0x10)
bind$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
r6 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r6, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
recvmmsg(r1, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)

959.068652ms ago: executing program 2 (id=2512):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000b80), r0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000640)="f3", 0x1}], 0x1)
read$msr(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000005c0), &(0x7f0000000600)=0xc)
r6 = socket$packet(0x11, 0x2, 0x300)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYBLOB="000000000000000408000a00", @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
setsockopt$packet_int(r6, 0x107, 0x8, 0x0, 0x0)
r8 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000300), 0x10480, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x8, &(0x7f0000000340)=0x81, 0x4)
recvmmsg(r6, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x39}, 0x0, 0x1, 0x0, 0x4}, 0x0)

0s ago: executing program 0 (id=2513):
openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x6, 0x10001, 0x34324152, 0x0, 0xb, [{}, {0x10}, {0x2}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
setgroups(0x1, &(0x7f0000000300)=[0x0])
sendto$packet(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000140), 0x14)
ftruncate(0xffffffffffffffff, 0x8800000)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendto$packet(r3, &(0x7f0000000280)="0f30d9eec1935b7b88c7b9e794eed30b622f1045b921055c7647c4396d5163e532cee80669b376006dd76b9bd738da323548df98fc79d6f93ddeb57124416830e9e3307e1f0b265e1a5ebfd085281bc8169ec4976c84fb2f412c7610eb5773233ba2bc3190c6e71fc89ef6a2beb7856118b59e51e9d2f3f8128eda49531181e368413136b1b9d92068f049148c74afdcac45c8eb8c4365e0329b00d552a406c1d51262a2b2b015e10227fc7eeb03b26f23aeba362974ec2ec1202debd78dd5d388abd47708fde7941755f66aec1d", 0xce, 0x0, 0x0, 0x0)
getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000003340)=[{{0x0, 0xfffffffffffffed1, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x1, &(0x7f00000002c0)=[@rights={{0x10}}], 0x10, 0x40}}], 0x1, 0x0)
pipe(&(0x7f0000000080))

kernel console output (not intermixed with test programs):

880]  sec_pagetables:318 bounce:0
[  312.100731][T10880]  kernel_misc_reclaimable:0
[  312.100731][T10880]  free:45225 free_pcp:9267 free_cma:0
[  312.114797][T10880] Node 0 active_anon:228kB inactive_anon:360kB active_file:112kB inactive_file:956kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:964kB dirty:520kB writeback:0kB shmem:3608kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8348kB pagetables:1696kB sec_pagetables:1136kB all_unreclaimable? no Balloon:0kB
[  312.125107][T10880] Node 1 active_anon:29016kB inactive_anon:47180kB active_file:37180kB inactive_file:123380kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:97208kB dirty:2000kB writeback:0kB shmem:10596kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4864kB pagetables:5764kB sec_pagetables:136kB all_unreclaimable? no Balloon:0kB
[  312.135648][T10880] Node 0 DMA free:2100kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:564kB local_pcp:204kB free_cma:0kB
[  312.144751][T10880] lowmem_reserve[]: 0 289 289 289 289
[  312.146523][T10880] Node 0 DMA32 free:19492kB boost:10240kB min:23572kB low:26904kB high:30236kB reserved_highatomic:2048KB free_highatomic:992KB active_anon:228kB inactive_anon:360kB active_file:112kB inactive_file:956kB unevictable:3536kB writepending:520kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:12952kB local_pcp:2584kB free_cma:0kB
[  312.156514][T10880] lowmem_reserve[]: 0 0 0 0 0
[  312.158073][T10880] Node 1 DMA32 free:159308kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:560KB active_anon:33616kB inactive_anon:47180kB active_file:37180kB inactive_file:123380kB unevictable:3536kB writepending:2000kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:15360kB local_pcp:1236kB free_cma:0kB
[  312.168139][T10880] lowmem_reserve[]: 0 0 0 0 0
[  312.169649][T10880] Node 0 DMA: 63*4kB (UM) 21*8kB (UM) 15*16kB (UM) 3*32kB (UM) 1*64kB (M) 0*128kB 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2100kB
[  312.175956][T10880] Node 0 DMA32: 319*4kB (UMH) 338*8kB (UMH) 178*16kB (UMEH) 63*32kB (UMH) 56*64kB (UMH) 21*128kB (UMH) 9*256kB (UM) 4*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 19468kB
[  312.181160][T10880] Node 1 DMA32: 1469*4kB (UME) 1102*8kB (UMEH) 429*16kB (UMEH) 497*32kB (UMEH) 311*64kB (UMEH) 153*128kB (UME) 79*256kB (UME) 38*512kB (UME) 26*1024kB (UM) 5*2048kB (UM) 1*4096kB (M) = 157588kB
[  312.187257][T10880] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  312.190182][T10880] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  312.194277][T10880] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  312.197244][T10880] Node 1 hugepages_total=8 hugepages_free=2 hugepages_surp=4 hugepages_size=2048kB
[  312.200115][T10880] 46054 total pagecache pages
[  312.201589][T10880] 425 pages in swap cache
[  312.203374][T10880] Free swap  = 120140kB
[  312.204812][T10880] Total swap = 124996kB
[  312.206252][T10880] 524155 pages RAM
[  312.207440][T10880] 0 pages HighMem/MovableOnly
[  312.208932][T10880] 209033 pages reserved
[  312.210242][T10880] 0 pages cma reserved
[  312.279315][T10887] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.283007][T10887] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.288863][ T5942] Bluetooth: hci3: unexpected event for opcode 0x0c1b
[  312.562331][T10889] 9pnet_virtio: no channels available for device ./file0/file0
[  312.770677][T10891] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1213'.
[  312.814688][T10891] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1213'.
[  313.379971][T10911] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1220'.
[  313.908663][T10926] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1225'.
[  313.921716][T10926] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  313.930991][T10926] macvtap1: entered promiscuous mode
[  313.938495][T10926] mac80211_hwsim hwsim3 wlan1: left promiscuous mode
[  314.881817][ T5942] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  315.686765][T10996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  315.691053][T10996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  316.034357][T11003] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1244'.
[  316.091894][ T5942] Bluetooth: hci3: unexpected event for opcode 0x0c46
[  316.566129][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  316.568170][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  317.005651][T11037] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1257'.
[  318.079200][T11079] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1267'.
[  318.099396][T11081] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1268'.
[  318.147142][ T5942] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  320.154817][T11130] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1281'.
[  320.224605][T11139] random: crng reseeded on system resumption
[  320.792539][T11144] dvmrp1: entered allmulticast mode
[  321.149333][T11154] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1290'.
[  321.190273][T11160] FAULT_INJECTION: forcing a failure.
[  321.190273][T11160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.210207][T11160] CPU: 2 UID: 0 PID: 11160 Comm: syz.1.1291 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  321.210250][T11160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  321.210262][T11160] Call Trace:
[  321.210268][T11160]  <TASK>
[  321.210276][T11160]  dump_stack_lvl+0x16c/0x1f0
[  321.210306][T11160]  should_fail_ex+0x512/0x640
[  321.210337][T11160]  _copy_from_user+0x2e/0xd0
[  321.210356][T11160]  get_compat_msghdr+0xa7/0x170
[  321.210382][T11160]  ? __pfx_get_compat_msghdr+0x10/0x10
[  321.210416][T11160]  ___sys_sendmsg+0x1ae/0x1d0
[  321.210443][T11160]  ? __pfx____sys_sendmsg+0x10/0x10
[  321.210479][T11160]  ? find_held_lock+0x2b/0x80
[  321.210521][T11160]  __sys_sendmsg+0x16d/0x220
[  321.210545][T11160]  ? __pfx___sys_sendmsg+0x10/0x10
[  321.210581][T11160]  ? rcu_is_watching+0x12/0xc0
[  321.210610][T11160]  __do_fast_syscall_32+0x7c/0x3a0
[  321.210637][T11160]  do_fast_syscall_32+0x32/0x80
[  321.210661][T11160]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  321.210682][T11160] RIP: 0023:0xf7ff1579
[  321.210696][T11160] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  321.210712][T11160] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  321.210730][T11160] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[  321.210741][T11160] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  321.210751][T11160] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  321.210761][T11160] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  321.210772][T11160] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  321.210796][T11160]  </TASK>
[  321.383357][T11166] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  321.428137][T11161] Trying to write to read-only block-device nullb0
[  321.579627][T11173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1297'.
[  321.861557][T11185] syzkaller0: tun_chr_ioctl cmd 1074025676
[  321.863559][T11185] syzkaller0: owner set to 1
[  322.094147][T11197] netlink: 'syz.0.1304': attribute type 2 has an invalid length.
[  322.307653][T11202] input: syz1 as /devices/virtual/input/input105
[  322.338616][T11202] overlayfs: failed to resolve './file0': -2
[  322.645126][T11209] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1307'.
[  322.767763][T11211] autofs4:pid:11211:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  323.538793][T11230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1315'.
[  323.550830][T11230] ip6erspan0: entered promiscuous mode
[  324.169273][T11239] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1319'.
[  325.085941][T11275] overlayfs: failed to clone upperpath
[  325.136610][T11277] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1330'.
[  325.141548][T11277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1330'.
[  325.234248][T11284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  325.238131][T11284] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  325.250157][T11284] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  325.254073][T11284] IPv6: NLM_F_CREATE should be set when creating new route
[  325.259881][T11286] overlayfs: failed to clone upperpath
[  325.685568][T11292] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1335'.
[  326.294347][T11314] netlink: 412 bytes leftover after parsing attributes in process `syz.0.1338'.
[  326.299776][T11314] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1338'.
[  326.622459][T11317] FAULT_INJECTION: forcing a failure.
[  326.622459][T11317] name failslab, interval 1, probability 0, space 0, times 0
[  326.628019][T11317] CPU: 0 UID: 0 PID: 11317 Comm: syz.1.1339 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  326.628056][T11317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  326.628067][T11317] Call Trace:
[  326.628074][T11317]  <TASK>
[  326.628081][T11317]  dump_stack_lvl+0x16c/0x1f0
[  326.628108][T11317]  should_fail_ex+0x512/0x640
[  326.628134][T11317]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  326.628156][T11317]  should_failslab+0xc2/0x120
[  326.628181][T11317]  __kmalloc_cache_noprof+0x6a/0x3e0
[  326.628201][T11317]  ? copy_mount_options+0x55/0x190
[  326.628230][T11317]  copy_mount_options+0x55/0x190
[  326.628257][T11317]  __ia32_sys_mount+0x1ac/0x310
[  326.628282][T11317]  ? __pfx___ia32_sys_mount+0x10/0x10
[  326.628308][T11317]  ? rcu_is_watching+0x12/0xc0
[  326.628336][T11317]  __do_fast_syscall_32+0x7c/0x3a0
[  326.628363][T11317]  do_fast_syscall_32+0x32/0x80
[  326.628387][T11317]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  326.628408][T11317] RIP: 0023:0xf7ff1579
[  326.628421][T11317] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  326.628438][T11317] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  326.628497][T11317] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000100
[  326.628509][T11317] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000080000300
[  326.628520][T11317] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  326.628530][T11317] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  326.628540][T11317] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  326.628563][T11317]  </TASK>
[  327.533541][T11354] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1345'.
[  327.542173][T11354] netlink: zone id is out of range
[  327.548641][T11354] netlink: zone id is out of range
[  327.554527][T11354] netlink: get zone limit has 8 unknown bytes
[  327.931852][T11361] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1347'.
[  328.926650][T11376] tmpfs: Unknown parameter 'c©Îlocks'
[  328.945554][T11382] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  329.192215][T11410] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  329.193327][T11410] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  329.516034][T11423] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  330.305385][T11429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1370'.
[  330.308667][T11429] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1370'.
[  330.342513][T11429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1370'.
[  331.389279][T11476] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  331.462042][T11481] lo: entered allmulticast mode
[  331.468672][T11481] lo: left allmulticast mode
[  331.471258][T11483] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1387'.
[  331.736835][T11490] netlink: 356 bytes leftover after parsing attributes in process `syz.2.1389'.
[  332.707098][T11508] nvme_fabrics: missing parameter 'transport=%s'
[  332.710218][T11508] nvme_fabrics: missing parameter 'nqn=%s'
[  337.277020][T11599] random: crng reseeded on system resumption
[  337.687076][T11597] wireguard1: entered promiscuous mode
[  337.692861][T11597] wireguard1: entered allmulticast mode
[  338.293432][T11614] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1422'.
[  338.397348][T11621] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1425'.
[  340.669152][T11672] syz.0.1437 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  340.836866][T11676] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  341.300203][ T5949] Bluetooth: hci3: unexpected event for opcode 0x6e2f
[  341.584299][T11688] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  342.142983][T11699] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1449'.
