last executing test programs:

8.718551944s ago: executing program 3 (id=2562):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000280)='%\x00', 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x200000f, 0x4002012, r1, 0x0)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f0000000100))
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$apparmor_task_current(0xffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r5, 0x4068aea3, &(0x7f0000000180))
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000002340)={[0xe2a6, 0x101, 0x4, 0x10001, 0x40, 0x144d, 0xfffffffffffffffc, 0x93, 0x9, 0xfffffffffffffe00, 0xe4, 0x1000, 0x6, 0xd, 0x2, 0x2], 0x3000, 0x385700})
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r6, 0xae80, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000009c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x4b4, 0x324, 0x0, 0x94, 0x1e0, 0x420, 0x420, 0x420, 0x420, 0x420, 0x420, 0x6, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00', {}, {}, 0x6, 0x0, 0x40}, 0x0, 0x70, 0x94}, @ECN={0x24, 'ECN\x00', 0x0, {0x20}}}, {{@uncond, 0x0, 0x70, 0x94}, @TTL={0x24}}, {{@uncond, 0x0, 0x94, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @TTL={0x24}}, {{@uncond, 0x0, 0xe4, 0x144, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @common=@SET={0x60}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'macvtap0\x00'}, 0x0, 0x9c, 0xfc, 0x0, {}, [@common=@inet=@udplite={{0x2c}}]}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x510)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r2, 0xe, &(0x7f00000004c0)={0x400, 0x0, &(0x7f0000000440)=[{&(0x7f0000000140)=""/243, 0xf3}, {&(0x7f0000000340)=""/238, 0xee}, {&(0x7f0000000240)=""/16, 0x10}], &(0x7f0000000480)=[0xfffffffffffffffd, 0x3, 0x8, 0x8000000000000001, 0x874c, 0x0, 0x5, 0x1], 0x3}, 0x20)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x9)