[  342.997050][ T5949] Bluetooth: hci1: unexpected event for opcode 0x6e46
[  343.016505][T11717] overlayfs: failed to clone upperpath
[  343.401373][T11732] serio: Serial port ptm0
[  343.933988][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  343.934004][   T40] audit: type=1804 audit(1748809645.215:77): pid=11730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1455" name="/newroot/355/file0/file0" dev="9p" ino=36047750 res=1 errno=0
[  344.241656][ T5949] Bluetooth: hci2: unexpected event for opcode 0x6e46
[  344.330026][T11757] netlink: 'syz.2.1467': attribute type 1 has an invalid length.
[  344.347347][T11757] 8021q: adding VLAN 0 to HW filter on device bond2
[  344.382467][T11757] bond2: (slave gretap1): making interface the new active one
[  344.387110][T11757] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  344.490548][T11767] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1465'.
[  345.376385][T11781] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.409063][ T5949] Bluetooth: hci1: unexpected event for opcode 0x6e46
[  345.429261][   T10] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  345.431956][T11787] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.433519][   T10] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  345.488567][T11781] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.647349][ T8471] wlan1: authenticated
[  345.772495][   T12] wlan1: associate with 08:02:11:00:00:00 (try 1/3)
[  345.776635][   T12] wlan1: associate with 08:02:11:00:00:00 (try 2/3)
[  345.779628][   T12] wlan1: associate with 08:02:11:00:00:00 (try 3/3)
[  345.782529][   T12] wlan1: association with 08:02:11:00:00:00 timed out
[  346.412901][T11809] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1478'.
[  346.418214][T11809] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  346.884397][T11818] netlink: 'syz.2.1480': attribute type 1 has an invalid length.
[  347.096475][T11822] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1481'.
[  351.264361][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1502'.
[  351.483071][T11913] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1504'.
[  351.719525][T11928] overlayfs: failed to clone upperpath
[  352.645061][T11949] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1514'.
[  353.239695][T11968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1520'.
[  353.675842][T11985] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1525'.
[  354.654505][T12002] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1530'.
[  354.917962][T12014] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1535'.
[  355.170294][T12010] : entered promiscuous mode
[  355.239290][T12021] xt_CT: No such helper "pptp"
[  356.715312][T12065] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1546'.
[  356.928783][ T5979] usb 6-1: USB disconnect, device number 3
[  356.968972][   T40] audit: type=1326 audit(1748809658.865:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  356.980949][   T40] audit: type=1326 audit(1748809658.865:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  356.991105][   T40] audit: type=1326 audit(1748809658.875:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf703e579 code=0x7ffc0000
[  356.997848][   T40] audit: type=1326 audit(1748809658.875:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  357.006308][   T40] audit: type=1326 audit(1748809658.875:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000
[  357.013111][   T40] audit: type=1326 audit(1748809658.875:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf703e579 code=0x7ffc0000
[  357.019705][   T40] audit: type=1326 audit(1748809658.875:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000
[  357.026456][   T40] audit: type=1326 audit(1748809658.875:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000
[  357.033722][   T40] audit: type=1326 audit(1748809658.875:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000
[  357.040313][   T40] audit: type=1326 audit(1748809658.875:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12077 comm="syz.2.1549" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000
[  357.421296][ T5942] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  357.426966][ T5942] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  357.432951][ T5942] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  357.441503][ T5942] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  357.445355][ T5942] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  357.665795][T12093] chnl_net:caif_netlink_parms(): no params data found
[  357.810778][T12093] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.814780][T12093] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.817118][T12093] bridge_slave_0: entered allmulticast mode
[  357.819806][T12093] bridge_slave_0: entered promiscuous mode
[  357.833238][T12093] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.835514][T12093] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.837772][T12093] bridge_slave_1: entered allmulticast mode
[  357.840370][T12093] bridge_slave_1: entered promiscuous mode
[  357.859028][T12113] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1555'.
[  357.882299][T12093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  357.888485][T12093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  357.914401][T12115] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  357.917281][T12115] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  357.958075][T12093] team0: Port device team_slave_0 added
[  357.966665][T12093] team0: Port device team_slave_1 added
[  358.001548][T12093] batman_adv: batadv0: Adding interface: batadv_slave_0
[  358.004565][T12093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  358.013107][T12093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  358.017419][T12093] batman_adv: batadv0: Adding interface: batadv_slave_1
[  358.019577][T12093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  358.028217][T12093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  358.070079][T12093] hsr_slave_0: entered promiscuous mode
[  358.072302][T12093] hsr_slave_1: entered promiscuous mode
[  358.074489][T12093] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  358.076864][T12093] Cannot create hsr debugfs directory
[  358.239454][T12093] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  358.244430][T12093] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  358.249987][T12093] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  358.254172][T12093] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  358.270311][T12093] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.272560][T12093] bridge0: port 2(bridge_slave_1) entered forwarding state
[  358.274937][T12093] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.277104][T12093] bridge0: port 1(bridge_slave_0) entered forwarding state
[  358.311830][T12093] 8021q: adding VLAN 0 to HW filter on device bond0
[  358.321025][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.341857][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.362597][T12093] 8021q: adding VLAN 0 to HW filter on device team0
[  358.383186][ T8471] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.386247][ T8471] bridge0: port 1(bridge_slave_0) entered forwarding state
[  358.396020][ T8471] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.400031][ T8471] bridge0: port 2(bridge_slave_1) entered forwarding state
[  358.431771][T12093] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  358.435996][T12093] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  358.588793][T12093] 8021q: adding VLAN 0 to HW filter on device batadv0
[  358.774225][T12093] veth0_vlan: entered promiscuous mode
[  358.791143][T12093] veth1_vlan: entered promiscuous mode
[  358.808455][T12093] veth0_macvtap: entered promiscuous mode
[  358.812195][T12093] veth1_macvtap: entered promiscuous mode
[  358.821453][T12093] batman_adv: batadv0: Interface activated: batadv_slave_0
[  358.826631][T12093] batman_adv: batadv0: Interface activated: batadv_slave_1
[  358.830568][T12093] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  358.833437][T12093] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  358.836084][T12093] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  358.838711][T12093] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.901004][ T8471] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.909666][ T8471] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.921900][ T8471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.927331][ T8471] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.959521][T12143] fuse: Unknown parameter ''
[  359.096735][T12152] Cannot find set identified by id 0 to match
[  359.101048][T12152] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  359.114875][T12154] fuse: Unknown parameter 'J'
[  359.452852][ T1464] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  359.522944][ T5949] Bluetooth: hci0: command tx timeout
[  359.604359][ T1464] usb 9-1: too many configurations: 151, using maximum allowed: 8
[  359.631630][ T1464] usb 9-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[  359.634994][ T1464] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[  359.637703][ T1464] usb 9-1: Product: syz
[  359.639049][ T1464] usb 9-1: Manufacturer: syz
[  359.640758][ T1464] usb 9-1: SerialNumber: syz
[  359.647063][ T1464] usb 9-1: config 0 descriptor??
[  361.602928][ T5949] Bluetooth: hci0: command tx timeout
[  362.051866][T12167] Set syz1 is full, maxelem 65536 reached
[  362.105453][ T1464] usb 9-1: USB disconnect, device number 2
[  362.996756][T12234] tmpfs: Unknown parameter 'nr_inod[+¥ÃÉz'
[  363.724941][T12244] FAULT_INJECTION: forcing a failure.
[  363.724941][T12244] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.728872][T12244] CPU: 1 UID: 0 PID: 12244 Comm: syz.0.1581 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  363.728898][T12244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  363.728906][T12244] Call Trace:
[  363.728910][T12244]  <TASK>
[  363.728915][T12244]  dump_stack_lvl+0x16c/0x1f0
[  363.728934][T12244]  should_fail_ex+0x512/0x640
[  363.728953][T12244]  _copy_from_user+0x2e/0xd0
[  363.728965][T12244]  get_compat_msghdr+0xa7/0x170
[  363.728982][T12244]  ? __pfx_get_compat_msghdr+0x10/0x10
[  363.729001][T12244]  ? rcu_preempt_deferred_qs_irqrestore+0x4f5/0xbc0
[  363.729017][T12244]  ___sys_sendmsg+0x1ae/0x1d0
[  363.729033][T12244]  ? __pfx____sys_sendmsg+0x10/0x10
[  363.729054][T12244]  ? find_held_lock+0x2b/0x80
[  363.729078][T12244]  __sys_sendmsg+0x16d/0x220
[  363.729093][T12244]  ? __pfx___sys_sendmsg+0x10/0x10
[  363.729113][T12244]  ? rcu_is_watching+0x12/0xc0
[  363.729131][T12244]  __do_fast_syscall_32+0x7c/0x3a0
[  363.729147][T12244]  do_fast_syscall_32+0x32/0x80
[  363.729163][T12244]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  363.729177][T12244] RIP: 0023:0xf70ce579
[  363.729186][T12244] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  363.729196][T12244] RSP: 002b:00000000f507c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  363.729207][T12244] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000800012c0
[  363.729213][T12244] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  363.729220][T12244] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  363.729226][T12244] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  363.729232][T12244] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  363.729245][T12244]  </TASK>
[  363.773382][ T5949] Bluetooth: hci0: command tx timeout
[  364.017548][T12254] overlayfs: failed to clone upperpath
[  364.237660][T12260] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.420739][T12260] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.556630][T12260] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.623464][T12260] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.763818][T12260] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  364.791050][T12260] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  364.832416][T12260] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  364.852527][T12260] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  365.842975][ T5949] Bluetooth: hci0: command tx timeout
[  366.359422][T12308] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input108
[  366.819920][T12328] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1600'.
[  367.252752][T12346] FAULT_INJECTION: forcing a failure.
[  367.252752][T12346] name failslab, interval 1, probability 0, space 0, times 0
[  367.257048][T12346] CPU: 3 UID: 0 PID: 12346 Comm: syz.0.1607 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  367.257063][T12346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  367.257070][T12346] Call Trace:
[  367.257074][T12346]  <TASK>
[  367.257079][T12346]  dump_stack_lvl+0x16c/0x1f0
[  367.257097][T12346]  should_fail_ex+0x512/0x640
[  367.257114][T12346]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  367.257131][T12346]  should_failslab+0xc2/0x120
[  367.257147][T12346]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  367.257160][T12346]  ? find_held_lock+0x2b/0x80
[  367.257176][T12346]  ? __d_alloc+0x31/0xaa0
[  367.257193][T12346]  __d_alloc+0x31/0xaa0
[  367.257206][T12346]  ? __d_lookup+0x266/0x4a0
[  367.257217][T12346]  d_alloc+0x4a/0x1e0
[  367.257232][T12346]  lookup_one_qstr_excl_raw.part.0+0x96/0x160
[  367.257249][T12346]  ? lookup_dcache+0x66/0x170
[  367.257266][T12346]  lookup_one_qstr_excl+0x3e/0x120
[  367.257285][T12346]  filename_create+0x1e7/0x4a0
[  367.257297][T12346]  ? __pfx_filename_create+0x10/0x10
[  367.257311][T12346]  ? __might_fault+0xe3/0x190
[  367.257324][T12346]  ? __might_fault+0xe3/0x190
[  367.257336][T12346]  ? __might_fault+0x13b/0x190
[  367.257351][T12346]  do_mknodat+0x18a/0x5d0
[  367.257365][T12346]  ? __pfx_do_mknodat+0x10/0x10
[  367.257377][T12346]  ? getname_flags.part.0+0x1c5/0x550
[  367.257397][T12346]  __ia32_sys_mknodat+0xaa/0xe0
[  367.257411][T12346]  __do_fast_syscall_32+0x7c/0x3a0
[  367.257428][T12346]  do_fast_syscall_32+0x32/0x80
[  367.257442][T12346]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  367.257456][T12346] RIP: 0023:0xf70ce579
[  367.257465][T12346] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  367.257476][T12346] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000129
[  367.257486][T12346] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000180
[  367.257492][T12346] RDX: 0000000000000000 RSI: 0000000000000103 RDI: 0000000000000000
[  367.257498][T12346] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  367.257504][T12346] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  367.257510][T12346] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  367.257524][T12346]  </TASK>
[  368.425467][T12379] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.1616'.
[  368.683349][ T5949] Bluetooth: hci2: unexpected event for opcode 0x0c47
[  369.446158][T12418] trusted_key: encrypted_key: insufficient parameters specified
[  369.751664][T12425] fuse: Unknown parameter 'user_id00000000000000000000'
[  369.795223][T12431] IPv6: NLM_F_CREATE should be specified when creating new route
[  369.849697][ T5949] Bluetooth: hci3: unexpected event 0x09 length: 17 > 3
[  370.489612][T12468] wireguard0: entered promiscuous mode
[  370.495655][T12468] wireguard0: entered allmulticast mode
[  372.220458][T12512] FAULT_INJECTION: forcing a failure.
[  372.220458][T12512] name failslab, interval 1, probability 0, space 0, times 0
[  372.224559][T12512] CPU: 0 UID: 0 PID: 12512 Comm: syz.3.1651 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  372.224576][T12512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  372.224583][T12512] Call Trace:
[  372.224587][T12512]  <TASK>
[  372.224591][T12512]  dump_stack_lvl+0x16c/0x1f0
[  372.224611][T12512]  should_fail_ex+0x512/0x640
[  372.224629][T12512]  ? fs_reclaim_acquire+0xae/0x150
[  372.224641][T12512]  ? tomoyo_encode2+0x100/0x3e0
[  372.224656][T12512]  should_failslab+0xc2/0x120
[  372.224672][T12512]  __kmalloc_noprof+0xd2/0x510
[  372.224685][T12512]  ? d_absolute_path+0x136/0x1a0
[  372.224704][T12512]  tomoyo_encode2+0x100/0x3e0
[  372.224721][T12512]  tomoyo_encode+0x29/0x50
[  372.224736][T12512]  tomoyo_realpath_from_path+0x18f/0x6e0
[  372.224756][T12512]  tomoyo_path_number_perm+0x245/0x580
[  372.224769][T12512]  ? tomoyo_path_number_perm+0x237/0x580
[  372.224784][T12512]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  372.224813][T12512]  ? find_held_lock+0x2b/0x80
[  372.224828][T12512]  ? hook_file_ioctl_common+0x145/0x410
[  372.224844][T12512]  ? __fget_files+0x20e/0x3c0
[  372.224856][T12512]  ? fput+0x10/0xf0
[  372.224874][T12512]  security_file_ioctl_compat+0x9b/0x240
[  372.224890][T12512]  __ia32_compat_sys_ioctl+0xc3/0x370
[  372.224902][T12512]  __do_fast_syscall_32+0x7c/0x3a0
[  372.224921][T12512]  do_fast_syscall_32+0x32/0x80
[  372.224936][T12512]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  372.224950][T12512] RIP: 0023:0xf710e579
[  372.224958][T12512] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  372.224969][T12512] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  372.224980][T12512] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000004b72
[  372.224986][T12512] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  372.224993][T12512] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  372.224998][T12512] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  372.225004][T12512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  372.225018][T12512]  </TASK>
[  372.225434][T12512] ERROR: Out of memory at tomoyo_realpath_from_path.
[  372.334735][T12516] netlink: 244 bytes leftover after parsing attributes in process `syz.3.1652'.
[  372.723787][ T5949] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  372.727385][ T5949] Bluetooth: hci2: Injecting HCI hardware error event
[  372.730458][ T5942] Bluetooth: hci2: hardware error 0x00
[  374.088625][T12544] 
: renamed from bond0 (while UP)
[  374.351070][T12548] lo speed is unknown, defaulting to 1000
[  374.356339][T12548] lo speed is unknown, defaulting to 1000
[  374.359749][T12548] lo speed is unknown, defaulting to 1000
[  374.458574][T12548] infiniband s
z1: set active
[  374.461561][ T7167] lo speed is unknown, defaulting to 1000
[  374.463728][T12548] infiniband s
z1: added lo
[  374.487942][T12548] RDS/IB: s
z1: added
[  374.489890][T12548] smc: adding ib device s
z1 with port count 1
[  374.492681][T12548] smc:    ib device s
z1 port 1 has pnetid 
[  374.496193][ T7167] lo speed is unknown, defaulting to 1000
[  374.499777][T12548] lo speed is unknown, defaulting to 1000
[  374.599358][T12548] lo speed is unknown, defaulting to 1000
[  374.622866][    T9] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  374.702584][T12548] lo speed is unknown, defaulting to 1000
[  374.774544][    T9] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  374.780094][    T9] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  374.784726][    T9] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  374.787957][    T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.790336][T12548] lo speed is unknown, defaulting to 1000
[  374.796010][T12549] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  374.802022][    T9] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  374.803019][ T5942] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  374.939765][T12548] lo speed is unknown, defaulting to 1000
[  375.035326][ T7167] usb 9-1: USB disconnect, device number 3
[  375.237889][T12574] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1669'.
[  375.237956][T12575] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1669'.
[  375.356679][T12576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1668'.
[  375.362650][T12576] netlink: 'syz.0.1668': attribute type 10 has an invalid length.
[  375.375403][T12576] 8021q: adding VLAN 0 to HW filter on device 

[  375.381735][T12576] 
: (slave wlan1): Enslaving as an active interface with an up link
[  375.494032][T12586] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  375.496445][T12586] IPv6: NLM_F_CREATE should be set when creating new route
[  375.498824][T12586] IPv6: NLM_F_CREATE should be set when creating new route
[  375.884442][T12600] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  375.884979][T12598] IPVS: stopping backup sync thread 12600 ...
[  376.808881][T12617] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1680'.
[  376.822654][T12617] lo speed is unknown, defaulting to 1000
[  377.082865][ T5979] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  377.252851][ T5979] usb 9-1: Using ep0 maxpacket: 32
[  377.258183][ T5979] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  377.264561][ T5979] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  377.267575][ T5979] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  377.270274][ T5979] usb 9-1: Product: syz
[  377.271759][ T5979] usb 9-1: Manufacturer: syz
[  377.273599][ T5979] usb 9-1: SerialNumber: syz
[  377.282239][ T5979] usb 9-1: config 0 descriptor??
[  377.285976][T12613] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  377.294068][ T5979] hub 9-1:0.0: bad descriptor, ignoring hub
[  377.296192][ T5979] hub 9-1:0.0: probe with driver hub failed with error -5
[  377.603702][ T5979] usb 9-1: USB disconnect, device number 4
[  377.665717][T12640] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  377.771673][T12648] 9pnet_virtio: no channels available for device ./file0/file0
[  378.019016][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  378.021179][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  378.023679][ T1465] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  378.031982][T12650] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1689'.
[  378.714817][T12675] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  378.722830][ T5942] Bluetooth: hci0: command tx timeout
[  378.904993][T12685] overlayfs: missing 'lowerdir'
[  380.028318][T12709] tmpfs: Bad value for 'mpol'
[  380.082083][T12714] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  380.385310][T12729] can0: slcan on ttyS3.
[  380.473115][T12729] can0 (unregistered): slcan off ttyS3.
[  381.467882][T12770] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1714'.
[  381.823733][T12774] Bluetooth: MGMT ver 1.23
[  382.363274][T12790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  382.366157][T12790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  382.458384][T12796] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1725'.
[  383.049490][T12807] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1728'.
[  383.345071][T12818] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1732'.
[  383.597917][T12825] sp0: Synchronizing with TNC
[  383.798195][T12832] Invalid source name
[  383.799702][T12832] UBIFS error (pid: 12832): cannot open "./file0", error -22
[  383.905264][T12837] block device autoloading is deprecated and will be removed.
[  383.918067][T12834] trusted_key: encrypted_key: insufficient parameters specified
[  383.920876][T12834] trusted_key: encrypted_key: insufficient parameters specified
[  384.067961][T12841] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1739'.
[  384.729188][T12861] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1745'.
[  387.195626][T12925] fuseblk: Bad value for 'fd'
[  387.486222][T12928] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  387.493229][T12928] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  387.497129][T12928] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  387.499895][T12928] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  387.511950][T12928] geneve2: entered promiscuous mode
[  387.515416][T12928] geneve2: entered allmulticast mode
[  387.531868][T12927] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1761'.
[  387.537039][T12927] netlink: 'syz.2.1761': attribute type 2 has an invalid length.
[  387.836833][T12935] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.1763'.
[  389.520920][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[  389.527547][   T60] Bluetooth: hci4: Frame reassembly failed (-84)
[  389.897462][T12976] warn_alloc: 1 callbacks suppressed
[  389.897473][T12976] syz.0.1776: vmalloc error: size 34359742464, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  389.904366][T12976] CPU: 1 UID: 0 PID: 12976 Comm: syz.0.1776 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  389.904382][T12976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  389.904390][T12976] Call Trace:
[  389.904394][T12976]  <TASK>
[  389.904400][T12976]  dump_stack_lvl+0x16c/0x1f0
[  389.904419][T12976]  warn_alloc+0x248/0x3a0
[  389.904436][T12976]  ? __pfx_warn_alloc+0x10/0x10
[  389.904450][T12976]  ? __pfx_stack_trace_save+0x10/0x10
[  389.904469][T12976]  ? stack_depot_save_flags+0x28/0xa40
[  389.904490][T12976]  ? kasan_save_stack+0x42/0x60
[  389.904504][T12976]  ? kasan_save_stack+0x33/0x60
[  389.904517][T12976]  ? kasan_save_track+0x14/0x30
[  389.904530][T12976]  ? xskq_create+0x52/0x1d0
[  389.904542][T12976]  ? xsk_setsockopt+0x684/0x840
[  389.904552][T12976]  ? do_sock_setsockopt+0x221/0x470
[  389.904572][T12976]  ? xskq_create+0xfb/0x1d0
[  389.904584][T12976]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  389.904602][T12976]  ? xskq_create+0xfb/0x1d0
[  389.904617][T12976]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  389.904634][T12976]  ? xskq_create+0xfb/0x1d0
[  389.904646][T12976]  vmalloc_user_noprof+0x9e/0xe0
[  389.904658][T12976]  ? xskq_create+0xfb/0x1d0
[  389.904671][T12976]  xskq_create+0xfb/0x1d0
[  389.904684][T12976]  xsk_setsockopt+0x684/0x840
[  389.904697][T12976]  ? __pfx_xsk_setsockopt+0x10/0x10
[  389.904708][T12976]  ? __pfx_aa_sk_perm+0x10/0x10
[  389.904724][T12976]  ? errseq_sample+0x53/0x70
[  389.904737][T12976]  ? __pfx_xsk_setsockopt+0x10/0x10
[  389.904749][T12976]  do_sock_setsockopt+0x221/0x470
[  389.904766][T12976]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  389.904792][T12976]  __sys_setsockopt+0x120/0x1a0
[  389.904809][T12976]  __ia32_sys_setsockopt+0xbc/0x160
[  389.904823][T12976]  ? lockdep_hardirqs_on+0x7c/0x110
[  389.904837][T12976]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  389.904853][T12976]  __do_fast_syscall_32+0x7c/0x3a0
[  389.904869][T12976]  do_fast_syscall_32+0x32/0x80
[  389.904885][T12976]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  389.904899][T12976] RIP: 0023:0xf70ce579
[  389.904908][T12976] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  389.904918][T12976] RSP: 002b:00000000f50be55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  389.904929][T12976] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000011b
[  389.904935][T12976] RDX: 0000000000000002 RSI: 0000000080000080 RDI: 0000000000000020
[  389.904942][T12976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  389.904948][T12976] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  389.904954][T12976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  389.904967][T12976]  </TASK>
[  389.904971][T12976] Mem-Info:
[  389.994280][T12976] active_anon:6486 inactive_anon:10630 isolated_anon:0
[  389.994280][T12976]  active_file:11360 inactive_file:28897 isolated_file:0
[  389.994280][T12976]  unevictable:1768 dirty:47 writeback:0
[  389.994280][T12976]  slab_reclaimable:6536 slab_unreclaimable:63381
[  389.994280][T12976]  mapped:23465 shmem:2400 pagetables:1707
[  389.994280][T12976]  sec_pagetables:323 bounce:0
[  389.994280][T12976]  kernel_misc_reclaimable:0
[  389.994280][T12976]  free:48418 free_pcp:892 free_cma:0
[  390.008121][T12976] Node 0 active_anon:1328kB inactive_anon:592kB active_file:0kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:876kB dirty:0kB writeback:0kB shmem:3592kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8600kB pagetables:2100kB sec_pagetables:1140kB all_unreclaimable? no Balloon:0kB
[  390.021702][T12976] Node 1 active_anon:24876kB inactive_anon:41856kB active_file:45440kB inactive_file:115580kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:92968kB dirty:188kB writeback:0kB shmem:6008kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4724kB pagetables:4728kB sec_pagetables:152kB all_unreclaimable? no Balloon:0kB
[  390.032062][T12976] Node 0 DMA free:2616kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  390.042365][T12976] lowmem_reserve[]: 0 289 289 289 289
[  390.044088][   T40] kauditd_printk_skb: 6667 callbacks suppressed
[  390.044097][   T40] audit: type=1800 audit(1748809691.945:6755): pid=12979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1775" name="bus" dev="overlay" ino=272 res=0 errno=0
[  390.044533][T12976] Node 0 DMA32 free:22108kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB free_highatomic:1016KB active_anon:1956kB inactive_anon:592kB active_file:0kB inactive_file:8kB unevictable:3536kB writepending:0kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:3088kB local_pcp:920kB free_cma:0kB
[  390.063244][T12976] lowmem_reserve[]: 0 0 0 0 0
[  390.063272][T12976] Node 1 DMA32 free:167632kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:592KB active_anon:24876kB inactive_anon:41856kB active_file:45440kB inactive_file:115580kB unevictable:3536kB writepending:80kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:1136kB local_pcp:432kB free_cma:0kB
[  390.063307][T12976] lowmem_reserve[]: 0 0 0 0 0
[  390.063330][T12976] Node 0 DMA: 61*4kB (U) 25*8kB (UM) 14*16kB (U) 1*32kB (U) 0*64kB 1*128kB (M) 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2620kB
[  390.063460][T12976] Node 0 DMA32: 39*4kB (UEH) 28*8kB (EH) 19*16kB (EH) 178*32kB (UMEH) 94*64kB (UMEH) 37*128kB (UMEH) 13*256kB (UME) 3*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 21996kB
[  390.063553][T12976] Node 1 DMA32: 1203*4kB (UME) 848*8kB (UMEH) 522*16kB (UMEH) 482*32kB (UMEH) 263*64kB (UMEH) 122*128kB (UME) 64*256kB (UME) 19*512kB (UME) 18*1024kB (UM) 17*2048kB (UM) 5*4096kB (UM) = 167660kB
[  390.063653][T12976] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  390.063662][T12976] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  390.063671][T12976] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  390.063680][T12976] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  390.063688][T12976] 43147 total pagecache pages
[  390.063693][T12976] 399 pages in swap cache
[  390.063697][T12976] Free swap  = 120912kB
[  390.063701][T12976] Total swap = 124996kB
[  390.063705][T12976] 524155 pages RAM
[  390.063709][T12976] 0 pages HighMem/MovableOnly
[  390.063713][T12976] 209033 pages reserved
[  390.063717][T12976] 0 pages cma reserved
[  390.568939][T12994] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1778'.