6.451649687s ago: executing program 3 (id=2568):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00'})
socket$alg(0x26, 0x5, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000340)="2bd1598df75c98a6936444aa68d948213365771a20eb8b0338634fc5b0ef9432584af949108856571424758106273e2a06a088a30c2b700286f933c1b5a338e8f15fff2559eb545e1e8cfcb73d18c15dfaf04550bbd479aca9d59f408a7f8647ee014f5c0325ae447fc915d6a5ba5ddd", 0x70}], 0x1}}], 0x1, 0x0)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
socket$unix(0x1, 0x5, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x4004054)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r3, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x31, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x8000, 0x0, r5}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000006380)="c66dd220cbdeb68f27c1f98bf43fd861bcf841572658a3308737983b31a434673f1003eeeb6d9b934bcd19cf754f4882114d61e15354449f763f772e86c9e2252731f7a098faad2accca3e470845b32918bcf530f9474d3cd610d9028cb7b247d3a73d887719f70554d8976c10784c8073e521a80b5ebe7501d6c3b6b5cf9a498a1e97b8201ac756e5f35d71bdd4d196e73cae0cc34c7140cde8380de823e8c76662f0844f549818b5ef6c732b8f412b79273508b69f2e6a653709b4d9bded080b6c15ca5c5b8ff23309e05d460dfb40403f60a3e5a0e1d4e1aa59d53823a047427673267e79d40fdd6f12ef696fe22887d24087373f64987e48ba20e7f47d1f08871e0c22a02593156648fc106c4529d8cf17c71d473f4ad43992b1cdbf5cfaaf1ce401d5ad8b9c6bdc3c60a88a91c52f5aae74a5d25e0cd738fd80169a98b84d4d24a7e86c9d8e4c3e3ff1a9fc44a87558aeb7acbfec13a26a4b121b2cb9ae628c682aa4c44311c45a673bab25880665d6cdf589e5c5415794c4fd6b940e7a44df93a34a684183581c850fbe97ef8c1de852ea836e0db1a104b498d6dd8fdf65c606e772de2e9dfe46a418fac3c0bdd72916c951e3df04f2ae85839305be2a86aebcf4898b6e49c27df6033ad2b8651279ceb20c779716240d3d0fef3bb6c417a8c6f75398a91942d8ab11f21f5795767650a96e246c7244f8e4935e9c01349616a098ae810487d657fd095beee05a36812f39f4266f25f4508e80f19a4aec7116f1d8bc48bc2c1f0f96ff34b66a965d428852766b78f1e7eb0260bbb355cc0859af6988ff7efa0b3fede3d5f2f2147ffae4a5eb58a7585b596270334c360a1547787a95634e13d59bf53f51f48e75a6a3e48f8348f4cb495d9699dfdf8cc71668c5b9622578100f7163394cb3171fc8a6c1e7f88f08b8c3cf4b0cd9a1bc16bd1488ebe43199d97cdf4bbcde8a06a79c5af6ff2ebf1a04add74830cfac0b946514b18de249e934dd8a1a96fce085320fa857c853480170208533acd3d41c4384a932eeccd4ce7d09827efae4c0d19d00c5b48943c4d877017be59434dae6bef767fb9ffd073c2261b06c0f23a0c77a5bcb1f5738dceb6abee00bd7c649f6ebc64b4b8b948319a22ed4add48eedda8a2cd1bad6799e1d9ed778e5ce22d5fead0cd06806cb4b7b5661f9db6bcf9ddcdc9e49e0e6a8ec98fc42c660d5d75311fb9c9d06074611ebbdbea45672dd78760ed92d0e95c1d5ae234d674dc3ffaeef3d928aa4b93c0fe55fa886bd3f2371a5bb22c4dd6b8bc13250490cf279d4e56b646dec4eaa53951d55f602c1f4081d49316f6bcb35aad0453b44c7f266e99838683404859bc372d1df5f1512f35558b3706b32093b72a78a40c8a188852a0b5aca11a34ba23195cb598ca595f243c260392cd793b65dda856f81be1b54d873a0366407ac26687262d6bda693e058f598bde80e304c83dd0c2fd0e634ff15e1ca4e2918bfa8e3a626aee7b5e445aa7fae096595fe58032c993eb06ce49c1045b1f132f2c90d6e23b76076838ad7ed7a6a74245d7ad72b38bdc04e458d3908d1d272f23fe18f68ad746e5440cfbcc3b7ad477dccd6fb2db536df0e4d24480d2765e724ca06cbde7e01cd32e36681796a454c801adc1b25b501cc4aaae778f3783dad15d12e656b09bb3d8f37efc86cc7faea5e51913902faed79ae5973f4413e275f78e7e66099f9e41bd73a07445a780dde0b189308e3b83d1a3cf5aef2d3e11fcad930eb6c60ebb899b22cdbd539412b2371d28a4331394d8f29d8b16f94ffd91d4eb5c278e7f6b4024fcc7af9dfde1b3c915b06dae683760fad05d6638c6389fdd19a9b12956c11e9b9ea7d30e09b13d9f681e012f1e41746341a61b71ac6c333b29883ca2cd1aaa3c02e66c85de1e3b2b7e77b0dd1469ab9db5c17beb2d33862db20fd77de685a1e70ba55b0d9cf4b2d3d1196196b5317324e5f189605baa37493c9586b7e475865b4bb21b335e8b291b9dea17f6afc1cd84618b189567817511de821a866a00b62c62516b716cf55dcf7f5b7d7520306fe03f00cc61b7dc297886459d74bedb8ac1d05cc506db74d018c877da735481c318224fd06f349b59f69b0d2d017c817e5a1f934d263789d418eb69c772d923b01a6a4a6afbba4a6980fbf7cddd84f8e4392eaccb98cdd30488919ea6d492d32f9ca4233649117474f4116f6ca4cb762d524c0f92bbb40d3f430dbd50dba20adda8b4170a73c3b66257c412311a7bd3ea3ecca0da47a7a00ef0a464ee0a4b2402b61db833f3cfe1847b9630de47f331d575f6e3c6fb44a9021700c6d8055ea982a05a5ba6a91a41e7445fdba7ac09202fee733a5c216b3c3090991225b98178508d1985832f8e7dae58482ec0fa2215c935bd0ef9f03c0ed3caf97bf4de023605aa8535f1e88e841471bd8842084c6715a3fd3acd07ec9c43f635e5f868d82cdc6f9424ed978d39e72cc92535c2637164f15e9a67770389535ba46cbf786189562908872274ba126b313bd1c0780e9d0ca38956d1277b58f04eaa1f97ed8c6c83d9c05df0df8b43da930707a84662e480a33d1868edc9ff65368d51fda828ad29ecbd3b2cc0ddb0aad251b4736f872ba5f066617a9e9675ed7f80685544af44c677b9d39a1a353984ea4ccbf36d759b490f8dcd5621e573baaa2c03ef367f543ca5d36d1c9d33d4762bb0b1e02ec67d3511582d69b06a57d15f5260fab5ed8d9361948eabf88d9e776a18c5c4f2d42bb46373861b613db9a91ccff8fbd563ddb37f0738fa1723c23c85cac0f9eb53a41d115fe0339eed3167f59b2f2f0739cf9c0ba5769b18a213d5809bccadecee6e781811bf584c22a6557516d12bd58420f5c67c673fdf0888ab31edcee3198927b5b87a63f89f7a07d1da8cb946f0a87e7d3bb455c888f394d17694378446c9073e54368564dc546b6c930ae17afcc8360cb2e31d87ad8923f60033aa637a399707398ffa51645ab1d9963c29375c834746004ac16d24d8f006e9674e45da3d938de524857c57fd39b22678f39096309527ed22c41677a65a67dc0998a8babc9cb688a56628d09a732773d9019d92399415e93852a12d66ccbfa571837b7689c7cc50026ed643a89c8f1bdef6d01016e6e1c21bb779db52c2254f5dae40ff173943ba62ce343ec035d93d5c92c64884d654777cf6995dd0c485c7c132db383769ae1f35f1980654d2b47e92b1862f653eeb81ada4eed6c9d0fe9da3d7db5dfb4d66b2d576676beddc4394ade2acf55f9ec24aee7c4c77138e799f62deb19367ce226a66715da515479b176c9ca06c739566d279142ce2163b8835c840a3de6e2d275b5d5a948b26ec8faa6cf322c5038fc00fb0a27f0b76b5e305780c9145e99feadf571bf8d87dc93ea0f8ff3bc246b16d4e43256507abc7ccc92e113a037ab13855058ba1e0770b90f52e0740c157d68963b3d236f681454589385c6124bddf948c5aa2e147a3543c301dc6d82acb504f76239c890b7d3d76dbd7c26445ab6fe66f9f71d95f4f0d6c51533ce4b05353ef27178f6b6813366189ff4cc19cc5c9f7aca4d6b6f3b5b213e828cbf8b8b5cacb42ade1fa2594cc4ccd3457a45a5b19926f17b9061c9072fdce96afbd3f2bbecc6dfbdf9d9b3e1a621e65a7cdf0a97cb0223b220b39a88b7414ce91e5fb52f3c9c7e10199ffc8fad826d40a798ecaebbd8881c1605f986bb0af06f416280f63f3a3c28d399d13c21e6d79501cbbfcc9483a73a931e91358807fbebefd39b466cb9f251fa4fc7d5f4fd2d87d4604c9750593d3a801b963085ad7aaa91e023977742b728d292b046d0bd49f81717a686f10096e154681b85aeb81a26fa8f46bf3dfdf5dc7c7ca37aa3da37e53a105be5935640baff476453f53ffcf786894eac35d1933a5e97fb9b6d975f9fbe7914d09dc948d305005eb4aba3a9b8cdefb30dbb3300f46041db06567956ba4327280721addb17425a2b223e81bc41467cb413cebbe16818468eeb5b24b6cd79ec4787f693f3c301e5dd10747bea13bf042d6fde42d18c48fec0e3e43454799da1d5501130fc98917fed27d696ae85a39debdb67d5b3d70a82a2097095476e24211757626c91a29e917796766bc4016456c4acf0436b6c02055778ce7f34e605264f7d6d1321072c4ba341866ac6f78e9b99a30478eb7f09a17f4fb3e23184e878c2f60d2c18617185007841778c7c256750a287ec0bbdd20bd37ab50538e43a5929456d336fb46a04593765b2692ba15e7b71b97788970a7903e12088211098bd356132862a4d586508b4aac077d3acd4f77c67d9066b436d14b20d3e2870cb19cdad5581de2e08da761fc95755c43cf0dc2cff84e6a3a8fa2d0390fcfee285a133b37ac7b2fefd0d3665b1705784187e228579680be97982194329136fb72d8b61cdeaa88f3dfc835ae22167c0130529fe81043b0e1c3aebccb1f4aadc28cb484f850158504439d389d1e559ff424217dc031d422a8b7b51731db75dc541e16fed8fae14f58c1f9c8d0fb91a685245ba558c1aeb243aa728db51c3f3aa6d8f7a4a547b8d95018402283a59a45173e7696f02304954ebfb43c2215f180c8e47e433e5262e279fdb63405c81b0f128b7d6a095ff5f85690331d94d34923a3e8beef5cccbf7b208b2a0aa898f9a32b2f1bb55aca4eaaefcdf09acd871f4b88feb535be87dfdbb5ad45ff3c26a2765230011d90baa4b5d5baaac5519f9013c8fd497d57083403ee6eb0c4e23428cf3846bd34d69840d021196f9a9a4fc101016fe2d4fbf4ec23c11e9d737c5e6d2cc3da7e0981c00ea9df07ed88ab05b7821033b2d311f2fe0525176660d0a33b0eb23a57f5b1d41e2c1698ac7bfe5f59c27792f899fd39610052b705862e798a27084450edfccd180a13d8adf8072430e9305f41b0a67bd1784b6ba9450b1e872794e0b7b55b22a2f649f83270b98d0a0137694fec0d16ec2ebf37c72d9398d231a71e40c912428929a29a433dc0fdcb697f64e07540da92067b1b5a7735fb7fb8ac8da2591fa44b676bbaa32ef5e6cc11f1b2ab3b262d9bc4b2082e081ee50fe71def63cf6e2d588bb8d66a8daa8c8a30ca07d2956463e1affc76003e4bacc632cdeee50098fe80cd7485fefed6eab639d8c42a1357fefae5a5a779fad536474e3bdebf6aab699552e807ffd8a44030f439756748dee9ddf19a6cbf5f75307b03c5ef4185a31a41583fb4ca3699e06319371c5d932d6e5f4e1bf77c02c70564d2140f7510e183ba2fa7ead8a9b8cfb085a9d0fa7dbca7561bd9dc1e5c1a1da0322982ff29c0fa2cc33bea18646445cc59b44965a01570b7b739d730df8f1f2cfe3558e7102de13994d6745ef8f91965265fbe0d29c3f381e1eb9c63242962a4409ddb0a4946ef9ce5b0eda90f8365362681943247a0d87d9b7fbbdd26d4902be34068499b6e2ab2ea746634402e1065c8cb9c32a211d10fc2796f1a7045c59b9cbc4771dbf56a5c38303f93951194d06a1b8cce31dd4869a148ae90a797d09de168e47974ed9699eab3a6424781f481d03cf1046df28b454af02df72c0f56c693343a82f7f383afb3ac452200ff155444010f6c988de71e3fb6f079bc6ac2bfab6ff451242b7e3e70578b8206529816764206d47115cda77b3e356e54f825ec745017ea8c3dcb412523b754b951d19fc075ec66012cceff51da925af9079f547e840c3f2774239cce5fd6533f3ee8d194812de2d4499ef18c4bebfa8d7273307d7aa0ac09e6ebfd95ba99946a585a4bd4afef8bb0b52857e8415a32b42e0a9ccb0749599d7a43cec793b22c96b3de91534c905456b25a5972124b83c7d8f0520cd71c5544e49afab26cccacdb7e112f0af1acbcb2b68760c7538aa6c990814d7cf7bde5ddd618bfd55bfbdd968e53e28f94042fafa2796b5bf2d1be612c81dbafbf90b0728b4b06fe216aab91b8898780ab06cff75be5239c39ac836dbdb5482222e61ff5971ea492c5b5ef509720fc886f8a07a9232653d427d176574c99d65244f1618fdaab109f732e1e1295391a25f9b750c9761bbceb81d316d9f9dcd555afb762191b7e173f06a4d8f4d97ab88b9ae19f6c85c361b8b5cbe91a3493cae594063ed457f3be99772485b34d3308da4e751e58a14cf7c771d8e5be77f88c7567af095caae1eb83d259cea709ea5441047ce96f0e21faf89ed491bba5d0dcc6bc33a07237fbef2fe671447ce14e16a1cae4361938767ce65ecfe0c63e1261cce5fbf603a2537d21b50c9a3a3ed6a7cf112a0586a653b43f813912a226aa4722f7edaf8dda5553efb22721dc71924aa73bf232c2439b1d806d3beaf157442643c81ce2b551b82d63cbcd4195029e2f63aef127ed4df0bffd41665d87213512557ce90ee54fcd01078a6a19085bde6a0343595f540b1ff610bd7a5a2d695bdc5e508cbf544d15cf5920b3e405ef4e10e6651c5ffff039adde2f805143b78916188fec05cadac443c93447d23bb25b0a0cfc787754a20f7efcdee5798de939b758f238f15c23f2622b8ed682378017c8f251dda0261baa33c6262d42d6365e68e85d43a46d92aaf04acee203c09487755df49f07ea1129782b1be0feb6f011bb914266fe2cf5361c377fe33a491089f701ac61bcab2bfa3bbe8bf7b0b834dba1bf187ab78fca751b57f1bddfc670c80d83c34c3461d823d7762b45ff0accc3af21b38137276d4e4d7a5d0a075902865f17f084cfa94cc28f70ee7296e216401b172184df0e060dd61be91efcdbeb03b4a6699c88a16ebb18f3e938cb458a377e29a3f3cbdaaf121e278b691c02b6f0dc775510840b3970b1f905b421a1cb376043cc7511e70e94cc63941ed0f864b4118592878538e12e986b9abaaf2ed588ad5f0e5e0851ffc29ef21aed080eb6f35fa10052f27767d0ddf3fea5a08c14657d68a9c3e6cba422d93a6aff222c40eee9f3c9fcb03a310453b616a80c48646f7d196433736fedcfc2ff4fa1a43bf9f8fc0a0660cf9f79fd0d8e106591a2319cff5eb0a5be578d178e0e184a9eca92991ca63bf1e9c5b1c56dba3c836975a74d9eb9b763ce7c5dc753cde77fb2d048e3656a15f9aa7f9dea249c4a3dc0456b64533513e69861fcb9f4348d78acd5b8ce1f3c41271b8551ba4d5754fbb123862236bc94192a5306c29adb2b0b053cd7d4deaa1be6c61f75bca27b53765a7356dd34a48437d5e5b356d48db64749243fea9b1f44e4625fe7ce820dc9f1a6022d77198e6e917cd4f5e23622d5b3b2fafd4f9be0b85db21371f5d35c7c651a616a8351a02dbfa74f9d273a0eb7d2ab9fca254bd28509b3d6f5420108cabc42d9a5670779dfdfb78afe74cd87fdf8e3be937e6c6981eb88156f5cbc91e4b92f8d65a151ee3307cce381dc189c54a29d21c9fa9f512c50dbc9f1c0ddb43b6b10d5190b8169f9e06f7c60a2103c9c30540e0d1cab8358cf4ddf95d5e26fbed636b2f1f474b7d10426afb5aa21948f7486e0df5275ffa6c091c46c3868703c4e30e1a15a8d27a708b6d5fa7d123f1524c221fb93b5f9f8d87b0286de38c6112a05d1f07706923b531e335db326ff756acf6cf9a5e5352953d112a842d7b2f05d296f644b01bca413f2686dbdea6b2cc6dd8115e22d832af742eb801ee61f6b90f93d227b694fe474385125801d6eb58867c15246faa6c0a1cae0b05f104fb2e97476c73a79185796e0c26bb1b59527aba4b79db6ec99f1650898b996e068329d17b94730cd6ab79a3d77d80e5ed78eecc7d680b5425231357f24c46fd01732052eb18737634915131c7ffcdb0b48a35d8761c402ff5b56aa1a9080b46836e4a888c86d7a260fb6cc2f3b9f68d52201531220bbfe0e7b2890a390acb33831fa1126b88dceb126a555181edbfa4680cadb08d38abe00c91980ce68ab58274ec28eaa697f8a4d7d6db744d8c9daac2035d40a5eb565e12c8be5c2bc1d725f713d45a03ac14ceaf91bb1c5dddcac87553b9d22e23d738742e3bf994412ab153f66ddea53a35c9ec19c555a49ae1aea112a70ddc10201258536ba93ae0dc7fb60d51ffbbe9e96eb8eeea6878e3784dcd686fc0db4516249cdfcb9f6d880fdcf8f86cdadd23ea7455b3b7e3a0e8affc9b61be59814f8e32175c869adaf7dbb5acb4c994e2269d2657011e8751c5c0e6e97e9eda4e8e6c309e842c8ea01c20de3c5f4f6372cc8cb7cdf2b0e3519155e4c662fc8572c36d9d3b7eb3ee19e985bfab9eb20e077c20dec4172e584357cc54f9cd49742e0b31d1fed87812f19efa9ae81ebebb021df0c280aa9790d2f1acb94b38f268ca7861b1da63cbb86daaeac3a5b067c86fc532a1db230a29578563f16dee5b4267f9d474c81c9ad762216452cb3a37c8ed44cbaab2e4b9a9583b134da3a64390fe5f76946879a1757d127e6e10b3b3042de48189350d844ede16134c770dba47cf56483cc14e2cfc93fc11f47cd33b06b720f531efdd1ff1254966b68fc46645ec3b45c2a60427e69ba1d710f25571522ba90622315f9f0cad33f8b1a1053a45aa07964892621ecc9256b7c4e21716e546c235fdb618f339b55c377a30b61a9add4e3b5657e3433a6feaff5b67ef34771ae6d04449b5228b6b99ce7237996b307613d14602d76f21a58a55cdc71a1f348ca18265634f094012bf4eae241df634d7424de578eb4c4199de382f2795c17eefa11ac2ad4625be7263373de4bbe189d42fa51953652d433323b9e6110f00c7cb44e4e7df1e6e1cc421c5cc5e78eac4009824d73b4bf0a0340ebd883acb90e928f6034d6a44edee021abc40726df358ef83429351f46aaf10b63b0a5f4c68bdf4e425f8ce7c6a8ad95dc4874836a56a298f586a602ad7b33350fabaacfda30b80210432dc6b59cb807d50782399624d624bbb5e759c09daec8ab3afbff204f62f94754e377cca96b00ba4842d52d8f12a5ce7d1dd81b760c1c5392f739d91f8bdc8c290090fc6e3221ee69abd2648b6c7a818e8a0d04ffd83464f7b26002e4d5614392848205fc0e766713e4c65f46ec2f9d221e98fdeaa5c329d8a0e7481690164fa1ad829ce9dd2eec2fe92231b33415c3f564161353ea7f823e3dc97c9e905f40d693082be719aff77b3b35a832ed3fc16e3bf57305fbabfbbadea1d33ece1f05ba482d3dcc391e0c709c02c335a6289a8deb035fd5b99edde61f0d936631e21251eb65c1dc23574a7a8f9ba8fd0b6c958ee146954cdab3daf90c17ffe92aef5390b4e19d32fef469e9e60ef8ea16af6b66dab7de1d6ddfeeb602cd69d8f32e4d5f06bfaebe7f000d62abc793ad34d77d1369c63785e93c2ff205769589011208ed6affc73dda9287bc8f4d9e27d33038b699431f56285f92fd9f02e78745fcdca4a4840dcfc307bf8f1806146d954ed5ccc8a66edf2179e2a5356624b3b30f8f78839ddc9940794acce40290e5eb73dbb52fe1c633e88d1492aedc69b351912a0890b63eda0d8756a5b7c47c740fcd73a0f419fa363fbf0cd3fcdd38f0fd055627932c998421f086ee0cbe0520b2f2fd6d38fce1575a2c90fef9f81aa23fc7c4c5625d6f46fbfd02ac31cd1620a92c43b7884e4a050e5ef5bb9b8f9825a159bb0370c828519ef71090e09ab43ff2bd2cc75563fb9073eadcfd869f0d9b6986e4320b1986ce3f19a3f5dce202f8c13757726e5d6a9fc9e2b0b357625362fb873709fb307ee51bc58494857fdd3811f6a8aee0086b0a62da4e327c698e5639e373567d5eefc76e0d6725272527cdbc01a2b40e7511ac986e32bb7e48558756dca3b944855fd9dfdbb2358a52e53769817cad50af13d8a5941c41f6bd121cb267acdc461c500855c6f6c0750367c62dd32fa41595a6070e728f1915bab951e5536ff8230a0608ac96c2e19a5c1415209a3774c091174f575bc937d544d495370294aaffc5e6be76364c7a212bbb4ec7f3bd38db75a159b68e2b3075ae6bb68ffa02e6bfb42553b505da20f133b2855572b7e6f8f3de240d9ab1ff32b3d9825f087774f4932024be806b78f059d4b3b40414df456aef405d1cffb2f3604834dae38932d830298df7045d404f005f5edf81061850808d4998f6ce80bc7569081765875d908d4b6a0edcb434317543a4f5954a5e0e5b7c4da75cb369e2810e2aebf950b973ad3380bca5d0de8311e59a6ed3f01d8f7c1b39060fddc7ac1febe659626ed7ad27dcee7b3d409b9f84e4f55ceb2e462f55627857f8c485c35c9abdc2fa87c4281365790ecdf1971f3a285ea0bb2038ae91d927729f4bf847bf0fc724b002cb029d2a57b89218bd4a763ab01902b7b48cb609cf3b9ad8fb568aef0ceff20c5def1a4faee11d33d304e2227b83f3ab06f0b9fa5502b1d9c6fe2a34bf9abb9a5b13928800149488cead47e48c754c75a061d5ea8a515f7f55611b0c048b88c9772ca4b1eb3d6fc931801990f1611e9b1171223527dceccfe8cfd72600a88a8486e088e21c30b997af1b60b55bc5443cecb18c2dcf54dbca3ac34f10ad2be9d755679519bb674b42904be579df62436bcf06de4cfd636d592840d674d11195edeb4dfe61370e9a9453378957fdecf2115ee008224fb8c97fcd051ddb1ed8d0419b950f2cd085bf1debaafb2a46cf65be863939cffde741797fdf64c17f3b447464be0e6bb90324c4c65b3cf66958a15d537a1675dffbc4e41f7a6c92ed27c5ef0dd0dcce6f96225b4e0ece510ce00f9611e395215e116026499dce3417cee3fbde0106b2a6fbd5937423124f6549c2206afc2ad1df5bedcc5e1371ed2b9f09f76576589450b09dd990811c59c3f848c1a4fccdfe686968903edffbc010eb73f55ac5a675fa3db70db12c826c8b7360617d8abeacefa6e2a8da62e4f304543cc9217fe1b0ec4fb044ca849802c4a140b91cc056d566c8670e4600941a54b2eb8643ff206c3401c0bd9838a025545227ae3e6bcb47fa3dcd1b40d8a0917f63744fb1ec2b72211c6cfda13248b2d0b4232e4fe7015cc42d4928f07ca9161640102f22236cca7ca3b81ffc81c4ff20532b5203e0d94771b8d0ec70e637135fdbb788fa8b4704e11d3c6083a45f51efd8560c0e63435516586aa82eaa998c140767d3ce35491e301c12f74583c61cd4d2ef1caa6fea3e353637cdeb3332d964155c9d32f826829a7174ab06c44e32063e46ce742b7027cffb8999302b602949c60496a0bf3c7cdf859d4ba51102674414867af614cffb88ac177dfbdb6131f7370dcb851002cec1742fb1561257716850c9ed3b075a6c023bcf05b5d580ac8e5d7ab7e5b1723212c681989e5f91958b635e0d076634584920c1b98d7f6ea0ddded6be9eb74de778b3c57c36b18e0c56c3a051014e09fac70ce6a7b0f042f5eeca8b8885e500bcb41f6fd974e5f6888859abdf3600706a3de9fce060c3069600c63106aff24210461c5d3423fa4e350041fd166902ad86bdba8cf965917f7e3ab019e1911d8013dad576465319c4e04b89b5ee1d07f54705718592d6aa453558294743daa8dba33159fb0e291829ac220562b007597e067e5f65841563673b69cc1d549f50e9efbdf256d797fe8c7d09596c167a45d", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r6, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)