[  390.573779][T12994] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1778'.
[  391.233553][T13006] x_tables: ip6_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  391.332822][ T1465] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  391.504190][ T1465] usb 9-1: config 0 has no interfaces?
[  391.507223][ T1465] usb 9-1: config 0 has no interfaces?
[  391.509978][ T1465] usb 9-1: config 0 has no interfaces?
[  391.514764][ T1465] usb 9-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  391.517833][ T1465] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  391.521096][ T1465] usb 9-1: Product: syz
[  391.522820][ T1465] usb 9-1: Manufacturer: syz
[  391.523234][ T5942] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  391.524514][ T1465] usb 9-1: SerialNumber: syz
[  391.524703][ T5949] Bluetooth: hci4: command 0x1003 tx timeout
[  391.533167][ T1465] usb 9-1: config 0 descriptor??
[  391.721955][T13021] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  392.201611][T13033] netlink: 'syz.2.1791': attribute type 8 has an invalid length.
[  393.607545][T13051] vivid-007: disconnect
[  393.978673][ T7167] usb 9-1: USB disconnect, device number 5
[  394.177027][T13047] vivid-007: reconnect
[  394.283034][T13063] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1797'.
[  394.615166][T13068] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1799'.
[  395.671946][T13087] ntfs3(nbd0): try to read out of volume at offset 0x0
[  395.697268][T13073] syz.3.1800 (13073) used greatest stack depth: 17768 bytes left
[  396.508910][T13109] netlink: 'syz.4.1809': attribute type 4 has an invalid length.
[  396.513832][   T53] lo speed is unknown, defaulting to 1000
[  396.768724][T13117] bond2: (slave gretap1): Releasing active interface
[  397.067400][T13126] lo speed is unknown, defaulting to 1000
[  397.069702][T13126] lo speed is unknown, defaulting to 1000
[  397.085442][T13126] lo speed is unknown, defaulting to 1000
[  397.100816][T13126] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  397.123034][T13126] infiniband s…z0: RDMA CMA: cma_listen_on_dev, error -98
[  397.174596][T13126] lo speed is unknown, defaulting to 1000
[  397.180744][T13126] lo speed is unknown, defaulting to 1000
[  397.186082][T13126] lo speed is unknown, defaulting to 1000
[  397.190745][T13126] lo speed is unknown, defaulting to 1000
[  397.195302][T13126] lo speed is unknown, defaulting to 1000
[  397.239848][T13107] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  397.244354][T13107] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  397.247127][T13107] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  397.249191][T13107] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  397.272617][T13107] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  397.276718][T13124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.279672][T13124] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.337849][T13134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.341335][T13134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.845215][T13138] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  397.935192][   T40] audit: type=1326 audit(1748809699.835:6756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13140 comm="syz.0.1818" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7fc00000
[  398.562973][ T5949] Bluetooth: hci1: command 0x0406 tx timeout
[  398.697668][   T40] audit: type=1326 audit(1748809700.595:6757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13140 comm="syz.0.1818" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ce579 code=0x7fc00000
[  399.152015][T13161] Invalid ELF header magic: != ELF
[  399.292892][ T5949] Bluetooth: hci0: command 0x0c1a tx timeout
[  399.292915][ T5942] Bluetooth: hci3: command 0x0406 tx timeout
[  399.616290][T13168] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  400.063946][T13178] netlink: 'syz.0.1825': attribute type 2 has an invalid length.
[  400.118268][T13178] fuse: Bad value for 'fd'
[  400.188330][T13183] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  400.193242][   T53] lo speed is unknown, defaulting to 1000
[  400.195753][   T53] s…z0: Port: 1 Link DOWN
[  400.821890][T13198] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1832'.
[  400.870784][T13204] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1834'.
[  401.372958][ T5942] Bluetooth: hci0: command 0x0c1a tx timeout
[  402.138331][T13233] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1843'.
[  403.184694][   T40] audit: type=1326 audit(1748809705.085:6758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.191314][   T40] audit: type=1326 audit(1748809705.085:6759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.225063][   T40] audit: type=1326 audit(1748809705.085:6760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.242985][   T40] audit: type=1326 audit(1748809705.085:6761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.254096][   T40] audit: type=1326 audit(1748809705.085:6762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.290815][   T40] audit: type=1326 audit(1748809705.085:6763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.309487][   T40] audit: type=1326 audit(1748809705.085:6764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.322454][   T40] audit: type=1326 audit(1748809705.085:6765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.344329][   T40] audit: type=1326 audit(1748809705.085:6766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.354863][   T40] audit: type=1326 audit(1748809705.095:6767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13247 comm="syz.4.1847" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  403.443134][ T5942] Bluetooth: hci0: command 0x0c1a tx timeout
[  403.739274][T13269] ipvlan2: entered promiscuous mode
[  403.883863][T13277] nbd: must specify an index to disconnect
[  403.886497][T13277] syz.4.1856: attempt to access beyond end of device
[  403.886497][T13277] nbd4: rw=2048, sector=0, nr_sectors = 8 limit=0
[  403.891414][T13277] SQUASHFS error: Failed to read block 0x0: -5
[  403.904405][T13277] unable to read squashfs_super_block
[  403.957006][T13281] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  403.957007][T13280] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  403.957094][T13280] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  403.960334][T13281] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  403.985013][T13280] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  403.985347][T13282] netlink: 'syz.2.1857': attribute type 10 has an invalid length.
[  403.990842][T13282] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1857'.
[  404.042236][T13282] team0: Port device geneve0 added
[  404.454661][T13264] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  406.852873][   T61] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[  406.982988][   T61] usb 9-1: device descriptor read/64, error -71
[  407.040627][T13336] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.044414][T13336] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  407.049292][T13336] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.052855][T13336] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  407.222848][   T61] usb 9-1: new full-speed USB device number 7 using dummy_hcd
[  407.352834][   T61] usb 9-1: device descriptor read/64, error -71
[  407.469284][   T61] usb usb9-port1: attempt power cycle
[  407.823047][   T61] usb 9-1: new full-speed USB device number 8 using dummy_hcd
[  407.853342][   T61] usb 9-1: device descriptor read/8, error -71
[  408.102806][   T61] usb 9-1: new full-speed USB device number 9 using dummy_hcd
[  408.123236][   T61] usb 9-1: device descriptor read/8, error -71
[  408.243140][   T61] usb usb9-port1: unable to enumerate USB device
[  408.382779][    T9] usb 9-1: new full-speed USB device number 10 using dummy_hcd
[  408.533435][    T9] usb 9-1: device descriptor read/64, error -71
[  408.792861][    T9] usb 9-1: new full-speed USB device number 11 using dummy_hcd
[  408.934132][    T9] usb 9-1: device descriptor read/64, error -71
[  409.043848][    T9] usb usb9-port1: attempt power cycle
[  409.393591][    T9] usb 9-1: new full-speed USB device number 12 using dummy_hcd
[  409.413382][    T9] usb 9-1: device descriptor read/8, error -71
[  409.663276][    T9] usb 9-1: new full-speed USB device number 13 using dummy_hcd
[  409.873254][T13364] dlm: no locking on control device
[  409.876415][    T9] usb 9-1: device not accepting address 13, error -71
[  409.884778][    T9] usb usb9-port1: unable to enumerate USB device
[  415.123808][T13540] FAULT_INJECTION: forcing a failure.
[  415.123808][T13540] name failslab, interval 1, probability 0, space 0, times 0
[  415.127816][T13540] CPU: 1 UID: 0 PID: 13540 Comm: syz.3.1920 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  415.127831][T13540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  415.127838][T13540] Call Trace:
[  415.127842][T13540]  <TASK>
[  415.127846][T13540]  dump_stack_lvl+0x16c/0x1f0
[  415.127865][T13540]  should_fail_ex+0x512/0x640
[  415.127894][T13540]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  415.127917][T13540]  should_failslab+0xc2/0x120
[  415.127933][T13540]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  415.127948][T13540]  ? getname_flags.part.0+0x4c/0x550
[  415.127966][T13540]  ? fput+0x70/0xf0
[  415.127982][T13540]  getname_flags.part.0+0x4c/0x550
[  415.128001][T13540]  getname_flags+0x93/0xf0
[  415.128014][T13540]  __ia32_sys_link+0x57/0xa0
[  415.128029][T13540]  __do_fast_syscall_32+0x7c/0x3a0
[  415.128046][T13540]  do_fast_syscall_32+0x32/0x80
[  415.128061][T13540]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  415.128076][T13540] RIP: 0023:0xf710e579
[  415.128084][T13540] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  415.128095][T13540] RSP: 002b:00000000f50dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000009
[  415.128105][T13540] RAX: ffffffffffffffda RBX: 00000000800001c0 RCX: 00000000800002c0
[  415.128112][T13540] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  415.128119][T13540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  415.128124][T13540] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  415.128131][T13540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  415.128144][T13540]  </TASK>
[  415.514443][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  415.514453][   T40] audit: type=1326 audit(1748809717.415:6794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  415.523610][   T40] audit: type=1326 audit(1748809717.425:6795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf710e579 code=0x7ffc0000
[  415.531135][   T40] audit: type=1326 audit(1748809717.425:6796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  415.539684][   T40] audit: type=1326 audit(1748809717.425:6797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  415.546444][   T40] audit: type=1326 audit(1748809717.425:6798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf710e579 code=0x7ffc0000
[  415.561221][   T40] audit: type=1326 audit(1748809717.425:6799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  415.574353][   T40] audit: type=1326 audit(1748809717.425:6800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  415.618627][   T40] audit: type=1326 audit(1748809717.425:6801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  415.625398][   T40] audit: type=1326 audit(1748809717.425:6802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  415.632004][   T40] audit: type=1326 audit(1748809717.425:6803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.4.1921" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  416.217021][T13557] netlink: 'syz.3.1925': attribute type 14 has an invalid length.
[  416.381041][T13568] loop6: detected capacity change from 0 to 63
[  416.386634][T13129] Buffer I/O error on dev loop6, logical block 0, async page read
[  416.390039][T13129] Buffer I/O error on dev loop6, logical block 0, async page read
[  416.393259][T13129] Buffer I/O error on dev loop6, logical block 0, async page read
[  416.396230][T13129] Buffer I/O error on dev loop6, logical block 0, async page read
[  416.398906][T13129] Buffer I/O error on dev loop6, logical block 0, async page read
[  416.438574][T13570] FAULT_INJECTION: forcing a failure.
[  416.438574][T13570] name failslab, interval 1, probability 0, space 0, times 0
[  416.442470][T13570] CPU: 2 UID: 0 PID: 13570 Comm: syz.0.1927 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  416.442486][T13570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  416.442493][T13570] Call Trace:
[  416.442497][T13570]  <TASK>
[  416.442501][T13570]  dump_stack_lvl+0x16c/0x1f0
[  416.442520][T13570]  should_fail_ex+0x512/0x640
[  416.442537][T13570]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  416.442551][T13570]  should_failslab+0xc2/0x120
[  416.442567][T13570]  __kmalloc_cache_noprof+0x6a/0x3e0
[  416.442579][T13570]  ? binder_get_thread+0x1eb/0x8c0
[  416.442596][T13570]  ? binder_get_thread+0x225/0x8c0
[  416.442613][T13570]  ? __pfx_binder_poll+0x10/0x10
[  416.442630][T13570]  binder_get_thread+0x225/0x8c0
[  416.442648][T13570]  ? __pfx_binder_poll+0x10/0x10
[  416.442664][T13570]  binder_poll+0x3f/0x400
[  416.442680][T13570]  ? __pfx_binder_poll+0x10/0x10
[  416.442695][T13570]  do_select+0xd3d/0x17e0
[  416.442732][T13570]  ? __pfx_do_select+0x10/0x10
[  416.442745][T13570]  ? __pfx___pollwait+0x10/0x10
[  416.442758][T13570]  ? __pfx_pollwake+0x10/0x10
[  416.442770][T13570]  ? __pfx_pollwake+0x10/0x10
[  416.442783][T13570]  ? __pfx_pollwake+0x10/0x10
[  416.442795][T13570]  ? __pfx_pollwake+0x10/0x10
[  416.442807][T13570]  ? __pfx_pollwake+0x10/0x10
[  416.442833][T13570]  ? find_held_lock+0x2b/0x80
[  416.442849][T13570]  ? compat_core_sys_select+0x1dd/0x880
[  416.442863][T13570]  ? compat_core_sys_select+0x685/0x880
[  416.442874][T13570]  compat_core_sys_select+0x685/0x880
[  416.442890][T13570]  ? __pfx_compat_core_sys_select+0x10/0x10
[  416.442906][T13570]  ? proc_fail_nth_write+0x9f/0x250
[  416.442927][T13570]  ? set_compat_user_sigmask+0x213/0x2a0
[  416.442943][T13570]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  416.442962][T13570]  __ia32_compat_sys_pselect6_time32+0x2d1/0x390
[  416.442978][T13570]  ? __pfx___ia32_compat_sys_pselect6_time32+0x10/0x10
[  416.442992][T13570]  ? fput+0x70/0xf0
[  416.443007][T13570]  ? ksys_write+0x1ac/0x250
[  416.443020][T13570]  ? __pfx_ksys_write+0x10/0x10
[  416.443034][T13570]  ? rcu_is_watching+0x12/0xc0
[  416.443051][T13570]  __do_fast_syscall_32+0x7c/0x3a0
[  416.443068][T13570]  do_fast_syscall_32+0x32/0x80
[  416.443083][T13570]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  416.443096][T13570] RIP: 0023:0xf70ce579
[  416.443105][T13570] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  416.443116][T13570] RSP: 002b:00000000f509d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000134
[  416.443126][T13570] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 00000000800001c0
[  416.443133][T13570] RDX: 0000000000000000 RSI: 00000000800002c0 RDI: 0000000000000000
[  416.443139][T13570] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  416.443144][T13570] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  416.443150][T13570] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  416.443163][T13570]  </TASK>
[  416.554917][T13574] overlayfs: missing 'lowerdir'
[  416.562159][T13574] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1930'.
[  416.734069][T13584] xt_CT: No such helper "pptp"
[  417.394819][T13594] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1934'.
[  417.738412][T13616] FAULT_INJECTION: forcing a failure.
[  417.738412][T13616] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  417.743766][T13616] CPU: 3 UID: 0 PID: 13616 Comm: syz.4.1936 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  417.743782][T13616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.743789][T13616] Call Trace:
[  417.743793][T13616]  <TASK>
[  417.743797][T13616]  dump_stack_lvl+0x16c/0x1f0
[  417.743816][T13616]  should_fail_ex+0x512/0x640
[  417.743836][T13616]  _copy_from_user+0x2e/0xd0
[  417.743847][T13616]  do_compat_fcntl64+0x39b/0x710
[  417.743870][T13616]  ? __pfx_do_compat_fcntl64+0x10/0x10
[  417.743888][T13616]  ? fput+0x70/0xf0
[  417.743904][T13616]  ? ksys_write+0x1ac/0x250
[  417.743919][T13616]  ? rcu_is_watching+0x12/0xc0
[  417.743936][T13616]  __do_fast_syscall_32+0x7c/0x3a0
[  417.743953][T13616]  do_fast_syscall_32+0x32/0x80
[  417.743968][T13616]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  417.743982][T13616] RIP: 0023:0xf710e579
[  417.743991][T13616] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  417.744001][T13616] RSP: 002b:00000000f50bc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000037
[  417.744012][T13616] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000005
[  417.744018][T13616] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  417.744024][T13616] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  417.744030][T13616] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  417.744037][T13616] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  417.744049][T13616]  </TASK>
[  417.932034][T13623] bridge1: entered promiscuous mode
[  419.702511][T13666] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1947'.
[  422.270315][T13708] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1961'.
[  422.552816][   T61] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  422.682851][   T61] usb 9-1: device descriptor read/64, error -71
[  422.933484][   T61] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  423.028321][T13727] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1964'.
[  423.232876][   T61] usb 9-1: device descriptor read/64, error -71
[  423.342945][   T61] usb usb9-port1: attempt power cycle
[  423.682787][   T61] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  423.713676][   T61] usb 9-1: device descriptor read/8, error -71
[  423.805133][T13742] vcan0: tx drop: invalid sa for name 0xfffffffffffffffc
[  423.952778][   T61] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  423.973406][   T61] usb 9-1: device descriptor read/8, error -71
[  424.122937][   T61] usb usb9-port1: unable to enumerate USB device
[  424.877373][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.879820][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.883777][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.886119][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.888430][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.891195][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.894594][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.897490][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.900038][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.903551][    T9] hid-generic 00A0:0008:0003.0005: unknown main item tag 0x0
[  424.911492][    T9] hid-generic 00A0:0008:0003.0005: hidraw1: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  424.925068][T13754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1973'.
[  425.310809][T13776] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.1979'.
[  425.576510][T13780] GUP no longer grows the stack in syz.4.1980 (13780): 80004000-8000a000 (80002000)
[  425.580233][T13780] CPU: 3 UID: 0 PID: 13780 Comm: syz.4.1980 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  425.580249][T13780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  425.580257][T13780] Call Trace:
[  425.580262][T13780]  <TASK>
[  425.580266][T13780]  dump_stack_lvl+0x16c/0x1f0
[  425.580299][T13780]  gup_vma_lookup+0x1d2/0x220
[  425.580319][T13780]  __get_user_pages+0x271/0x3b80
[  425.580344][T13780]  ? __pfx___get_user_pages+0x10/0x10
[  425.580368][T13780]  get_user_pages_remote+0x258/0xb20
[  425.580387][T13780]  ? __pfx_mtree_load+0x10/0x10
[  425.580404][T13780]  ? __pfx_get_user_pages_remote+0x10/0x10
[  425.580430][T13780]  __access_remote_vm+0x246/0x810
[  425.580448][T13780]  ? do_raw_spin_lock+0x12c/0x2b0
[  425.580463][T13780]  ? __pfx___access_remote_vm+0x10/0x10
[  425.580483][T13780]  proc_pid_cmdline_read+0x4de/0x900
[  425.580497][T13780]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  425.580510][T13780]  ? rw_verify_area+0xcf/0x680
[  425.580523][T13780]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  425.580534][T13780]  vfs_readv+0x5be/0x8b0
[  425.580549][T13780]  ? __pfx_vfs_readv+0x10/0x10
[  425.580571][T13780]  ? __fget_files+0x20e/0x3c0
[  425.580587][T13780]  ? do_preadv+0x1a6/0x270
[  425.580598][T13780]  do_preadv+0x1a6/0x270
[  425.580610][T13780]  ? __pfx_do_preadv+0x10/0x10
[  425.580623][T13780]  ? rcu_is_watching+0x12/0xc0
[  425.580642][T13780]  __do_fast_syscall_32+0x7c/0x3a0
[  425.580659][T13780]  do_fast_syscall_32+0x32/0x80
[  425.580674][T13780]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  425.580688][T13780] RIP: 0023:0xf710e579
[  425.580697][T13780] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  425.580708][T13780] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  425.580718][T13780] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  425.580725][T13780] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000
[  425.580731][T13780] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  425.580738][T13780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  425.580744][T13780] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  425.580757][T13780]  </TASK>
[  426.981135][T13820] overlayfs: cannot append lower layer
[  427.012821][    T9] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  427.164773][    T9] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  427.168664][    T9] usb 9-1: config 1 has an invalid descriptor of length 231, skipping remainder of the config
[  427.173076][    T9] usb 9-1: config 1 has 0 interfaces, different from the descriptor's value: 66
[  427.180685][    T9] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  427.185255][    T9] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  427.188888][    T9] usb 9-1: Product: syz
[  427.190653][    T9] usb 9-1: Manufacturer: syz
[  430.488238][T13879] ip6erspan0: entered promiscuous mode
[  430.555328][T13881] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2009'.
[  430.849903][T13885] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2010'.
[  431.842885][T13899] wireguard0: entered promiscuous mode
[  431.844724][T13899] wireguard0: entered allmulticast mode
[  432.338223][T13910] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2017'.
[  432.954867][T13939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2023'.
[  433.762046][T13957] tmpfs: Unknown parameter 'grpquota 0
[  433.762046][T13957] '
[  434.411918][   T40] kauditd_printk_skb: 1566 callbacks suppressed
[  434.411978][   T40] audit: type=1804 audit(1748809736.305:8370): pid=13979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2036" name="/newroot/515/file0/bus" dev="ramfs" ino=33637 res=1 errno=0
[  434.432891][   T40] audit: type=1804 audit(1748809736.315:8371): pid=13979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2036" name="/newroot/515/file0/bus" dev="ramfs" ino=33637 res=1 errno=0
[  434.724313][T13983] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2037'.
[  434.940111][T13989] smc: removing ib device s
z1
[  435.020968][T13995] veth0: entered promiscuous mode
[  435.023404][T13995] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2041'.
[  435.797422][T14013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2046'.
[  435.885365][T14017] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2048'.
[  436.115761][T14028] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2053'.
[  436.119129][T14028] netlink: 'syz.2.2053': attribute type 10 has an invalid length.
[  436.121962][T14028] bond0: (slave wlan1): refused to change device type
[  436.198962][T14033] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2050'.
[  436.202916][T14031] hfs: unable to load iocharset "io#harset"
[  436.562837][   T53] page_pool_release_retry() stalled pool shutdown: id 66, 34 inflight 60 sec
[  437.804174][T14053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  437.807430][T14053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  438.084225][T14062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.090017][T14062] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  439.291597][T14093] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2070'.
[  439.445060][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  439.447788][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  441.933768][   T61] usb 7-1: USB disconnect, device number 2
[  442.194929][ T5949] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  442.200582][ T5949] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  442.204897][ T5949] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  442.209500][ T5949] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  442.213472][ T5949] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  442.222899][T14136] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2083'.
[  442.274282][T14136] 8021q: adding VLAN 0 to HW filter on device bond1
[  442.381161][T14138] lo speed is unknown, defaulting to 1000
[  442.517329][   T12] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.623557][   T12] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.626989][T14154] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2084'.
[  442.865309][   T12] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.012967][T14138] chnl_net:caif_netlink_parms(): no params data found
[  443.043837][   T12] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.229467][T14138] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.231879][T14138] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.235238][T14138] bridge_slave_0: entered allmulticast mode
[  443.237893][T14138] bridge_slave_0: entered promiscuous mode
[  443.247815][T14138] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.250843][T14138] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.257368][T14138] bridge_slave_1: entered allmulticast mode
[  443.261256][T14138] bridge_slave_1: entered promiscuous mode
[  443.398682][   T40] audit: type=1326 audit(1748809745.295:8372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  443.415679][   T40] audit: type=1326 audit(1748809745.295:8373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  443.424590][   T40] audit: type=1326 audit(1748809745.295:8374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  443.431133][   T40] audit: type=1326 audit(1748809745.295:8375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  443.437550][T14138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  443.438364][   T40] audit: type=1326 audit(1748809745.305:8376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  443.442625][T14138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  443.447951][   T40] audit: type=1326 audit(1748809745.305:8377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  443.457840][   T40] audit: type=1326 audit(1748809745.305:8378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  443.465598][   T40] audit: type=1326 audit(1748809745.305:8379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  443.472471][   T40] audit: type=1326 audit(1748809745.305:8380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  443.479330][   T40] audit: type=1326 audit(1748809745.305:8381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14163 comm="syz.4.2088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  443.821615][   T12] team0: Port device geneve0 removed
[  443.959593][T14116] Set syz1 is full, maxelem 65536 reached
[  444.150887][   T12] bond0 (unregistering): Released all slaves
[  444.162586][   T12] bond1 (unregistering): Released all slaves
[  444.253201][ T5949] Bluetooth: hci4: command tx timeout
[  444.278629][   T12] bond2 (unregistering): Released all slaves
[  444.291834][   T12] bond3 (unregistering): Released all slaves
[  444.330311][T14138] team0: Port device team_slave_0 added
[  444.343929][T14164] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2088'.
[  444.383336][T14138] team0: Port device team_slave_1 added
[  444.448053][T14138] batman_adv: batadv0: Adding interface: batadv_slave_0
[  444.450602][T14138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.460572][T14138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  444.466590][T14138] batman_adv: batadv0: Adding interface: batadv_slave_1
[  444.468767][T14138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.478713][T14138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  444.545514][T14138] hsr_slave_0: entered promiscuous mode
[  444.548312][T14138] hsr_slave_1: entered promiscuous mode
[  444.551267][T14138] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  444.566215][T14138] Cannot create hsr debugfs directory
[  444.662672][T14179] netlink: 'syz.4.2092': attribute type 1 has an invalid length.