4.74184833s ago: executing program 0 (id=2572):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x6, 0x80, 0x42}, 0x48)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000040)="1002d7d957c9dc8dda937c7b61567297207adb3029e20544ec044c2fbb6bf865c9331165cb94d9fcb78cb57f9b40b11393c0030046c2e390f91dbd9ddf7accf1295f9abfb2b534ba", 0x0, 0x48)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
mbind(&(0x7f0000ff6000/0xa000)=nil, 0xa000, 0x4002, &(0x7f0000000000)=0xfffffffffffffffe, 0x3, 0x0)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_io_uring_setup(0x24fc, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_setup(0x3087, &(0x7f0000000340)={0x0, 0x2, 0x0, 0x0, 0x4}, &(0x7f0000000040)=<r5=>0x0, 0x0)
syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x0)
r6 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x0, 0x12, r6, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
openat$apparmor_task_exec(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0)
r7 = gettid()
ptrace$getenv(0x4201, r7, 0x6, &(0x7f0000000180))
syz_open_dev$video4linux(&(0x7f0000001180), 0x7, 0x0)
eventfd(0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')

4.50099584s ago: executing program 2 (id=2574):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x24}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x60000000}, 0x70) (async)
r0 = socket(0x200000100000011, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) (async)
close(0x4) (async)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000180)=""/45)

4.415737511s ago: executing program 2 (id=2575):
epoll_create(0x1a)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000ff0000000096080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa40000100000000704", @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)

4.366817842s ago: executing program 2 (id=2576):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='devices.list\x00', 0x275a, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r1, &(0x7f0000000080), 0x76e5467)
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000001200)={@mcast1}, 0x14)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}]})

3.968848694s ago: executing program 2 (id=2578):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0))
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r1}, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 1)

3.198646253s ago: executing program 3 (id=2580):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1, 0x4, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1}, 0x48)

3.128627112s ago: executing program 2 (id=2581):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioperm(0x0, 0x0, 0x1)
r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
openat$cgroup_int(r1, 0x0, 0x657, 0xfeffffff)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000a80)=@filter={'filter\x00', 0x4, 0x4, 0x50c, 0xffffffff, 0xe4, 0x22c, 0xe4, 0xfeffffff, 0xffffffff, 0x444, 0x444, 0x444, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa4, 0xe4}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x4}}}, {{@ipv6={@private2, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xec, 0x148, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, {{@ipv6={@empty, @mcast1, [], [], 'ip6tnl0\x00', 'dvmrp0\x00'}, 0x0, 0x1f4, 0x218, 0x0, {}, [@common=@unspec=@conntrack3={{0xc4}, {{@ipv6=@remote, [], @ipv4=@local, [], @ipv4, [], @ipv4=@dev}}}, @common=@srh1={{0x8c}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev, @private1}}]}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x568)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000002c0)='cdg\x00', 0x4)
listen(r5, 0x0)
close(r5)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000210001050000fcffffff000002000000050025c4f9ff000008000100e000000208000b"], 0x2c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffd, 0x0, 0x0, &(0x7f0000000180))
io_uring_setup(0x900, &(0x7f0000000200)={0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, r1})
socket(0x11, 0x800000003, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='xdp_bulk_tx\x00'}, 0x10)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
chdir(0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)

3.128078164s ago: executing program 3 (id=2582):
ioctl$I2C_PEC(0xffffffffffffffff, 0x708, 0x6)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
gettid()
fchdir(0xffffffffffffffff)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x2000000, 0x0)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000380))
bind$tipc(0xffffffffffffffff, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x954001}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x81, 0x1}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x400c004)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
openat$sysfs(0xffffff9c, 0x0, 0x0, 0x0)
sendmsg$tipc(r3, &(0x7f0000000540)={&(0x7f0000000200)=@name, 0x10, 0x0}, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="1400", @ANYBLOB="001b29abfb965da6f01930e8b66f8d3a7e693b188251816eefa231916d7bf1c2a1f3a2cec42ef62625884b3ff67090dc5fded8bef35114e4e9616d5e7caefd1c9defb5d9c15852569e1a4c0ae5cbec3c773a099c4f0f09b056ef66eb928c2cee4bd44b6a3c5c4c198b", @ANYRESOCT=r4], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x8048805)

2.523803047s ago: executing program 0 (id=2583):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
r3 = openat$yama_ptrace_scope(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
sendmsg$unix(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="94", 0x1}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000100000001000000", @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYBLOB="280000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r1, @ANYBLOB="180000000100008002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0], 0x58}, 0xc1)

2.448746531s ago: executing program 0 (id=2584):
r0 = getpid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d00000067000000050000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuset.memory_pressure\x00', 0x275a, 0x0)
ioctl$FS_IOC_MEASURE_VERITY(r2, 0xc0046686, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket(0x0, 0x3, 0x0)
syz_emit_ethernet(0x38, &(0x7f0000000200)=ANY=[@ANYBLOB="0180c20000000180c200000008004900002a004000000000907800000000ffffffff"], 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r4, &(0x7f0000000040)=ANY=[], 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab97fc979fd1e00d96072000001ea89de2b7fb0900000080b8785d9600010000000000eeffffff00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177c54e98dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x0, 0x8]}}) (fail_nth: 1)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'hsr0\x00'})
socket$packet(0x11, 0x3, 0x300)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, &(0x7f0000000100)=0xcf5)

1.288748675s ago: executing program 0 (id=2586):
epoll_create(0x1a)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000ff0000000096080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa40000100000000704", @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000700)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)

1.028762653s ago: executing program 0 (id=2587):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='1', 0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x0)
mknodat$loop(r2, 0x0, 0x1000, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x109080, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
close(r3)
ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605)
socket$inet(0x2, 0x0, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f00005f5000)={0x0, 0x0, 0x0}, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, r4}, './file2/file0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01001c000000008000001000003c080007000000000818000180140002006e657464657673696d30000000000000080008"], 0x3c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000100))

835.611364ms ago: executing program 1 (id=2588):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1800000052000195ac9078000000000002"], 0x18}}, 0x0)

786.049534ms ago: executing program 1 (id=2589):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
r3 = socket(0x1e, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="b40000001900010000000000000000001d0109004d0011809ed61b77d9f16a96c594a18344b265ba7f20e413597129961ed189d6343391c4854d66a1452ed6b21920c796c4fb58a76f04811e8a7bda7af3bdb21fcab2d6ca22909ed50d080000000000004d0012803b6f2811032d68bea0612044f47c2842b277eb4bc53070416c6050e46d2e0d055c97c9e7f9bf0bafe4af56eba9024644942e3645a3e6d2273b51a237f20000003fae35cfbc5017dca5"], 0xb4}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xff16)
write$FUSE_DIRENTPLUS(r2, 0x0, 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
stat(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
getresgid(&(0x7f00000004c0), 0x0, &(0x7f00000005c0)=<r5=>0x0)
getsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000700)={@empty, <r6=>0x0}, &(0x7f0000000740)=0x14)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x58, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0xfffffffffffffcf8)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000700)={'veth0\x00', <r10=>0x0})
sendmsg$can_raw(r8, &(0x7f0000000400)={&(0x7f0000000300)={0x1d, r10}, 0x10, &(0x7f00000003c0)={0x0, 0x10}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000980)={'gre0\x00', &(0x7f0000000840)={'sit0\x00', <r11=>0x0, 0x80, 0x8, 0x10000, 0x0, {{0x26, 0x4, 0x3, 0x7, 0x98, 0x100, 0x0, 0x85, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x15}, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp_prespec={0x44, 0x24, 0x37, 0x3, 0x9, [{@remote}, {@dev={0xac, 0x14, 0x14, 0x2c}, 0x9}, {@loopback}, {@initdev={0xac, 0x1e, 0x1, 0x0}}]}, @ra={0x94, 0x4}, @lsrr={0x83, 0x17, 0x0, [@private, @private, @remote, @broadcast, @dev]}, @timestamp_addr={0x44, 0x44, 0x6d, 0x1, 0x1, [{@loopback, 0x1}, {@local, 0x7}, {@rand_addr=0x64010100, 0xb}, {@loopback, 0x800004}, {@broadcast, 0xf}, {@multicast1, 0x1}, {@empty, 0x5}, {@remote, 0x3}]}]}}}}})
r12 = socket$inet(0x2, 0x2, 0x0)
sendmsg$inet(r12, &(0x7f0000000600)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000180)="080027226da0d6c1", 0x8}], 0x1, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @private}}}], 0x20}, 0x31c467c443849ffc)
r13 = memfd_secret(0x80000)
sendmsg$AUDIT_TRIM(r13, &(0x7f0000000580)={&(0x7f0000000280), 0xc, &(0x7f0000000540)={&(0x7f00000002c0)={0x10, 0x3f6, 0x20, 0x70bd29, 0x25dfdbfc, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000bc0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000c00)=ANY=[@ANYBLOB="98010000ffd200a4d8c06b4d23f669fa4bae166d0c7f3a9ac17ab83462d0f812", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fedbdf250d00000038000180080003000200000008000300010000001400020064756d6d79300000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000300010000005c00018008000300000000000800030003000000080003000200000008000300000000001400020062617461647630000000000000000000140002007465616d5f736c6176655f310000000008000100", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="4000018014000200626f6e645f736c6176655f300000000014000200766c616e300000000000000000000000140002006e657464657673696d300000000000002000018008000100", @ANYRES32=r10, @ANYBLOB="1400020067656e657665310000000000000000002c0001801400020070696d726567300000000000000000001400020064766d7270300000000000000000000014000180080003000000000008000300030000002c000180080003000300000008000300020000000800030002000000080003000300000008000100", @ANYRES32=r11, @ANYBLOB="2400018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="08000300010000000800030000000000"], 0x198}, 0x1, 0x0, 0x0, 0x80}, 0x10)
setregid(r4, r5)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0, <r14=>0x0}, &(0x7f0000000380)=0xc)
chown(&(0x7f0000000040)='./file0\x00', 0x0, r14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000d400000010000000350000000000000095000000000000005727f060e0b274e73dbd0f85d0cd2a1fc5c546297f000000d870402345f4cd32986892c237bec9e7604d0ffcf86e2f89820d233697b0f0a23c7aa27429916b566f48ced9dba83f1d32743dfadedcb674e0a75cacbbc0df8d43627b0bacfed05f3df0f47d5114c516c44048712b753711651d760ccfd477785226b6e714aaa5c94145e2c8061d1b877a4831fc946568a845c36344c25056aecc0d902c9fc6b03e0f5d7d28"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x80)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1800000052000195ac9078000000000002"], 0x18}, 0x1, 0x0, 0x0, 0x4000060}, 0x0)