[  445.169521][T14206] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2095'.
[  445.612224][T14138] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  445.639962][T14138] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  445.651487][T14138] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  445.665596][T14138] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  445.896921][T14138] 8021q: adding VLAN 0 to HW filter on device bond0
[  445.928093][T14138] 8021q: adding VLAN 0 to HW filter on device team0
[  445.945072][ T1181] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.948060][ T1181] bridge0: port 1(bridge_slave_0) entered forwarding state
[  445.980192][ T1181] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.983186][ T1181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  446.105372][T14138] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  446.109888][T14138] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  446.323053][ T5949] Bluetooth: hci4: command tx timeout
[  446.502983][   T12] hsr_slave_0: left promiscuous mode
[  446.506118][   T12] hsr_slave_1: left promiscuous mode
[  446.547406][   T12] veth1_macvtap: left promiscuous mode
[  446.550512][   T12] veth0_macvtap: left promiscuous mode
[  446.553195][   T12] veth1_vlan: left promiscuous mode
[  446.555494][   T12] veth0_vlan: left promiscuous mode
[  447.241020][T14242] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  448.363955][T14138] 8021q: adding VLAN 0 to HW filter on device batadv0
[  448.402828][ T5949] Bluetooth: hci4: command tx timeout
[  448.491960][T14138] veth0_vlan: entered promiscuous mode
[  448.505408][T14138] veth1_vlan: entered promiscuous mode
[  448.585555][T14138] veth0_macvtap: entered promiscuous mode
[  448.589547][T14138] veth1_macvtap: entered promiscuous mode
[  448.610041][T14264] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2104'.
[  448.628069][T14138] batman_adv: batadv0: Interface activated: batadv_slave_0
[  448.643592][T14138] batman_adv: batadv0: Interface activated: batadv_slave_1
[  448.652986][T14138] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  448.656040][T14138] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  448.658770][T14138] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  448.661483][T14138] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  448.830931][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.852955][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.890835][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.902942][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.482820][ T5949] Bluetooth: hci4: command tx timeout
[  450.751081][T14299] random: crng reseeded on system resumption
[  451.879293][T14276] Set syz1 is full, maxelem 65536 reached
[  452.213574][T14325] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2116'.
[  456.357865][T14363] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2127'.
[  456.481298][T14368] FAULT_INJECTION: forcing a failure.
[  456.481298][T14368] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  456.485484][T14368] CPU: 0 UID: 0 PID: 14368 Comm: syz.3.2129 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  456.485514][T14368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  456.485521][T14368] Call Trace:
[  456.485525][T14368]  <TASK>
[  456.485530][T14368]  dump_stack_lvl+0x16c/0x1f0
[  456.485549][T14368]  should_fail_ex+0x512/0x640
[  456.485569][T14368]  _copy_from_iter+0x29f/0x16f0
[  456.485584][T14368]  ? __pfx__copy_from_iter+0x10/0x10
[  456.485595][T14368]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  456.485617][T14368]  copy_page_from_iter+0xde/0x180
[  456.485629][T14368]  tun_build_skb.constprop.0+0x2e8/0x14f0
[  456.485645][T14368]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  456.485659][T14368]  ? __lock_acquire+0x622/0x1c90
[  456.485677][T14368]  ? find_held_lock+0x2b/0x80
[  456.485694][T14368]  tun_get_user+0x165f/0x3b80
[  456.485710][T14368]  ? __pfx_tun_get_user+0x10/0x10
[  456.485720][T14368]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  456.485735][T14368]  ? find_held_lock+0x2b/0x80
[  456.485750][T14368]  ? tun_get+0x191/0x370
[  456.485770][T14368]  tun_chr_write_iter+0xdc/0x210
[  456.485782][T14368]  vfs_write+0x6c7/0x1150
[  456.485796][T14368]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  456.485808][T14368]  ? __pfx_vfs_write+0x10/0x10
[  456.485820][T14368]  ? find_held_lock+0x2b/0x80
[  456.485843][T14368]  ksys_write+0x12a/0x250
[  456.485855][T14368]  ? __pfx_ksys_write+0x10/0x10
[  456.485869][T14368]  ? rcu_is_watching+0x12/0xc0
[  456.485887][T14368]  __do_fast_syscall_32+0x7c/0x3a0
[  456.485903][T14368]  do_fast_syscall_32+0x32/0x80
[  456.485918][T14368]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  456.485932][T14368] RIP: 0023:0xf710e579
[  456.485941][T14368] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  456.485951][T14368] RSP: 002b:00000000f50fe520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  456.485961][T14368] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000340
[  456.485968][T14368] RDX: 000000000000002e RSI: 00000000f7472ff4 RDI: 0000000000000000
[  456.485974][T14368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  456.485980][T14368] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  456.485986][T14368] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  456.485999][T14368]  </TASK>
[  459.253332][T14415] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2142'.
[  459.257288][T14415] netlink: 'syz.0.2142': attribute type 5 has an invalid length.
[  459.260624][T14415] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2142'.
[  459.286422][T14415] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  459.289308][T14415] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  459.292194][T14415] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  459.298391][T14415] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  459.302638][T14415] geneve2: entered promiscuous mode
[  459.352688][T14415] geneve2: entered allmulticast mode
[  459.363756][T14417] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2144'.
[  461.469066][T14448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  461.472552][T14448] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  463.832996][T14471] Invalid source name
[  463.834558][T14471] UBIFS error (pid: 14471): cannot open "./file0", error -22
[  465.205009][T14496] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2166'.
[  465.253144][T14498] Invalid source name
[  465.254436][T14498] UBIFS error (pid: 14498): cannot open "./file0", error -22
[  465.284474][T14500] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2169'.
[  465.291353][T14500] netlink: 'syz.2.2169': attribute type 20 has an invalid length.
[  465.294903][T14500] netlink: 'syz.2.2169': attribute type 21 has an invalid length.
[  466.953668][T14540] Invalid source name
[  466.955803][T14540] UBIFS error (pid: 14540): cannot open "./file0", error -22
[  468.305358][T14577] Invalid source name
[  468.306686][T14577] UBIFS error (pid: 14577): cannot open "./file0", error -22
[  469.456412][ T7167] IPVS: starting estimator thread 0...
[  469.542854][T14602] IPVS: using max 41 ests per chain, 98400 per kthread
[  469.986532][T14618] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2199'.
[  470.338746][T14634] vivid-007: disconnect
[  470.921607][T14623] vivid-007: reconnect
[  471.143541][T14644] Invalid source name
[  471.144876][T14644] UBIFS error (pid: 14644): cannot open "./file0", error -22
[  471.218461][T14649] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2208'.
[  472.141066][T14683] Invalid source name
[  472.146866][T14683] UBIFS error (pid: 14683): cannot open "./file0", error -22
[  472.285001][T14689] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2219'.
[  472.859771][T14697] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode 802.3ad(4)
[  473.425448][T14704] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2223'.
[  475.177893][T14751] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2233'.
[  475.456831][T14758] lo speed is unknown, defaulting to 1000
[  475.458814][T14758] lo speed is unknown, defaulting to 1000
[  475.462527][T14758] lo speed is unknown, defaulting to 1000
[  475.487708][T14758] infiniband s…z0: RDMA CMA: cma_listen_on_dev, error -98
[  475.550514][T14758] lo speed is unknown, defaulting to 1000
[  475.557015][T14758] lo speed is unknown, defaulting to 1000
[  475.562116][T14758] lo speed is unknown, defaulting to 1000
[  475.567451][T14758] lo speed is unknown, defaulting to 1000
[  475.573230][T14758] lo speed is unknown, defaulting to 1000
[  475.946445][T14768] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode 802.3ad(4)
[  479.084327][T14809] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2245'.
[  479.381783][T14812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  479.387105][T14812] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.594169][T14812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  479.597088][T14812] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  481.295018][ T5979] IPVS: starting estimator thread 0...
[  481.384296][T14835] IPVS: using max 42 ests per chain, 100800 per kthread
[  481.455569][T14839] syzkaller1: entered promiscuous mode
[  481.457344][T14839] syzkaller1: entered allmulticast mode
[  483.437858][T14859] No source specified
[  484.077612][T14873] lo speed is unknown, defaulting to 1000
[  484.176372][T14883] overlay: Bad value for 'uuid'
[  484.634210][T14894] No source specified
[  484.805708][T14902] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2275'.
[  485.362397][T14912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2279'.
[  485.375202][T14912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2279'.
[  486.034200][T14919] No source specified
[  486.240021][    T9] kernel read not supported for file /vga_arbiter (pid: 9 comm: kworker/0:0)
[  486.292979][T14927] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2284'.
[  486.308790][   T40] kauditd_printk_skb: 415 callbacks suppressed
[  486.308800][   T40] audit: type=1326 audit(1748809788.205:8797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  486.335498][   T40] audit: type=1326 audit(1748809788.205:8798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  486.341977][   T40] audit: type=1326 audit(1748809788.205:8799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  486.362812][   T40] audit: type=1326 audit(1748809788.215:8800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  486.380739][   T40] audit: type=1326 audit(1748809788.215:8801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  486.401396][T14929] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2285'.
[  486.403236][   T40] audit: type=1326 audit(1748809788.215:8802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  486.432803][   T40] audit: type=1326 audit(1748809788.215:8803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  486.439715][   T40] audit: type=1326 audit(1748809788.215:8804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  486.446344][   T40] audit: type=1326 audit(1748809788.215:8805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  486.462839][   T40] audit: type=1326 audit(1748809788.215:8806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14922 comm="syz.2.2283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  488.122854][T14959] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2291'.
[  488.257094][T14962] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2293'.
[  492.036275][T15007] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  492.038332][T15007] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  492.040747][T15007] vhci_hcd vhci_hcd.0: Device attached
[  492.046838][T15012] vhci_hcd: connection closed
[  492.047097][ T1145] vhci_hcd: stop threads
[  492.052215][ T1145] vhci_hcd: release socket
[  492.062861][ T1145] vhci_hcd: disconnect device
[  492.760262][    T9] kernel read not supported for file /vga_arbiter (pid: 9 comm: kworker/0:0)
[  492.816476][   T40] kauditd_printk_skb: 1059 callbacks suppressed
[  492.816492][   T40] audit: type=1326 audit(1748809794.715:9866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  492.831657][   T40] audit: type=1326 audit(1748809794.715:9867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  492.838681][   T40] audit: type=1326 audit(1748809794.715:9868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  492.845532][   T40] audit: type=1326 audit(1748809794.725:9869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  492.852435][   T40] audit: type=1326 audit(1748809794.725:9870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  492.859184][   T40] audit: type=1326 audit(1748809794.725:9871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf710e579 code=0x7ffc0000
[  492.866394][   T40] audit: type=1326 audit(1748809794.725:9872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  492.873081][   T40] audit: type=1326 audit(1748809794.725:9873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  492.879883][   T40] audit: type=1326 audit(1748809794.725:9874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  492.886419][   T40] audit: type=1326 audit(1748809794.725:9875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15023 comm="syz.4.2314" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  494.333429][T15040] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2318'.
[  494.337057][T15040] 9pnet_fd: Insufficient options for proto=fd
[  495.596285][ T1464] kernel read not supported for file /vga_arbiter (pid: 1464 comm: kworker/2:2)
[  496.803341][   T29] page_pool_release_retry() stalled pool shutdown: id 66, 34 inflight 121 sec
[  498.807592][T15105] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2334'.
[  499.471726][T15104] Set syz1 is full, maxelem 65536 reached
[  499.604032][T15121] x_tables: duplicate underflow at hook 1
[  499.681920][T15125] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2343'.
[  500.403580][   T24] kernel read not supported for file /vga_arbiter (pid: 24 comm: kworker/2:0)
[  500.516472][   T40] kauditd_printk_skb: 2131 callbacks suppressed
[  500.516482][   T40] audit: type=1326 audit(1748809802.415:12007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  500.525992][   T40] audit: type=1326 audit(1748809802.415:12008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  500.534143][   T40] audit: type=1326 audit(1748809802.415:12009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  500.553072][   T40] audit: type=1326 audit(1748809802.425:12010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  500.563405][   T40] audit: type=1326 audit(1748809802.425:12011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  500.573203][   T40] audit: type=1326 audit(1748809802.425:12012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  500.582783][   T40] audit: type=1326 audit(1748809802.435:12013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  500.590478][   T40] audit: type=1326 audit(1748809802.435:12014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf710e579 code=0x7ffc0000
[  500.605024][   T40] audit: type=1326 audit(1748809802.435:12015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  500.613335][   T40] audit: type=1326 audit(1748809802.435:12016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15145 comm="syz.4.2351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  500.884637][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  500.887180][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  500.957395][T15164] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2356'.
[  501.367825][T15181] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2360'.
[  501.884892][T15190] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2362'.
[  502.029687][T15197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2365'.
[  503.007924][T15206] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2369'.
[  503.436993][T15223] futex_wake_op: syz.3.2373 tries to shift op by 32; fix this program
[  503.442833][ T5949] Bluetooth: hci1: unexpected event for opcode 0x080b
[  504.248013][T15228] orangefs_mount: mount request failed with -4
[  507.442914][ T5949] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  507.448261][ T5949] Bluetooth: hci1: Injecting HCI hardware error event
[  507.454283][ T5942] Bluetooth: hci1: hardware error 0x00
[  508.003010][T15314] random: crng reseeded on system resumption
[  508.128558][T15318] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2400'.
[  509.522879][ T5942] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  511.218051][ T1464] usb 5-1: USB disconnect, device number 2
[  511.350807][ T5949] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  511.354952][ T5949] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  511.357859][ T5949] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  511.361080][ T5949] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  511.363792][ T5949] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  511.453873][T15393] lo speed is unknown, defaulting to 1000
[  511.505627][   T83] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  511.509101][   T83] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  511.641781][   T83] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  511.646754][   T83] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  511.655736][T15393] chnl_net:caif_netlink_parms(): no params data found
[  511.784778][   T83] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  511.788933][   T83] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  511.876842][T15393] bridge0: port 1(bridge_slave_0) entered blocking state
[  511.881435][T15393] bridge0: port 1(bridge_slave_0) entered disabled state
[  511.886948][T15393] bridge_slave_0: entered allmulticast mode
[  511.889739][T15393] bridge_slave_0: entered promiscuous mode
[  511.949121][   T83] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  511.952529][   T83] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  511.960642][T15393] bridge0: port 2(bridge_slave_1) entered blocking state
[  511.963837][T15393] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.966908][T15393] bridge_slave_1: entered allmulticast mode
[  511.969845][T15393] bridge_slave_1: entered promiscuous mode
[  512.001478][T15410] sp0: Synchronizing with TNC
[  512.035288][T15393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  512.069009][T15393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  512.124525][T15393] team0: Port device team_slave_0 added
[  512.132216][T15393] team0: Port device team_slave_1 added
[  512.183680][T15393] batman_adv: batadv0: Adding interface: batadv_slave_0
[  512.187155][T15393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  512.197197][T15393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  512.208833][T15393] batman_adv: batadv0: Adding interface: batadv_slave_1
[  512.211501][T15393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  512.222235][T15393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  512.611362][   T83] 
 (unregistering): (slave wlan1): Releasing backup interface
[  512.614795][   T83] 
 (unregistering): Released all slaves
[  512.663104][T15393] hsr_slave_0: entered promiscuous mode
[  512.665628][T15393] hsr_slave_1: entered promiscuous mode
[  512.667744][T15393] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  512.670195][T15393] Cannot create hsr debugfs directory
[  512.799139][T14270] kernel read not supported for file /vga_arbiter (pid: 14270 comm: kworker/0:4)
[  512.815471][T15425] FAULT_INJECTION: forcing a failure.
[  512.815471][T15425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  512.819998][T15425] CPU: 3 UID: 0 PID: 15425 Comm: syz.3.2431 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  512.820022][T15425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  512.820033][T15425] Call Trace:
[  512.820039][T15425]  <TASK>
[  512.820045][T15425]  dump_stack_lvl+0x16c/0x1f0
[  512.820073][T15425]  should_fail_ex+0x512/0x640
[  512.820101][T15425]  _copy_to_user+0x32/0xd0
[  512.820118][T15425]  simple_read_from_buffer+0xcb/0x170
[  512.820138][T15425]  proc_fail_nth_read+0x197/0x270
[  512.820157][T15425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  512.820176][T15425]  ? rw_verify_area+0xcf/0x680
[  512.820191][T15425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  512.820208][T15425]  vfs_read+0x1e1/0xc60
[  512.820227][T15425]  ? fdget_pos+0x2a2/0x370
[  512.820250][T15425]  ? __pfx_vfs_read+0x10/0x10
[  512.820267][T15425]  ? find_held_lock+0x2b/0x80
[  512.820298][T15425]  ? __fget_files+0x20e/0x3c0
[  512.820315][T15425]  ? handle_mm_fault+0x210/0xd10
[  512.820340][T15425]  ksys_read+0x12a/0x250
[  512.820359][T15425]  ? __pfx_ksys_read+0x10/0x10
[  512.820380][T15425]  ? rcu_is_watching+0x12/0xc0
[  512.820406][T15425]  __do_fast_syscall_32+0x7c/0x3a0
[  512.820432][T15425]  do_fast_syscall_32+0x32/0x80
[  512.820455][T15425]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  512.820476][T15425] RIP: 0023:0xf710e579
[  512.820489][T15425] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  512.820505][T15425] RSP: 002b:00000000f50fe590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  512.820520][T15425] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50fe620
[  512.820531][T15425] RDX: 000000000000000f RSI: 00000000f7472ff4 RDI: 0000000000000000
[  512.820540][T15425] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  512.820550][T15425] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  512.820559][T15425] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  512.820581][T15425]  </TASK>
[  512.917728][   T40] kauditd_printk_skb: 200 callbacks suppressed
[  512.917740][   T40] audit: type=1326 audit(1748809814.805:12217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  512.926631][   T40] audit: type=1326 audit(1748809814.805:12218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  512.933728][   T40] audit: type=1326 audit(1748809814.805:12219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  512.942078][   T40] audit: type=1326 audit(1748809814.805:12220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e598 code=0x7ffc0000
[  512.951680][   T40] audit: type=1326 audit(1748809814.815:12221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf710e579 code=0x7ffc0000
[  512.959477][   T40] audit: type=1326 audit(1748809814.815:12222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  512.968894][   T40] audit: type=1326 audit(1748809814.815:12223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  512.976223][   T40] audit: type=1326 audit(1748809814.815:12224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  512.982991][   T40] audit: type=1326 audit(1748809814.815:12225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  512.989624][   T40] audit: type=1326 audit(1748809814.815:12226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15419 comm="syz.4.2430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  513.267857][   T83] hsr_slave_0: left promiscuous mode
[  513.270025][   T83] hsr_slave_1: left promiscuous mode
[  513.332297][   T83] veth1_macvtap: left promiscuous mode
[  513.338522][   T83] veth0_macvtap: left promiscuous mode
[  513.345961][   T83] veth1_vlan: left promiscuous mode
[  513.350182][   T83] veth0_vlan: left promiscuous mode
[  513.442886][ T5949] Bluetooth: hci2: command tx timeout
[  514.513877][T15461] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2440'.
[  515.188517][T15446] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2436'.
[  515.315555][ T9911] kernel read not supported for file /vga_arbiter (pid: 9911 comm: kworker/3:4)
[  515.346251][T15393] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  515.350437][T15393] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  515.355619][T15393] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  515.359384][T15393] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  515.480313][T15393] 8021q: adding VLAN 0 to HW filter on device bond0
[  515.497963][T15393] 8021q: adding VLAN 0 to HW filter on device team0
[  515.503654][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.505866][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  515.522863][ T5949] Bluetooth: hci2: command tx timeout
[  515.534266][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.536543][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  515.634787][   T83] IPVS: stop unused estimator thread 0...
[  515.697559][T15393] 8021q: adding VLAN 0 to HW filter on device batadv0
[  515.732174][T15393] veth0_vlan: entered promiscuous mode
[  515.742929][T15393] veth1_vlan: entered promiscuous mode
[  515.763683][T15393] veth0_macvtap: entered promiscuous mode
[  515.767269][T15393] veth1_macvtap: entered promiscuous mode
[  515.779731][T15393] batman_adv: batadv0: Interface activated: batadv_slave_0
[  515.787419][T15393] batman_adv: batadv0: Interface activated: batadv_slave_1
[  515.810519][T15393] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  515.816214][T15393] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  515.818912][T15393] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  515.821579][T15393] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  515.904037][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  515.906586][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  515.934648][ T8471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  515.937093][ T8471] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  515.945301][T15492] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2444'.
[  516.355850][T15511] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  516.392082][T15511] kvm: pic: non byte read
[  516.403018][T15511] kvm: pic: level sensitive irq not supported
[  516.405158][T15511] kvm: pic: non byte read
[  516.611172][ T5980] kernel read not supported for file /vga_arbiter (pid: 5980 comm: kworker/3:3)
[  517.606848][ T5949] Bluetooth: hci2: command tx timeout
[  517.734615][T15536] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2456'.
[  517.887830][T15543] tmpfs: Unknown parameter 's'
[  519.309205][T15571] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2466'.
[  519.310461][T15572] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  519.692841][ T5949] Bluetooth: hci2: command tx timeout
[  520.021203][T15586] x_tables: duplicate underflow at hook 1
[  521.205113][T15608] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2477'.
[  521.627788][T15557] Set syz1 is full, maxelem 65536 reached
[  524.672872][ T7167] kernel read not supported for file /vga_arbiter (pid: 7167 comm: kworker/1:4)
[  524.784642][   T40] kauditd_printk_skb: 657 callbacks suppressed
[  524.784659][   T40] audit: type=1326 audit(1748809826.685:12884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707e598 code=0x7ffc0000
[  524.841699][   T40] audit: type=1326 audit(1748809826.685:12885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  524.842432][ T5942] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  524.848803][   T40] audit: type=1326 audit(1748809826.685:12886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707e598 code=0x7ffc0000
[  524.861824][   T40] audit: type=1326 audit(1748809826.685:12887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  524.863156][ T5942] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  524.870495][   T40] audit: type=1326 audit(1748809826.685:12888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707e598 code=0x7ffc0000
[  524.885859][ T5942] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  524.889489][   T40] audit: type=1326 audit(1748809826.685:12889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  524.897155][ T5942] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  524.897592][   T40] audit: type=1326 audit(1748809826.685:12890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707e598 code=0x7ffc0000
[  524.908996][   T40] audit: type=1326 audit(1748809826.695:12891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf707e579 code=0x7ffc0000
[  524.909144][ T5942] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  524.917414][   T40] audit: type=1326 audit(1748809826.695:12892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  524.927116][   T40] audit: type=1326 audit(1748809826.695:12893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15674 comm="syz.0.2497" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  524.935710][ T1464] usb 8-1: USB disconnect, device number 2
[  524.967534][T15680] lo speed is unknown, defaulting to 1000
[  525.069796][   T83] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  525.142632][   T83] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  525.197814][   T83] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  525.217275][T15680] chnl_net:caif_netlink_parms(): no params data found
[  525.285427][   T83] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  525.343649][T15680] bridge0: port 1(bridge_slave_0) entered blocking state
[  525.346886][T15680] bridge0: port 1(bridge_slave_0) entered disabled state
[  525.349880][T15680] bridge_slave_0: entered allmulticast mode
[  525.354470][T15680] bridge_slave_0: entered promiscuous mode
[  525.358960][T15680] bridge0: port 2(bridge_slave_1) entered blocking state
[  525.363408][T15680] bridge0: port 2(bridge_slave_1) entered disabled state
[  525.366633][T15680] bridge_slave_1: entered allmulticast mode
[  525.370748][T15680] bridge_slave_1: entered promiscuous mode
[  525.433562][T15680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  525.439229][T15680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  525.790761][   T83] dvmrp1 (unregistering): left allmulticast mode
[  525.945099][T15701] FAULT_INJECTION: forcing a failure.
[  525.945099][T15701] name failslab, interval 1, probability 0, space 0, times 0
[  525.949178][T15701] CPU: 0 UID: 0 PID: 15701 Comm: syz.0.2502 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  525.949200][T15701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  525.949211][T15701] Call Trace:
[  525.949218][T15701]  <TASK>
[  525.949226][T15701]  dump_stack_lvl+0x16c/0x1f0
[  525.949253][T15701]  should_fail_ex+0x512/0x640
[  525.949280][T15701]  ? fs_reclaim_acquire+0xae/0x150
[  525.949299][T15701]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  525.949325][T15701]  should_failslab+0xc2/0x120
[  525.949349][T15701]  __kmalloc_noprof+0xd2/0x510
[  525.949379][T15701]  tomoyo_realpath_from_path+0xc2/0x6e0
[  525.949407][T15701]  ? tomoyo_profile+0x47/0x60
[  525.949426][T15701]  tomoyo_path_perm+0x274/0x460
[  525.949446][T15701]  ? tomoyo_path_perm+0x260/0x460
[  525.949469][T15701]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  525.949520][T15701]  ? hook_file_truncate+0xc7/0x250
[  525.949548][T15701]  security_file_truncate+0x84/0x1e0
[  525.949575][T15701]  do_ftruncate+0x218/0x970
[  525.949600][T15701]  ? __pfx_do_ftruncate+0x10/0x10
[  525.949621][T15701]  ? fput+0x10/0xf0
[  525.949653][T15701]  do_sys_ftruncate+0x61/0xb0
[  525.949676][T15701]  __ia32_compat_sys_ftruncate+0x5b/0x80
[  525.949698][T15701]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  525.949723][T15701]  __do_fast_syscall_32+0x7c/0x3a0
[  525.949750][T15701]  do_fast_syscall_32+0x32/0x80
[  525.949774][T15701]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  525.949795][T15701] RIP: 0023:0xf707e579
[  525.949810][T15701] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  525.949826][T15701] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 000000000000005d
[  525.949844][T15701] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040000000
[  525.949856][T15701] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  525.949866][T15701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  525.949875][T15701] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  525.949886][T15701] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  525.949909][T15701]  </TASK>
[  525.949916][T15701] ERROR: Out of memory at tomoyo_realpath_from_path.