688.582765ms ago: executing program 1 (id=2590):
openat$fb1(0xffffff9c, &(0x7f0000000000), 0x80, 0x0) (async)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400894fb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$phonet_pipe(0x23, 0x5, 0x2) (async)
mkdir(&(0x7f0000000680)='./file0\x00', 0x0) (async)
landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3f}, 0x46, 0x0) (async)
syz_emit_ethernet(0x36, &(0x7f00000000c0)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @timestamp}}}}, 0x0) (async)
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x0)
poll(&(0x7f0000000080)=[{r1}], 0x1, 0x0) (async)
sendto$rxrpc(r1, &(0x7f0000000380)="f62a92b3c70688e39f08e6841a21140ce92cb1ea075c63eaaed0398651fcf7407e90a71e52fee3c89839d42a14e753218aae9beba812f77752a6f157c244bd650089289bd681e73d20ec572158be0213d83214f071e52eb43bea64f44887f3b7428fc40a94827ca809813235de403525c02c256c0243e40091c011a91a3ef121d95cfd1ff4be96577a6011018df62b80e23022cee2d771c90f4a626f5b4df75e3a7cd0c69a325a719feeaa87cdc2f903c7113ed15af0a59c0bb78377d8908bfc8a2e32aeab60da1024c0ac9b920aad077314a428c3a63ea2a32ea2b3b990", 0xde, 0x44000, &(0x7f0000000000)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0x5, @private2, 0x200}}, 0x24) (async)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000040)="4dc07f94", 0x4) (async)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000002c0)="fc35", 0x2}, {&(0x7f0000000300)="2b84c2a412b6bb9c91169d149757acf5bc60d4f194cd18ed5a855bb7f3bacbdfa3cdb838181905e5d4f5cc8c644cc4f95ac94463692e0dadcb8cda6a0fdeb27cd46270874904340164a11b73cec29cc440ee51612af3abd1130667b5c346f16defdd41abcd925ed21324cb", 0x6b}, {&(0x7f0000000740)="b5415ba4b6bd", 0x6}], 0x3}}], 0x1, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
r3 = openat$vcsu(0xffffff9c, 0x0, 0x6001, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000180)={<r4=>0xffffffffffffffff}, 0x13f, 0x4}}, 0x20) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r3) (async)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$inet6_mtu(r5, 0x29, 0x17, &(0x7f0000002340), 0x4) (async)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x20000001)
write$RDMA_USER_CM_CMD_ACCEPT(r3, &(0x7f0000000200)={0x8, 0x120, 0xfa00, {0x3, {0x0, 0x40, "b5f4f030b109b135f356f1c2aaecd1e028013c31311047f5889c445e8056806dd67e345550e58dfc06697ea5a538f72d6f6c896800a9bf7ef140ed60c131a37ea4dd83c11b3d58f8dfdf038b699af6518ce8ceb2907a80dbc64f41266296fd7b8e0732abfbb26a824917a49f737401ce58fa7f6d31b1db4acc1ef268c331627ef2cbe4969d0fd8570b45b1efddd50133a801b5a48b56acb7dae044e5e55f62fb095ad7c9ae5372eb7b7c2b0614630aced78e96ffcdf08a54e421c76f080d46f2c6fd9c99c563599b55f50d2c390b236546c860e3ee4252927f436423038fea61f555b466e67df29e9ec611c47dca0ae14ce053f2528a93fd2808b576077b5e32", 0x1, 0x0, 0x3, 0x4, 0x1, 0xbd, 0x9, 0x1}, r4}}, 0x128) (async)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r7, 0x18) (async)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

628.830606ms ago: executing program 1 (id=2591):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x200, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r2 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e20, @remote}, 0x10) (fail_nth: 1)

478.102672ms ago: executing program 0 (id=2592):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000002f00)=ANY=[@ANYBLOB], 0x14}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
getpgrp(0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0xfffffffffffffd1e)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1d, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="b3369fa6283d0e790d08b1f4e9ea6115f54024d93ffda417a9e09f6dad7731158c2fdfe6f389f158a465d2485e393de9fd006ae536d9315749dc289000be97b290df15c6cf8b33e930c08bf518444daeabe570e6264433ac75805c9fb734ed5731196a4cf77100000000000000", @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='totmaps\x00')
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
creat(0x0, 0x0)
sendmmsg$inet(r2, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r4 = dup(r3)
getsockopt$IPT_SO_GET_INFO(r4, 0x0, 0x40, 0x0, &(0x7f0000002600))
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x16, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413fcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff4175b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x14)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x5)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x100000, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

461.576877ms ago: executing program 1 (id=2593):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "ff00f7000000000000000000af88008300"})
syz_open_pts(r0, 0x141601)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r3, 0x0, 0x0)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000800)=[{&(0x7f0000000480)=""/218, 0xda}], 0x1, 0x10001, 0x0)
timer_delete(r2)
getdents(r4, &(0x7f0000000100)=""/60, 0x3c)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/fib_triestat\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x0, 0x300)
mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
socket$inet6(0xa, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
read$msr(r6, &(0x7f0000032680)=""/102384, 0x18ff0)
r7 = dup(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, r7, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', 0x0, &(0x7f00000002c0), 0x0, 0xfffffffffffffffe)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x10, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000800)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000140), 0xfcb8)
socket$can_bcm(0x1d, 0x2, 0x2)

283.076335ms ago: executing program 1 (id=2594):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1a003})
r1 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r6}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='xen_cpu_load_idt\x00', r6}, 0x10)
getsockopt$inet_udp_int(r5, 0x11, 0x65, 0x0, &(0x7f0000000340))
r7 = openat$iommufd(0xffffff9c, &(0x7f00000003c0), 0x6a081, 0x0)
ioctl$IOMMU_VFIO_IOAS$CLEAR(r7, 0x3b88, &(0x7f0000000400)={0xc})
sendmsg$key(r4, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0)
r8 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000040)='source', &(0x7f0000002280)='//\xf2b\x06\b\xba\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b//\\\x00\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x97\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8DD\x9bp\x01\xcc:\xa6\xc5n\x9f\xfb\x81 \x10\x0fQ\x90}Zd\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3V\x9c\x8c\xf8\xf7\xe2\xd5\x8bE\xee5\x00\xaa\xd5\xfc\x1b$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\xec\xac\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xec\x9es\xee\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\x00\x00\x00\x00\x00\x00\x00\x00_\tN\xfd\xa2\xc2SPu\xe7\xc0+SL\xa1', 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c000000030800000000000000000000000000000900010073797a31000000081d00048008000340000000000800054008000000080007"], 0x3c}}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="7800000039000900000f0f000000000001000000040000000c000180cafc080005470000080002"], 0x78}}, 0x0)

245.174854ms ago: executing program 2 (id=2595):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001439)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0x4004743d, 0x2000000b)
ppoll(&(0x7f0000000180)=[{r2}], 0x1, 0x0, 0x0, 0x0)
close(r1) (fail_nth: 1)

164.190975ms ago: executing program 3 (id=2596):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x0, 0x4, @loopback={0x0, 0xac141400}}, 0x1c)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$UFFDIO_CONTINUE(r2, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1})
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)

0s ago: executing program 3 (id=2597):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)=@newqdisc={0xd0, 0x24, 0x20, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x5, 0xe}, {0x4, 0xc}, {0x8, 0xffe0}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x1}, @qdisc_kind_options=@q_fq_pie={{0xb}, {0x3c, 0x2, [@TCA_FQ_PIE_BYTEMODE={0x8, 0xb, 0x1}, @TCA_FQ_PIE_MEMORY_LIMIT={0x8, 0x8, 0x80000000}, @TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0x209a}, @TCA_FQ_PIE_BYTEMODE={0x8, 0xb, 0x1}, @TCA_FQ_PIE_ECN={0x8}, @TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0x4}, @TCA_FQ_PIE_ECN={0x8, 0xa, 0x1}]}}, @qdisc_kind_options=@q_pie={{0x8}, {0x34, 0x2, [@TCA_PIE_ECN={0x8}, @TCA_PIE_LIMIT={0x8, 0x2, 0x8000}, @TCA_PIE_TARGET={0x8}, @TCA_PIE_BYTEMODE={0x8, 0x7, 0x1}, @TCA_PIE_TARGET={0x8, 0x1, 0x6}, @TCA_PIE_ECN={0x8}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x7}, @TCA_RATE={0x6, 0x5, {0x0, 0x4}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}]}, 0xd0}, 0x1, 0x0, 0x0, 0x8080}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r2=>r0, {0x2}}, './file0\x00'})
r3 = dup(r2)
getsockopt$XDP_MMAP_OFFSETS(r2, 0x11b, 0x1, &(0x7f0000000240), &(0x7f00000002c0)=0x80)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000300))
r4 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000340)={0x5, 0x7fff, 0x800, 0x3, 0x4, "a19d12d2281aa0a7039d46518f9ad3fde77eb6", 0x8000})
sendmsg$AUDIT_ADD_RULE(r3, &(0x7f0000000840)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000800)={&(0x7f00000003c0)={0x434, 0x3f3, 0x200, 0x70bd28, 0x25dfdbfb, {0x5, 0x2, 0x37, [0x0, 0x0, 0x35c1, 0x2, 0x1, 0x80000000, 0x81, 0x8, 0xf, 0x8000, 0x1, 0x400, 0x7, 0xfffff001, 0x3, 0x6, 0x4bdd, 0x4, 0x80000001, 0x5, 0x6, 0x60be, 0x5, 0x9830, 0xd3, 0x1, 0x4, 0x4, 0x98ae, 0x9, 0x0, 0x9, 0x4, 0x0, 0x81, 0x4, 0x1, 0x5, 0x140000, 0x1c, 0x77c4, 0x7a, 0x4d, 0x29, 0x5, 0x1, 0x4, 0x8, 0x4, 0x80000000, 0xfff, 0x5, 0x0, 0xc598, 0x4, 0xffff, 0x8001, 0x2, 0x80, 0x7, 0x0, 0x1, 0x0, 0x85d8], [0x6, 0x5, 0x4, 0x80000000, 0xfff, 0x7, 0xea, 0x8, 0xa, 0x1, 0x2, 0x4, 0x1, 0x7ff, 0x4b1e, 0x29d, 0xa, 0x1, 0x8, 0xb, 0x4, 0x2e7, 0x6, 0x6, 0x6d, 0x9, 0x0, 0x4bbc, 0x5476, 0x1, 0x100, 0x3c, 0x9, 0x7, 0x9, 0xa, 0xe7, 0xfd, 0x5, 0x80000001, 0x6602, 0x40, 0x5, 0x5, 0xffff, 0x1, 0x0, 0x7f69, 0x81, 0xb, 0xfd, 0x1, 0x3, 0x5, 0x557f, 0x1, 0x1c000000, 0xe00000, 0xffff588c, 0x7, 0x1, 0x0, 0x0, 0x5], [0x1, 0xd, 0xaa, 0x7, 0x10000, 0x8, 0x0, 0x5, 0x1, 0x2, 0x7ff, 0x0, 0x9, 0x4, 0xb, 0x6, 0x7, 0x39, 0x7, 0x3, 0xf7c, 0x3, 0x10000, 0xffffff00, 0x8, 0xa3, 0x9, 0xf0, 0x4f, 0x4, 0x885f, 0x5, 0x4, 0x5, 0x8, 0x48254460, 0x3, 0x8, 0x5, 0x1, 0x101, 0xfffff68d, 0xffffff00, 0x0, 0x2, 0x8b24, 0x3, 0x10, 0x5, 0xfffffff9, 0x19, 0x60, 0xfffffffd, 0x7, 0x27, 0x2, 0x5, 0xd4, 0x4, 0x3, 0x1ba, 0x9, 0x8000, 0x24000000], [0xaad, 0x7, 0x7fff, 0x7fffffff, 0x100, 0xb63, 0x0, 0x0, 0x4583, 0x1, 0x100, 0x1ff, 0x9, 0xf, 0x401, 0x6, 0x1, 0x8, 0x18, 0x0, 0x0, 0x9, 0xfffffffb, 0x2, 0xf, 0x5, 0x5, 0x8, 0x61, 0x5, 0xfffffff8, 0x6f, 0x0, 0x6, 0x2, 0x1, 0xd1e, 0x24452352, 0x2, 0x401, 0x3, 0x6, 0x7d10, 0x9, 0x1000, 0x7ff, 0x1, 0xba7, 0x80000000, 0xffffffff, 0xaa7, 0xf, 0xb51, 0x6, 0x80000000, 0x80000001, 0x80000001, 0xca1, 0x7, 0x0, 0x6, 0x7, 0xffff7fff, 0x10000], 0x13, [':\x00', 'batadv0\x00', '\x05[\xc1&}[\'}\x00']}, ["", "", ""]}, 0x434}, 0x1, 0x0, 0x0, 0x880}, 0x0)
openat$sequencer2(0xffffff9c, &(0x7f0000000880), 0x10800, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40046602, &(0x7f00000008c0))
socket$inet6(0xa, 0x3, 0x3)
splice(r2, &(0x7f0000000900)=0x7fff, r4, &(0x7f0000000940)=0xfffffffffffffff7, 0x9, 0x1)
r5 = openat$urandom(0xffffff9c, &(0x7f0000000980), 0x20c041, 0x0)
ioctl$RNDCLEARPOOL(r5, 0x5206, &(0x7f00000009c0))
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
close_range(r6, r2, 0x2)
userfaultfd(0x1000)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000a40)={'filter\x00', 0x7, 0x4, 0x3b0, 0xe4, 0x0, 0x1c4, 0x2d0, 0x2d0, 0x2d0, 0x4, &(0x7f0000000a00), {[{{@uncond, 0xbc, 0xe4}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x218f, 0x7, 0x2}}}, {{@uncond, 0xbc, 0xe0}, @unspec=@CONNSECMARK={0x24, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="3ca5831f8f8b", @empty, @loopback, @local, 0x2}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x3fc)
stat(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000f00)={{{@in=@loopback, @in6=@dev={0xfe, 0x80, '\x00', 0x21}, 0x4e22, 0x0, 0x4e24, 0x3, 0x2, 0x20, 0x0, 0x6, r1, r7}, {0xc6, 0x3, 0x4, 0x3, 0x1000, 0x2, 0x4, 0x6}, {0x3ff, 0x45b2, 0x800, 0x5}, 0x9, 0x6e6bba, 0x1, 0x1, 0x3}, {{@in=@multicast2, 0x4d5, 0x3c}, 0x2, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3502, 0x4, 0x2, 0x1, 0x1, 0x9, 0x7ff}}, 0xe4)
r8 = io_uring_setup(0xcb2, &(0x7f0000001000)={0x0, 0x4ec6, 0x1, 0x3, 0x100, 0x0, r2})
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f00000011c0)=[{&(0x7f0000001080)=""/184, 0xb8}, {&(0x7f0000001140)=""/119, 0x77}], 0x2)
fcntl$F_GET_FILE_RW_HINT(r6, 0x40d, &(0x7f0000001200))
ioctl$sock_inet_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000001240))
ioctl$sock_FIOGETOWN(r6, 0x8903, &(0x7f0000001280)=<r9=>0x0)
r10 = openat$fb0(0xffffff9c, &(0x7f00000012c0), 0x40, 0x0)
kcmp(0x0, r9, 0x0, r0, r10)
bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x13, 0xe, &(0x7f0000001300)=@raw=[@exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}], &(0x7f0000001380)='syzkaller\x00', 0x3, 0x5c, &(0x7f00000013c0)=""/92, 0x40f00, 0x2c, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001440)={0x4, 0x8, 0x4, 0x4ee}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xa2c}, 0x90)

kernel console output (not intermixed with test programs):