[  526.143705][   T83] bond0 (unregistering): Released all slaves
[  526.273760][   T83] bond1 (unregistering): Released all slaves
[  526.295698][T15680] team0: Port device team_slave_0 added
[  526.302214][T15680] team0: Port device team_slave_1 added
[  526.371230][T15680] batman_adv: batadv0: Adding interface: batadv_slave_0
[  526.376625][T15680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  526.385163][T15680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  526.389429][T15680] batman_adv: batadv0: Adding interface: batadv_slave_1
[  526.391669][T15680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  526.403147][T15680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  526.589089][T15680] hsr_slave_0: entered promiscuous mode
[  526.591395][T15680] hsr_slave_1: entered promiscuous mode
[  526.594520][T15680] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  526.598025][T15680] Cannot create hsr debugfs directory
[  526.638924][   T10] kernel read not supported for file /vga_arbiter (pid: 10 comm: kworker/0:1)
[  526.742677][   T83] hsr_slave_0: left promiscuous mode
[  526.744942][   T83] hsr_slave_1: left promiscuous mode
[  526.772265][   T83] veth1_macvtap: left promiscuous mode
[  526.774611][   T83] veth0_macvtap: left promiscuous mode
[  526.776432][   T83] veth1_vlan: left promiscuous mode
[  526.778209][   T83] veth0_vlan: left promiscuous mode
[  526.962966][ T5949] Bluetooth: hci3: command tx timeout
[  527.457556][T15742] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2510'.
[  528.748474][T15749] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000021: 0000 [#1] SMP KASAN NOPTI
[  528.752465][T15749] KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]
[  528.756168][T15749] CPU: 1 UID: 0 PID: 15749 Comm: syz.2.2512 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  528.760433][T15749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  528.763735][T15749] RIP: 0010:arp_netdev_event+0x180/0x3c0
[  528.765496][T15749] Code: 80 3c 02 00 0f 85 22 02 00 00 48 8b 2b e8 38 91 84 01 48 b8 00 00 00 00 00 fc ff df 48 8d bd 08 01 00 00 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 1c 02 00 00 48 8b ad 08 01 00 00 48 b8 00 00 00
[  528.772250][T15749] RSP: 0000:ffffc90004506f30 EFLAGS: 00010206
[  528.774593][T15749] RAX: dffffc0000000000 RBX: ffff88804d16bc00 RCX: ffffc90028e96000
[  528.777062][T15749] RDX: 0000000000000021 RSI: ffffffff89f50055 RDI: 0000000000000108
[  528.779736][T15749] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  528.782225][T15749] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880238dc000
[  528.784682][T15749] R13: dffffc0000000000 R14: ffffffff902bf660 R15: 0000000000000000
[  528.787165][T15749] FS:  0000000000000000(0000) GS:ffff888097875000(0063) knlGS:00000000f50bcb40
[  528.790070][T15749] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  528.792181][T15749] CR2: 0000000080019680 CR3: 00000000695b9000 CR4: 0000000000352ef0
[  528.794656][T15749] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  528.797289][T15749] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  528.799761][T15749] Call Trace:
[  528.800816][T15749]  <TASK>
[  528.801753][T15749]  notifier_call_chain+0xbc/0x410
[  528.803394][T15749]  ? __pfx_arp_netdev_event+0x10/0x10
[  528.805109][T15749]  call_netdevice_notifiers_info+0xbe/0x140
[  528.806967][T15749]  netif_state_change+0x165/0x3b0
[  528.808562][T15749]  ? __pfx_netif_state_change+0x10/0x10
[  528.810572][T15749]  ? netdev_master_upper_dev_get+0xd6/0x150
[  528.813056][T15749]  ? do_set_master+0x1fa/0x730
[  528.814717][T15749]  ? netif_change_flags+0x10d/0x160
[  528.816400][T15749]  do_setlink.constprop.0+0x3570/0x4380
[  528.818144][T15749]  ? trace_sched_exit_tp+0xde/0x130
[  528.820093][T15749]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  528.822592][T15749]  ? __lock_acquire+0xb8a/0x1c90
[  528.824340][T15749]  ? __pfx___schedule+0x10/0x10
[  528.825885][T15749]  ? do_raw_spin_lock+0x12c/0x2b0
[  528.827483][T15749]  ? mark_held_locks+0x49/0x80
[  528.829015][T15749]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  528.830855][T15749]  ? lockdep_hardirqs_on+0x7c/0x110
[  528.832484][T15749]  ? __mutex_lock+0x1ca/0xb90
[  528.833973][T15749]  ? rtnl_newlink+0x600/0x2000
[  528.835499][T15749]  ? __pfx___mutex_lock+0x10/0x10
[  528.837058][T15749]  ? apparmor_capable+0x114/0x1d0
[  528.838706][T15749]  ? netlink_ns_capable+0xfa/0x130
[  528.840600][T15749]  rtnl_newlink+0x18e0/0x2000
[  528.842099][T15749]  ? __pfx_rtnl_newlink+0x10/0x10
[  528.843731][T15749]  ? __pfx___schedule+0x10/0x10
[  528.845281][T15749]  ? kmem_cache_free+0x2d1/0x4d0
[  528.846841][T15749]  ? __lock_acquire+0x622/0x1c90
[  528.848397][T15749]  ? rcu_is_watching+0x12/0xc0
[  528.849956][T15749]  ? trace_cap_capable+0x18d/0x200
[  528.851589][T15749]  ? find_held_lock+0x2b/0x80
[  528.853080][T15749]  ? __pfx_rtnl_newlink+0x10/0x10
[  528.854686][T15749]  ? __pfx_rtnl_newlink+0x10/0x10
[  528.856264][T15749]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  528.857852][T15749]  ? __pfx_rtnl_newlink+0x10/0x10
[  528.859573][T15749]  rtnetlink_rcv_msg+0x95e/0xe90
[  528.861249][T15749]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  528.862970][T15749]  ? __lock_acquire+0xb8a/0x1c90
[  528.864537][T15749]  netlink_rcv_skb+0x155/0x420
[  528.866044][T15749]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  528.867758][T15749]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  528.869459][T15749]  ? rcu_is_watching+0x12/0xc0
[  528.870968][T15749]  netlink_unicast+0x53a/0x7f0
[  528.872488][T15749]  ? __pfx_netlink_unicast+0x10/0x10
[  528.874127][T15749]  netlink_sendmsg+0x8d1/0xdd0
[  528.875594][T15749]  ? __pfx_netlink_sendmsg+0x10/0x10
[  528.877208][T15749]  ? __import_iovec+0x1dd/0x650
[  528.878738][T15749]  ____sys_sendmsg+0xa95/0xc70
[  528.880473][T15749]  ? __pfx_____sys_sendmsg+0x10/0x10
[  528.882091][T15749]  ? get_compat_msghdr+0x11a/0x170
[  528.883731][T15749]  ? __pfx_futex_wake_mark+0x10/0x10
[  528.885350][T15749]  ___sys_sendmsg+0x134/0x1d0
[  528.886829][T15749]  ? __pfx____sys_sendmsg+0x10/0x10
[  528.888483][T15749]  ? find_held_lock+0x2b/0x80
[  528.890220][T15749]  __sys_sendmsg+0x16d/0x220
[  528.891706][T15749]  ? __pfx___sys_sendmsg+0x10/0x10
[  528.893315][T15749]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  528.895047][T15749]  ? rcu_is_watching+0x12/0xc0
[  528.896477][T15749]  __do_fast_syscall_32+0x7c/0x3a0
[  528.898140][T15749]  do_fast_syscall_32+0x32/0x80
[  528.899848][T15749]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  528.902484][T15749] RIP: 0023:0xf710e579
[  528.903968][T15749] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  528.909902][T15749] RSP: 002b:00000000f50bc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  528.912501][T15749] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000280
[  528.914973][T15749] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  528.917430][T15749] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  528.919856][T15749] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  528.922271][T15749] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  528.924793][T15749]  </TASK>
[  528.925798][T15749] Modules linked in:
[  528.927438][T15749] ---[ end trace 0000000000000000 ]---
[  528.938882][T15749] RIP: 0010:arp_netdev_event+0x180/0x3c0
[  528.940694][T15749] Code: 80 3c 02 00 0f 85 22 02 00 00 48 8b 2b e8 38 91 84 01 48 b8 00 00 00 00 00 fc ff df 48 8d bd 08 01 00 00 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 1c 02 00 00 48 8b ad 08 01 00 00 48 b8 00 00 00
[  528.946767][T15749] RSP: 0000:ffffc90004506f30 EFLAGS: 00010206
[  528.948736][T15749] RAX: dffffc0000000000 RBX: ffff88804d16bc00 RCX: ffffc90028e96000
[  528.951324][T15749] RDX: 0000000000000021 RSI: ffffffff89f50055 RDI: 0000000000000108
[  528.953947][T15749] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  528.956497][T15749] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880238dc000
[  528.959063][T15749] R13: dffffc0000000000 R14: ffffffff902bf660 R15: 0000000000000000
[  528.961590][T15749] FS:  0000000000000000(0000) GS:ffff888097875000(0063) knlGS:00000000f50bcb40
[  528.964534][T15749] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  528.966679][T15749] CR2: 0000000080019680 CR3: 00000000695b9000 CR4: 0000000000352ef0
[  528.969204][T15749] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  528.971921][T15749] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  528.974830][T15749] Kernel panic - not syncing: Fatal exception
[  528.977442][T15749] Kernel Offset: disabled
[  528.978775][T15749] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:30:30  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000e3f8cc RBX=0000000000000000 RCX=ffffffff8b799c79 RDX=ffffed100564663e
RSI=ffffffff8bf52e60 RDI=ffffffff819172f1 RBP=fffffbfff1c12ef0 RSP=ffffffff8e007e08
R8 =0000000000000000 R9 =ffffed100564663d R10=ffff88802b2331eb R11=ffffffff9ad958a8
R12=0000000000000000 R13=ffffffff8e097780 R14=ffffffff9087ad50 R15=0000000000000000
RIP=ffffffff8b7987df RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097775000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008033d018 CR3=00000000695b9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000f8000000 Opmask01=000000000007ffff Opmask02=000000000007ffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 006b636f732e7669 72706e752f646370
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7834302578302074 6e65766520646574 63657078656e7520 3a7325006b636f73
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5d1115005d150551 4b40534005414051 4640555d404b5005 1f5600004e464a56
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0016000000000003 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005581e3800b60
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000200000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 205f65626d650063 632036315f66696f 2064656220650a63 6165202033003662
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 200a0a625f620063 632036205f65626d 2020373320320a63 616520200a003662
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000000a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85562565 RDI=ffffffff9ae599c0 RBP=ffffffff9ae59980 RSP=ffffc90004506930
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b
R12=0000000000000000 R13=000000000000000a R14=ffffffff9ae59980 R15=ffffffff85562500
RIP=ffffffff8556258f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097875000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080019680 CR3=00000000695b9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000005e3e34 RBX=0000000000000002 RCX=ffffffff8b799c79 RDX=ffffed100568663e
RSI=ffffffff8bf52e60 RDI=ffffffff819172f1 RBP=ffffed10039d3910 RSP=ffffc9000047fdf8
R8 =0000000000000000 R9 =ffffed100568663d R10=ffff88802b4331eb R11=0000000000000001
R12=0000000000000002 R13=ffff88801ce9c880 R14=ffffffff9087ad50 R15=0000000000000000
RIP=ffffffff8b7987df RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097975000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055dcfce58000 CR3=000000004b902000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73f2ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000005c430c RBX=0000000000000003 RCX=ffffffff8b799c79 RDX=ffffed10056a663e
RSI=ffffffff8bf52e60 RDI=ffffffff819172f1 RBP=ffffed10037e2000 RSP=ffffc9000048fdf8
R8 =0000000000000000 R9 =ffffed10056a663d R10=ffff88802b5331eb R11=0000000000000001
R12=0000000000000003 R13=ffff88801bf10000 R14=ffffffff9087ad50 R15=0000000000000000
RIP=ffffffff8b7987df RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097a75000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055760889c6e0 CR3=0000000054a98000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000