6329][T13524] netlink: 468 bytes leftover after parsing attributes in process `syz.2.2154'.
[  725.648354][T13521] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  725.802000][T13526] net_ratelimit: 1 callbacks suppressed
[  725.802021][T13526] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  725.934803][T13529] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  726.982643][ T5399] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  727.061029][T13548] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  727.197043][ T5399] usb 7-1: Using ep0 maxpacket: 8
[  727.200968][ T5399] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  727.205398][ T5399] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  727.209558][ T5399] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  727.222662][ T5399] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  727.229531][ T5399] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  727.235578][ T5399] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  727.239291][ T5399] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.480201][T13542] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2157'.
[  727.538351][T13555] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2157'.
[  727.702640][T11025] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  727.884140][T11025] usb 6-1: Using ep0 maxpacket: 16
[  727.894104][T11025] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  727.898745][T11025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  727.920782][T11025] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  727.951458][T11025] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  727.954720][T11025] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  727.957875][T11025] usb 6-1: Manufacturer: syz
[  727.969907][T11025] usb 6-1: config 0 descriptor??
[  727.972308][T13557] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2161'.
[  728.207285][T13558] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  728.407048][T13553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.412051][T13553] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  728.684109][T11112] usb 6-1: USB disconnect, device number 21
[  728.699395][T13564] netlink: 468 bytes leftover after parsing attributes in process `syz.0.2162'.
[  729.113369][T13569] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  729.457879][T13575] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  729.720768][ T5399] usb 7-1: usb_control_msg returned -71
[  729.724857][ T5399] usbtmc 7-1:16.0: can't read capabilities
[  729.731747][ T5399] usb 7-1: USB disconnect, device number 15
[  729.876258][T13578] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  730.836467][T13596] netlink: 468 bytes leftover after parsing attributes in process `syz.0.2170'.
[  730.881611][T13596] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  731.310569][T13601] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  731.913922][T13607] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  732.189713][T13610] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  732.261052][T13614] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2175'.
[  732.343665][T13616] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  732.999708][T13627] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  733.276475][T13634] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2178'.
[  733.413662][T13638] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  733.447758][T13637] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  734.383726][T13651] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2180'.
[  734.417088][T13655] netlink: 468 bytes leftover after parsing attributes in process `syz.1.2182'.
[  734.475449][T13657] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2180'.
[  734.525921][T13658] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  734.547712][T13649] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  735.461887][T13668] netlink: 468 bytes leftover after parsing attributes in process `syz.2.2184'.
[  735.575259][T13672] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  736.535535][T13680] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  737.603031][T13694] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  738.761248][T13709] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  739.744731][T13717] netlink: 468 bytes leftover after parsing attributes in process `syz.0.2194'.
[  739.965853][T13721] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  740.498267][T13728] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2195'.
[  741.448316][T13744] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2199'.
[  742.581572][T13751] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  742.738705][T13759] netlink: 468 bytes leftover after parsing attributes in process `syz.1.2202'.
[  746.090933][T13794] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2210'.
[  746.428506][T13798] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2211'.
[  749.428135][T13829] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2218'.
[  749.432110][T13829] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2218'.
[  751.432720][ T5356] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  751.623060][ T5356] usb 5-1: Using ep0 maxpacket: 16
[  751.634623][ T5356] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  751.638799][ T5356] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  751.652571][ T5356] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  751.662618][ T5356] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  751.666632][ T5356] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  751.670112][ T5356] usb 5-1: Manufacturer: syz
[  751.679751][ T5356] usb 5-1: config 0 descriptor??
[  751.971116][T13846] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  751.982491][T13846] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  752.190505][ T5399] usb 5-1: USB disconnect, device number 15
[  752.525573][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  752.528372][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  752.582649][ T5356] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  752.782674][ T5356] usb 7-1: Using ep0 maxpacket: 16
[  752.796184][ T5356] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  752.800316][ T5356] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  752.806078][ T5356] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  752.809926][ T5356] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  752.813650][ T5356] usb 7-1: Manufacturer: syz
[  752.817638][ T5356] usb 7-1: config 0 descriptor??
[  753.295761][T13858] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  753.308036][T13858] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  753.500719][   T30] usb 7-1: USB disconnect, device number 16
[  753.724021][T13873] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2228'.
[  753.820520][T13876] netlink: 468 bytes leftover after parsing attributes in process `syz.0.2229'.
[  753.867390][T13874] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  754.249695][T13884] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2230'.
[  754.930706][T13893] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2232'.
[  755.054441][T13895] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  755.348715][T13901] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  757.483462][T13924] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2238'.
[  759.571960][T13952] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  759.767092][T13958] netlink: 468 bytes leftover after parsing attributes in process `syz.2.2245'.
[  759.860894][T13960] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  759.911261][T13960] fuse: Bad value for 'fd'
[  760.242901][T13965] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2246'.
[  761.082100][T13982] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  761.226708][T13985] netlink: 468 bytes leftover after parsing attributes in process `syz.0.2252'.
[  761.440005][T13990] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  761.525593][T13990] fuse: Invalid rootmode
[  762.219434][T14004] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  762.257120][T14004] fuse: Unknown parameter 'grou00000000000000000000'
[  763.221519][T14015] netlink: 468 bytes leftover after parsing attributes in process `syz.0.2258'.
[  763.334312][T14016] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  763.379706][T14016] fuse: Unknown parameter '0x0000000000000009'
[  763.642545][T14022] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2259'.
[  763.906296][T14024] netlink: 468 bytes leftover after parsing attributes in process `syz.2.2260'.
[  763.980970][T14025] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  764.000920][T14025] fuse: Unknown parameter 'fd0x0000000000000009'
[  764.091298][T14027] netlink: 468 bytes leftover after parsing attributes in process `syz.1.2261'.
[  764.248457][T14029] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  764.257915][T14031] netlink: 468 bytes leftover after parsing attributes in process `syz.0.2262'.
[  764.274402][T14029] fuse: Bad value for 'fd'
[  764.352935][T14033] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  764.377127][T14033] fuse: Bad value for 'fd'
[  765.392858][ T5399] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  765.622594][ T5399] usb 6-1: Using ep0 maxpacket: 16
[  765.626926][ T5399] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  765.630931][ T5399] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  765.638464][ T5399] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  765.644624][ T5399] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  765.648713][ T5399] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  765.652196][ T5399] usb 6-1: Manufacturer: syz
[  765.662467][ T5399] usb 6-1: config 0 descriptor??
[  766.011376][T14046] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  766.020219][T14046] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  766.166038][T14054] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2267'.
[  766.249135][T14056] netlink: 468 bytes leftover after parsing attributes in process `syz.0.2268'.
[  766.274860][ T8590] usb 6-1: USB disconnect, device number 22
[  766.296535][T14057] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  766.324559][T14057] fuse: Bad value for 'user_id'
[  766.326522][T14057] fuse: Bad value for 'user_id'
[  766.354755][T14058] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  766.410838][T14058] fuse: Unknown parameter 'user_i00000000000000000000'
[  767.067818][ T5399] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  767.122619][   T30] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  767.179298][T14071] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2271'.
[  767.252375][T14072] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  767.262634][ T5399] usb 7-1: Using ep0 maxpacket: 16
[  767.269713][ T5399] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  767.276920][ T5399] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  767.283801][T14072] fuse: Bad value for 'user_id'
[  767.286097][ T5399] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  767.291688][T14072] fuse: Bad value for 'user_id'
[  767.302186][ T5399] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  767.306129][ T5399] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  767.309480][ T5399] usb 7-1: Manufacturer: syz
[  767.313598][ T5399] usb 7-1: config 0 descriptor??
[  767.322835][   T30] usb 6-1: Using ep0 maxpacket: 16
[  767.328184][   T30] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  767.332425][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  767.340374][   T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  767.347363][   T30] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  767.350921][   T30] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  767.354794][   T30] usb 6-1: Manufacturer: syz
[  767.358034][   T30] usb 6-1: config 0 descriptor??
[  767.455271][ T1292] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  767.620134][T14065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  767.627917][T14065] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  767.642573][ T1292] usb 5-1: Using ep0 maxpacket: 16
[  767.649686][ T1292] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  767.655472][ T1292] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  767.660328][ T1292] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  767.666979][T14067] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  767.668578][ T1292] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  767.674885][T14067] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  767.676241][ T1292] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  767.681185][ T1292] usb 5-1: Manufacturer: syz
[  767.692267][ T1292] usb 5-1: config 0 descriptor??
[  767.784141][T11112] usb 7-1: USB disconnect, device number 17
[  767.944772][ T5356] usb 6-1: USB disconnect, device number 23
[  767.995325][T14069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  767.999676][T14069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  768.091473][T14082] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2273'.
[  768.216608][T14083] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  768.268168][ T5399] usb 5-1: USB disconnect, device number 16
[  768.528886][T14089] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  768.680764][T14093] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  769.171821][T14102] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  769.799782][T14112] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  769.867386][T14112] fuse: Unknown parameter '0x0000000000000009'
[  770.771576][T14126] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2284'.
[  770.915668][T14128] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2283'.
[  771.021054][T14130] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  771.807104][T14139] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  772.938310][T14155] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  773.006179][T14155] fuse: Bad value for 'fd'
[  773.102586][   T30] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  773.312658][   T30] usb 7-1: Using ep0 maxpacket: 16
[  773.317101][   T30] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  773.321477][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  773.327618][   T30] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  773.339642][   T30] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  773.346431][   T30] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  773.352395][   T30] usb 7-1: Manufacturer: syz
[  773.394704][   T30] usb 7-1: config 0 descriptor??
[  773.569206][T14163] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  773.585004][T14163] fuse: Bad value for 'fd'
[  773.849446][T14153] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  773.857032][T14153] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  773.877121][T14169] netlink: 468 bytes leftover after parsing attributes in process `syz.0.2293'.
[  774.031318][T14172] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  774.106721][   T30] usb 7-1: USB disconnect, device number 18
[  776.127159][T14207] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  776.169220][T14207] fuse: Bad value for 'fd'
[  777.365346][T14220] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  778.646563][ T5392] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  778.822663][ T5392] usb 8-1: Using ep0 maxpacket: 16
[  778.829667][ T5392] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  778.861078][ T5392] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  778.868291][ T5392] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  778.875210][ T5392] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  778.879019][ T5392] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  778.882640][ T5392] usb 8-1: Manufacturer: syz
[  778.890537][ T5392] usb 8-1: config 0 descriptor??
[  779.027342][T14240] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  779.230973][T14232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  779.241193][T14232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  779.418009][   T25] usb 8-1: USB disconnect, device number 20
[  781.158043][T14273] bridge0: port 3(syz_tun) entered blocking state
[  781.160946][T14273] bridge0: port 3(syz_tun) entered disabled state
[  781.171951][T14273] syz_tun: entered allmulticast mode
[  781.179765][T14273] syz_tun: entered promiscuous mode
[  781.182362][T14273] bridge0: port 3(syz_tun) entered blocking state
[  781.185263][T14273] bridge0: port 3(syz_tun) entered forwarding state
[  783.873779][T14300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2333'.
[  783.921591][T14304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2335'.
[  783.987274][T14304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2335'.
[  785.471615][ T4777] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  785.497051][ T4777] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  785.504143][ T4777] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  785.508690][ T4777] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  785.512750][ T4777] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  785.516224][ T4777] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  785.602370][ T5355] bridge0: port 3(syz_tun) entered disabled state
[  785.616918][ T5355] syz_tun (unregistering): left allmulticast mode
[  785.619763][ T5355] syz_tun (unregistering): left promiscuous mode
[  785.623257][ T5355] bridge0: port 3(syz_tun) entered disabled state
[  785.637874][T14322] wlan0 speed is unknown, defaulting to 1000
[  785.822446][ T1100] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.980786][ T1100] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.991043][T14322] chnl_net:caif_netlink_parms(): no params data found
[  786.130101][ T1100] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.191814][T14322] bridge0: port 1(bridge_slave_0) entered blocking state
[  786.200945][T14322] bridge0: port 1(bridge_slave_0) entered disabled state
[  786.204440][T14322] bridge_slave_0: entered allmulticast mode
[  786.208622][T14322] bridge_slave_0: entered promiscuous mode
[  786.215789][T14322] bridge0: port 2(bridge_slave_1) entered blocking state
[  786.219465][T14322] bridge0: port 2(bridge_slave_1) entered disabled state
[  786.224574][T14322] bridge_slave_1: entered allmulticast mode
[  786.228346][T14322] bridge_slave_1: entered promiscuous mode
[  786.246368][ T1100] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.309182][T14322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  786.314344][T14322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  786.388241][T14322] team0: Port device team_slave_0 added
[  786.395806][T14322] team0: Port device team_slave_1 added
[  786.465285][T14322] batman_adv: batadv0: Adding interface: batadv_slave_0
[  786.468401][T14322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  786.481543][T14322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  786.489818][T14322] batman_adv: batadv0: Adding interface: batadv_slave_1
[  786.493068][T14322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  786.508011][T14322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  786.645682][T14322] hsr_slave_0: entered promiscuous mode
[  786.649779][T14322] hsr_slave_1: entered promiscuous mode
[  786.654004][T14322] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  786.657327][T14322] Cannot create hsr debugfs directory
[  786.676413][ T1100] bridge_slave_1: left allmulticast mode
[  786.679478][ T1100] bridge_slave_1: left promiscuous mode
[  786.685106][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state
[  786.691564][ T1100] bridge_slave_0: left allmulticast mode
[  786.695935][ T1100] bridge_slave_0: left promiscuous mode
[  786.698617][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state
[  787.285974][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  787.340217][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  787.359258][ T1100] bond0 (unregistering): Released all slaves
[  787.370174][ T1100] bond1 (unregistering): Released all slaves
[  787.383216][ T1100] bond2 (unregistering): Released all slaves
[  787.393849][ T1100] bond3 (unregistering): Released all slaves
[  787.419093][ T1100] bond4 (unregistering): Released all slaves
[  787.563501][ T4777] Bluetooth: hci4: command tx timeout
[  787.630940][ T1100] ��: left promiscuous mode
[  787.950857][ T1100] infiniband syz2: set down
[  787.982989][   T74] smc: removing ib device syz2
[  788.020567][ T5399] wlan0 speed is unknown, defaulting to 1000
[  788.668690][T14322] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  788.687554][T14322] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  788.712466][T14322] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  788.727149][T14322] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  788.929110][T14322] 8021q: adding VLAN 0 to HW filter on device bond0
[  788.968006][T14322] 8021q: adding VLAN 0 to HW filter on device team0
[  788.994190][T14372] bridge0: port 1(bridge_slave_0) entered blocking state
[  788.997286][T14372] bridge0: port 1(bridge_slave_0) entered forwarding state
[  789.053736][T14372] bridge0: port 2(bridge_slave_1) entered blocking state
[  789.056958][T14372] bridge0: port 2(bridge_slave_1) entered forwarding state
[  789.324080][ T1100] hsr_slave_0: left promiscuous mode
[  789.334619][ T1100] hsr_slave_1: left promiscuous mode
[  789.344263][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  789.347749][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0
[  789.363284][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  789.366141][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1
[  789.399652][ T1100] veth1_macvtap: left promiscuous mode
[  789.402245][ T1100] veth0_macvtap: left promiscuous mode
[  789.405756][ T1100] veth1_vlan: left promiscuous mode
[  789.408333][ T1100] veth0_vlan: left promiscuous mode
[  789.642823][ T4777] Bluetooth: hci4: command tx timeout
[  790.487766][ T1100] team0 (unregistering): Port device team_slave_1 removed
[  790.618636][ T1100] team0 (unregistering): Port device team_slave_0 removed
[  791.523803][T14392] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2352'.
[  791.636794][T14322] 8021q: adding VLAN 0 to HW filter on device batadv0
[  791.690534][T14322] veth0_vlan: entered promiscuous mode
[  791.700963][T14322] veth1_vlan: entered promiscuous mode
[  791.732649][ T4777] Bluetooth: hci4: command tx timeout
[  791.746433][T14322] veth0_macvtap: entered promiscuous mode
[  791.759913][T14322] veth1_macvtap: entered promiscuous mode
[  791.777204][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  791.781788][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  791.786723][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  791.796062][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  791.800248][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  791.805792][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  791.817612][T14322] batman_adv: batadv0: Interface activated: batadv_slave_0
[  791.844261][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  791.849018][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  791.856551][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  791.861511][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  791.867315][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  791.872416][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  791.878999][T14322] batman_adv: batadv0: Interface activated: batadv_slave_1
[  791.888393][T14322] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  791.892794][T14322] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  791.897302][T14322] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  791.901072][T14322] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  791.968618][T14372] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  791.972095][T14372] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  792.002301][T14372] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  792.012523][T14372] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  793.803489][ T4777] Bluetooth: hci4: command tx timeout
[  793.920189][T14413] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2356'.
[  797.911195][ T5354] bridge0: port 3(syz_tun) entered disabled state
[  797.911325][T12857] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  797.928984][T12857] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  797.975753][T12857] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  797.990431][T12857] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  797.997072][ T5354] syz_tun (unregistering): left allmulticast mode
[  798.000120][ T5354] syz_tun (unregistering): left promiscuous mode
[  798.002462][ T5354] bridge0: port 3(syz_tun) entered disabled state
[  798.005688][T12857] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  798.009452][T12857] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  798.181168][T14372] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  798.286040][T14372] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  798.311836][T14452] chnl_net:caif_netlink_parms(): no params data found
[  798.424723][T14372] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  798.560619][T14372] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  798.579389][T14452] bridge0: port 1(bridge_slave_0) entered blocking state
[  798.582411][T14452] bridge0: port 1(bridge_slave_0) entered disabled state
[  798.592455][T14452] bridge_slave_0: entered allmulticast mode
[  798.596490][T14452] bridge_slave_0: entered promiscuous mode
[  798.612225][T14452] bridge0: port 2(bridge_slave_1) entered blocking state
[  798.615409][T14452] bridge0: port 2(bridge_slave_1) entered disabled state
[  798.618558][T14452] bridge_slave_1: entered allmulticast mode
[  798.622307][T14452] bridge_slave_1: entered promiscuous mode
[  798.716820][T14452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  798.730296][T14452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  798.841769][T14452] team0: Port device team_slave_0 added
[  798.871498][T14452] team0: Port device team_slave_1 added
[  798.952100][T14452] batman_adv: batadv0: Adding interface: batadv_slave_0
[  798.956046][T14452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  798.967292][T14452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  798.974700][T14452] batman_adv: batadv0: Adding interface: batadv_slave_1
[  798.977541][T14452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  798.989538][T14452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  799.010448][T14372] bridge_slave_1: left allmulticast mode
[  799.013161][T14372] bridge_slave_1: left promiscuous mode
[  799.015698][T14372] bridge0: port 2(bridge_slave_1) entered disabled state
[  799.033230][T14372] bridge_slave_0: left allmulticast mode
[  799.035824][T14372] bridge_slave_0: left promiscuous mode
[  799.038503][T14372] bridge0: port 1(bridge_slave_0) entered disabled state
[  799.546236][T14372] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  799.558228][T14372] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  799.567850][T14372] bond0 (unregistering): Released all slaves
[  799.580663][T14372] bond1 (unregistering): Released all slaves
[  799.755145][T14372] ��: left promiscuous mode
[  799.776118][T14452] hsr_slave_0: entered promiscuous mode
[  799.780220][T14452] hsr_slave_1: entered promiscuous mode
[  799.787049][T14452] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  799.791306][T14452] Cannot create hsr debugfs directory
[  800.058921][ T4777] Bluetooth: hci0: command tx timeout
[  800.285505][T14372] hsr_slave_0: left promiscuous mode
[  800.291472][T14372] hsr_slave_1: left promiscuous mode
[  800.299264][T14372] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  800.308106][T14372] batman_adv: batadv0: Removing interface: batadv_slave_0
[  800.314717][T14372] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  800.317709][T14372] batman_adv: batadv0: Removing interface: batadv_slave_1
[  800.359044][T14372] veth1_macvtap: left promiscuous mode
[  800.361365][T14372] veth0_macvtap: left promiscuous mode
[  800.367002][T14372] veth1_vlan: left promiscuous mode
[  800.369666][T14372] veth0_vlan: left promiscuous mode
[  801.778660][T14372] team0 (unregistering): Port device team_slave_1 removed
[  801.926707][T14372] team0 (unregistering): Port device team_slave_0 removed
[  802.138148][ T4777] Bluetooth: hci0: command tx timeout
[  803.501627][T14452] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  803.508848][T14452] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  803.515623][T14452] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  803.523104][T14452] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  803.644053][T14452] 8021q: adding VLAN 0 to HW filter on device bond0
[  803.676051][T14452] 8021q: adding VLAN 0 to HW filter on device team0
[  803.695773][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  803.699030][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  803.711685][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  803.722332][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  803.999992][T14452] 8021q: adding VLAN 0 to HW filter on device batadv0
[  804.092005][T14452] veth0_vlan: entered promiscuous mode
[  804.108907][T14452] veth1_vlan: entered promiscuous mode
[  804.165420][T14452] veth0_macvtap: entered promiscuous mode
[  804.170449][T14452] veth1_macvtap: entered promiscuous mode
[  804.204951][T14452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  804.209442][T14452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  804.212710][ T4777] Bluetooth: hci0: command tx timeout
[  804.213599][T14452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  804.220217][T14452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  804.224681][T14452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  804.228932][T14452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  804.240615][T14452] batman_adv: batadv0: Interface activated: batadv_slave_0
[  804.250386][T14452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  804.259193][T14452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  804.263624][T14452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  804.267950][T14452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  804.271332][T14452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  804.279027][T14452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  804.287546][T14452] batman_adv: batadv0: Interface activated: batadv_slave_1
[  804.298715][T14452] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  804.302405][T14452] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  804.306393][T14452] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  804.309845][T14452] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  804.413978][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  804.417017][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  804.440100][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  804.464551][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  806.294785][ T4777] Bluetooth: hci0: command tx timeout
[  806.482259][T14553] FAULT_INJECTION: forcing a failure.
[  806.482259][T14553] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  806.498133][T14553] CPU: 0 UID: 0 PID: 14553 Comm: syz.1.2385 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  806.502223][T14553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  806.506472][T14553] Call Trace:
[  806.507584][T14553]  <TASK>
[  806.508728][T14553]  dump_stack_lvl+0x16c/0x1f0
[  806.510785][T14553]  should_fail_ex+0x497/0x5b0
[  806.512799][T14553]  _copy_from_user+0x30/0xf0
[  806.514831][T14553]  get_compat_msghdr+0xa8/0x170
[  806.517004][T14553]  ? __pfx_get_compat_msghdr+0x10/0x10
[  806.519487][T14553]  ? __pfx___lock_acquire+0x10/0x10
[  806.521419][T14553]  ___sys_sendmsg+0x1b0/0x1e0
[  806.523120][T14553]  ? __pfx____sys_sendmsg+0x10/0x10
[  806.524869][T14553]  ? ksys_write+0x21c/0x260
[  806.526230][T14553]  ? __fget_light+0x173/0x210
[  806.527766][T14553]  __sys_sendmsg+0x117/0x1f0
[  806.529171][T14553]  ? __pfx___sys_sendmsg+0x10/0x10
[  806.530806][T14553]  __do_fast_syscall_32+0x73/0x120
[  806.532803][T14553]  do_fast_syscall_32+0x32/0x80
[  806.534519][T14553]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  806.537040][T14553] RIP: 0023:0xf73ee579
[  806.538818][T14553] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  806.546612][T14553] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  806.549763][T14553] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200
[  806.552238][T14553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  806.555005][T14553] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  806.557988][T14553] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  806.560486][T14553] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  806.562611][T14553]  </TASK>
[  806.698751][T14555] FAULT_INJECTION: forcing a failure.
[  806.698751][T14555] name failslab, interval 1, probability 0, space 0, times 1
[  806.704600][T14555] CPU: 1 UID: 0 PID: 14555 Comm: syz.1.2386 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  806.709600][T14555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  806.714481][T14555] Call Trace:
[  806.716000][T14555]  <TASK>
[  806.717292][T14555]  dump_stack_lvl+0x16c/0x1f0
[  806.719442][T14555]  should_fail_ex+0x497/0x5b0
[  806.721423][T14555]  ? fs_reclaim_acquire+0xae/0x160
[  806.723626][T14555]  should_failslab+0xc2/0x120
[  806.725611][T14555]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  806.727763][T14555]  ? getname_flags.part.0+0x4c/0x550
[  806.729970][T14555]  ? vfs_write+0x14d/0x1140
[  806.732141][T14555]  getname_flags.part.0+0x4c/0x550
[  806.734184][T14555]  getname+0x8d/0xe0
[  806.735824][T14555]  do_sys_openat2+0x104/0x1e0
[  806.737800][T14555]  ? __pfx_do_sys_openat2+0x10/0x10
[  806.740090][T14555]  __ia32_compat_sys_openat+0x16e/0x210
[  806.742415][T14555]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  806.744960][T14555]  ? ksys_write+0x1ab/0x260
[  806.746872][T14555]  __do_fast_syscall_32+0x73/0x120
[  806.749045][T14555]  do_fast_syscall_32+0x32/0x80
[  806.751214][T14555]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  806.753870][T14555] RIP: 0023:0xf73ee579
[  806.755343][T14555] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  806.762590][T14555] RSP: 002b:00000000f56e64f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  806.765298][T14555] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f72c0aa6
[  806.768180][T14555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73dfff4
[  806.771308][T14555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  806.774647][T14555] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  806.777926][T14555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  806.781269][T14555]  </TASK>
[  807.028052][T14560] nvme_fabrics: missing parameter 'transport=%s'
[  807.031277][T14560] nvme_fabrics: missing parameter 'nqn=%s'
[  807.070299][T14560] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2389'.
[  808.628340][T14604] overlayfs: missing 'lowerdir'
[  809.048805][T14608] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2403'.
[  809.452627][ T1292] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  809.660861][ T1292] usb 8-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  809.665211][ T1292] usb 8-1: config 1 has no interface number 1
[  809.668390][ T1292] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  809.675100][ T1292] usb 8-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 7
[  809.682050][ T1292] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  809.687745][ T1292] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  809.691444][ T1292] usb 8-1: Product: 휂쾻ቚ剥큥ힴ驾賐⃘ᳩꪛ❻祮摮ṫ钘茤❏죦麾ᯓ舿䬍뜀㠻汋屢䅙⾿筌ꢆㅃﱕ璾쀞盚﷫≐顂ᔌ平૽윿깉᷿⌗頠焃䉫ᣎꗖ⹷㲡⡃暱쯝ể稜य़鱍ᴧ툦巾勈䑐悅༅䯝໖ꄛ恿ॴ夻ᵿ坭偔ᩞힾ探婛圁嬜讞숶Ռ䐧꥔⬈⎻锪
[  809.705314][ T1292] usb 8-1: Manufacturer: 劵㋝㭉揃䟀ᬕㆍ駙ⴒ喙햒櫡池ꂃ㗛뫇뎫⼸䰣΋쭽ž塘㺟䁳驼鞴梸阰꿚뽌遝䏧懆㯘뙊鄇﬉뜿ꏋ险誠獧펟ྉᡂﺋ蟉廦끄拳隍꣍⬰숂汥쾌꾯睴⻷毫熟㸇홌阴뗏꘍䝫咭屑乸ꝗ䣋娝⸓き੎챣ﯮ溇稜캋徎툽뤽䤺艷崿촸꽗ᬾ烾칣ꋐઓ쪪釚⪶漸簈ࣀߘⵖ㱟仈㢨Ꮃ
[  809.736360][ T1292] usb 8-1: SerialNumber: ␏䑳孨㜻䯤஁莅ጋၱ犄㥟矙켌ቍ糪務ꏕ鬻聶攣↔䭳᧽囎鳇ᣧ扟㮦遥
[  810.167117][T14622] FAULT_INJECTION: forcing a failure.
[  810.167117][T14622] name failslab, interval 1, probability 0, space 0, times 0
[  810.172582][T14622] CPU: 2 UID: 0 PID: 14622 Comm: syz.0.2407 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  810.177231][T14622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  810.181894][T14622] Call Trace:
[  810.183280][T14622]  <TASK>
[  810.184635][T14622]  dump_stack_lvl+0x16c/0x1f0
[  810.186766][T14622]  should_fail_ex+0x497/0x5b0
[  810.188967][T14622]  ? fs_reclaim_acquire+0xae/0x160
[  810.191232][T14622]  should_failslab+0xc2/0x120
[  810.193346][T14622]  __kmalloc_noprof+0xcb/0x410
[  810.195655][T14622]  ? __pfx_lock_acquire+0x10/0x10
[  810.198024][T14622]  tomoyo_realpath_from_path+0xbf/0x710
[  810.200563][T14622]  ? tomoyo_profile+0x47/0x60
[  810.202965][T14622]  tomoyo_path_number_perm+0x245/0x5b0
[  810.205425][T14622]  ? tomoyo_path_number_perm+0x232/0x5b0
[  810.207922][T14622]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  810.210575][T14622]  ? __pfx_lock_release+0x10/0x10
[  810.212930][T14622]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  810.215162][T14622]  ? __fget_files+0x256/0x400
[  810.217184][T14622]  security_file_ioctl_compat+0x75/0xc0
[  810.219452][T14622]  __do_compat_sys_ioctl+0x5d/0x330
[  810.221358][T14622]  __do_fast_syscall_32+0x73/0x120
[  810.223542][T14622]  do_fast_syscall_32+0x32/0x80
[  810.225632][T14622]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  810.228311][T14622] RIP: 0023:0xf747e579
[  810.230000][T14622] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  810.238331][T14622] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  810.241978][T14622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005501
[  810.245400][T14622] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  810.248770][T14622] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  810.252182][T14622] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  810.255565][T14622] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  810.259001][T14622]  </TASK>
[  810.269357][T14622] ERROR: Out of memory at tomoyo_realpath_from_path.
[  810.279698][T14622] input: syz0 as /devices/virtual/input/input16
[  810.427705][T14625] input: syz0 as /devices/virtual/input/input17
[  810.693509][ T1292] usb 8-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  810.791199][ T1292] usb 8-1: USB disconnect, device number 21
[  810.837251][T14629] input: syz0 as /devices/virtual/input/input18
[  811.785470][T14638] FAULT_INJECTION: forcing a failure.
[  811.785470][T14638] name failslab, interval 1, probability 0, space 0, times 0
[  811.791186][T14638] CPU: 3 UID: 0 PID: 14638 Comm: syz.3.2412 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  811.795705][T14638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  811.800220][T14638] Call Trace:
[  811.801656][T14638]  <TASK>
[  811.803012][T14638]  dump_stack_lvl+0x16c/0x1f0
[  811.805265][T14638]  should_fail_ex+0x497/0x5b0
[  811.807253][T14638]  ? fs_reclaim_acquire+0xae/0x160
[  811.809471][T14638]  should_failslab+0xc2/0x120
[  811.812158][T14638]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  811.814833][T14638]  ? vm_area_dup+0x21/0x300
[  811.816946][T14638]  vm_area_dup+0x21/0x300
[  811.819155][T14638]  __split_vma+0x181/0x11a0
[  811.821172][T14638]  ? hlock_class+0x4e/0x130
[  811.823648][T14638]  ? __pfx_mark_lock+0x10/0x10
[  811.825674][T14638]  ? __pfx___split_vma+0x10/0x10
[  811.827897][T14638]  ? mark_lock+0xb5/0xc60
[  811.829798][T14638]  ? __pfx_mark_lock+0x10/0x10
[  811.833672][T14638]  ? __pfx___lock_acquire+0x10/0x10
[  811.835849][T14638]  do_vmi_align_munmap+0x2bf/0x19c0
[  811.838014][T14638]  ? mtree_range_walk+0x715/0xbe0
[  811.839960][T14638]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  811.842087][T14638]  do_vmi_munmap+0x231/0x410
[  811.843735][T14638]  do_munmap+0xb0/0xf0
[  811.845591][T14638]  ? __pfx_do_munmap+0x10/0x10
[  811.847821][T14638]  ? vfs_write+0x14d/0x1140
[  811.859332][T14638]  __do_sys_mremap+0x1373/0x1610
[  811.862047][T14638]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  811.864669][T14638]  ? __pfx___do_sys_mremap+0x10/0x10
[  811.880240][T14638]  ? fput+0x32/0x390
[  811.882330][T14638]  ? ksys_write+0x1ab/0x260
[  811.884602][T14638]  ? __pfx_ksys_write+0x10/0x10
[  811.886894][T14638]  __do_fast_syscall_32+0x73/0x120
[  811.888825][T14638]  do_fast_syscall_32+0x32/0x80
[  811.891047][T14638]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  811.894374][T14638] RIP: 0023:0xf740e579
[  811.896290][T14638] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  811.905804][T14638] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 00000000000000a3
[  811.909992][T14638] RAX: ffffffffffffffda RBX: 0000000020a96000 RCX: 0000000000001000
[  811.914468][T14638] RDX: 0000000000800000 RSI: 0000000000000003 RDI: 0000000020130000
[  811.919313][T14638] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  811.924172][T14638] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  811.928914][T14638] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  811.933507][T14638]  </TASK>
[  812.103905][T14640] 9pnet_fd: Insufficient options for proto=fd
[  812.153766][T14644] syz.3.2414 (14644): attempted to duplicate a private mapping with mremap.  This is not supported.
[  812.283198][ T4777] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  812.291652][ T4777] Bluetooth: hci0: Injecting HCI hardware error event
[  812.296891][ T4777] Bluetooth: hci0: hardware error 0x00
[  812.926683][T14651] FAULT_INJECTION: forcing a failure.
[  812.926683][T14651] name failslab, interval 1, probability 0, space 0, times 0
[  812.936842][T14651] CPU: 0 UID: 0 PID: 14651 Comm: syz.1.2417 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  812.941216][T14651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  812.945192][T14651] Call Trace:
[  812.946437][T14651]  <TASK>
[  812.947710][T14651]  dump_stack_lvl+0x16c/0x1f0
[  812.949691][T14651]  should_fail_ex+0x497/0x5b0
[  812.951606][T14651]  ? fs_reclaim_acquire+0xae/0x160
[  812.953546][T14651]  should_failslab+0xc2/0x120
[  812.955315][T14651]  __kmalloc_node_noprof+0xd1/0x440
[  812.957095][T14651]  ? __kvmalloc_node_noprof+0x9d/0x1a0
[  812.958951][T14651]  __kvmalloc_node_noprof+0x9d/0x1a0
[  812.960878][T14651]  seq_read_iter+0x830/0x12c0
[  812.962736][T14651]  kernfs_fop_read_iter+0x41a/0x590
[  812.965274][T14651]  ? rw_verify_area+0xd0/0x6c0
[  812.967509][T14651]  vfs_read+0x869/0xbd0
[  812.969965][T14651]  ? __pfx_vfs_read+0x10/0x10
[  812.972302][T14651]  ? __pfx___mutex_lock+0x10/0x10
[  812.974420][T14651]  ? __fget_files+0x256/0x400
[  812.976414][T14651]  ksys_read+0x12f/0x260
[  812.978872][T14651]  ? __pfx_ksys_read+0x10/0x10
[  812.981761][T14651]  __do_fast_syscall_32+0x73/0x120
[  812.984284][T14651]  do_fast_syscall_32+0x32/0x80
[  812.986833][T14651]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  812.989530][T14651] RIP: 0023:0xf73ee579
[  812.991478][T14651] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  813.000178][T14651] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  813.004706][T14651] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  813.008289][T14651] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  813.011776][T14651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  813.015199][T14651] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  813.019013][T14651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  813.022524][T14651]  </TASK>
[  813.175911][T14655] loop0: detected capacity change from 0 to 127
[  813.573081][T14664] FAULT_INJECTION: forcing a failure.
[  813.573081][T14664] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  813.579607][T14664] CPU: 1 UID: 0 PID: 14664 Comm: syz.0.2421 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  813.585078][T14664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  813.589901][T14664] Call Trace:
[  813.591691][T14664]  <TASK>
[  813.593172][T14664]  dump_stack_lvl+0x16c/0x1f0
[  813.595113][T14664]  should_fail_ex+0x497/0x5b0
[  813.597292][T14664]  _copy_to_user+0x30/0xc0
[  813.599258][T14664]  simple_read_from_buffer+0xd0/0x160
[  813.601309][T14664]  proc_fail_nth_read+0x19e/0x280
[  813.603010][T14664]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  813.604981][T14664]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  813.607533][T14664]  vfs_read+0x1d4/0xbd0
[  813.609199][T14664]  ? __fdget_pos+0xeb/0x180
[  813.611062][T14664]  ? __pfx_vfs_read+0x10/0x10
[  813.613405][T14664]  ? __pfx___mutex_lock+0x10/0x10
[  813.615622][T14664]  ? __fget_files+0x256/0x400
[  813.617649][T14664]  ksys_read+0x12f/0x260
[  813.619470][T14664]  ? __pfx_ksys_read+0x10/0x10
[  813.621528][T14664]  __do_fast_syscall_32+0x73/0x120
[  813.623677][T14664]  do_fast_syscall_32+0x32/0x80
[  813.625798][T14664]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  813.628291][T14664] RIP: 0023:0xf747e579
[  813.629885][T14664] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  813.637615][T14664] RSP: 002b:00000000f57765a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  813.641614][T14664] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5776620
[  813.645183][T14664] RDX: 000000000000000f RSI: 00000000f746fff4 RDI: 0000000000000000
[  813.648472][T14664] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  813.651590][T14664] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  813.654653][T14664] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  813.657891][T14664]  </TASK>
[  813.728875][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88806088d000: rx timeout, send abort
[  813.734923][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff88806088d000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  813.748025][T14668] batadv_slave_1: vlans aren't supported yet for dev_uc|mc_add()
[  813.754390][T14667] batadv_slave_1: vlans aren't supported yet for dev_uc|mc_add()
[  813.817595][T14672] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2423'.
[  813.964038][T14677] FAULT_INJECTION: forcing a failure.
[  813.964038][T14677] name failslab, interval 1, probability 0, space 0, times 0
[  813.969585][T14677] CPU: 0 UID: 0 PID: 14677 Comm: syz.0.2427 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  813.974588][T14677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  813.979193][T14677] Call Trace:
[  813.980659][T14677]  <TASK>
[  813.981993][T14677]  dump_stack_lvl+0x16c/0x1f0
[  813.984065][T14677]  should_fail_ex+0x497/0x5b0
[  813.985863][T14677]  ? fs_reclaim_acquire+0xae/0x160
[  813.987819][T14677]  should_failslab+0xc2/0x120
[  813.989657][T14677]  __kmalloc_noprof+0xcb/0x410
[  813.991513][T14677]  ? __pfx_lock_acquire+0x10/0x10
[  813.993486][T14677]  tomoyo_realpath_from_path+0xbf/0x710
[  813.995839][T14677]  ? tomoyo_profile+0x47/0x60
[  813.996456][T14678] FAULT_INJECTION: forcing a failure.
[  813.996456][T14678] name failslab, interval 1, probability 0, space 0, times 0
[  813.997640][T14677]  tomoyo_path_number_perm+0x245/0x5b0
[  814.005555][T14677]  ? tomoyo_path_number_perm+0x232/0x5b0
[  814.008093][T14677]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  814.010856][T14677]  ? __pfx_lock_release+0x10/0x10
[  814.013279][T14677]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  814.015871][T14677]  ? __fget_files+0x256/0x400
[  814.018038][T14677]  security_file_ioctl_compat+0x75/0xc0
[  814.021199][T14677]  __do_compat_sys_ioctl+0x5d/0x330
[  814.023750][T14677]  __do_fast_syscall_32+0x73/0x120
[  814.025719][T14677]  do_fast_syscall_32+0x32/0x80
[  814.027608][T14677]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  814.030431][T14677] RIP: 0023:0xf747e579
[  814.032235][T14677] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  814.040352][T14677] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  814.044129][T14677] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c004743e
[  814.047699][T14677] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  814.050952][T14677] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  814.054246][T14677] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  814.057492][T14677] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  814.060965][T14677]  </TASK>
[  814.062276][T14678] CPU: 2 UID: 0 PID: 14678 Comm: syz.2.2426 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  814.062937][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  814.066791][T14678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  814.066806][T14678] Call Trace:
[  814.066813][T14678]  <TASK>
[  814.069911][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  814.073596][T14678]  dump_stack_lvl+0x16c/0x1f0
[  814.073624][T14678]  should_fail_ex+0x497/0x5b0
[  814.073642][T14678]  ? fs_reclaim_acquire+0xae/0x160
[  814.073667][T14678]  should_failslab+0xc2/0x120
[  814.073686][T14678]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  814.076996][T14677] ERROR: Out of memory at tomoyo_realpath_from_path.
[  814.078279][T14678]  ? getname_flags.part.0+0x4c/0x550
[  814.094875][T14678]  ? vfs_write+0x14d/0x1140
[  814.096783][T14678]  getname_flags.part.0+0x4c/0x550
[  814.098593][T14678]  getname+0x8d/0xe0
[  814.099969][T14678]  do_sys_openat2+0x104/0x1e0
[  814.101866][T14678]  ? __pfx_do_sys_openat2+0x10/0x10
[  814.103984][T14678]  __ia32_compat_sys_openat+0x16e/0x210
[  814.105996][T14678]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  814.108104][T14678]  ? ksys_write+0x1ab/0x260
[  814.109783][T14678]  __do_fast_syscall_32+0x73/0x120
[  814.111767][T14678]  do_fast_syscall_32+0x32/0x80
[  814.113908][T14678]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  814.116754][T14678] RIP: 0023:0xf7f80579
[  814.118532][T14678] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  814.126765][T14678] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  814.130522][T14678] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020001740
[  814.134490][T14678] RDX: 0000000000101042 RSI: 0000000000000000 RDI: 0000000000000000
[  814.137937][T14678] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  814.141633][T14678] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  814.144790][T14678] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  814.148222][T14678]  </TASK>
[  814.284579][T14690] FAULT_INJECTION: forcing a failure.
[  814.284579][T14690] name failslab, interval 1, probability 0, space 0, times 0
[  814.293135][T14690] CPU: 2 UID: 0 PID: 14690 Comm: syz.3.2428 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  814.297944][T14690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  814.302346][T14690] Call Trace:
[  814.303768][T14690]  <TASK>
[  814.304962][T14690]  dump_stack_lvl+0x16c/0x1f0
[  814.306954][T14690]  should_fail_ex+0x497/0x5b0
[  814.308915][T14690]  ? fs_reclaim_acquire+0xae/0x160
[  814.311053][T14690]  should_failslab+0xc2/0x120
[  814.313101][T14690]  kmem_cache_alloc_node_noprof+0x71/0x310
[  814.315586][T14690]  ? __alloc_skb+0x2b3/0x380
[  814.317592][T14690]  __alloc_skb+0x2b3/0x380
[  814.319343][T14690]  ? __pfx___alloc_skb+0x10/0x10
[  814.321286][T14690]  ? apparmor_file_permission+0x251/0x400
[  814.323482][T14690]  ppp_write+0xc3/0x3e0
[  814.324935][T14690]  ? rw_verify_area+0xd0/0x6c0
[  814.326673][T14690]  ? __pfx_ppp_write+0x10/0x10
[  814.328564][T14690]  vfs_write+0x29a/0x1140
[  814.330430][T14690]  ? __pfx_lock_release+0x10/0x10
[  814.332591][T14690]  ? __pfx_vfs_write+0x10/0x10
[  814.334352][T14690]  ? __mutex_unlock_slowpath+0x164/0x650
[  814.336652][T14690]  ? __fget_files+0x256/0x400
[  814.338615][T14690]  ksys_pwrite64+0x176/0x1a0
[  814.340424][T14690]  ? __pfx_ksys_pwrite64+0x10/0x10
[  814.342505][T14690]  __do_fast_syscall_32+0x73/0x120
[  814.344595][T14690]  do_fast_syscall_32+0x32/0x80
[  814.346559][T14690]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  814.349477][T14690] RIP: 0023:0xf740e579
[  814.351293][T14690] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  814.359373][T14690] RSP: 002b:00000000f56e556c EFLAGS: 00000296 ORIG_RAX: 00000000000000b5
[  814.362925][ T4777] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  814.365738][T14690] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000340
[  814.365753][T14690] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  814.365767][T14690] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  814.365778][T14690] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  814.365788][T14690] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  814.365812][T14690]  </TASK>
[  814.909963][T14699] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2432'.
[  816.949289][T14722] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  816.982457][T14722] kvm: pic: non byte read
[  817.002768][T14722] kvm: pic: level sensitive irq not supported
[  817.003302][T14722] kvm: pic: non byte read
[  818.181343][T14753] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2447'.
[  818.832198][T14757] bridge0: port 3(team0) entered blocking state
[  818.835157][T14757] bridge0: port 3(team0) entered disabled state
[  818.840325][T14757] team0: entered allmulticast mode
[  818.844408][T14757] team_slave_0: entered allmulticast mode
[  818.847436][T14757] team_slave_1: entered allmulticast mode
[  818.855833][T14757] team0: entered promiscuous mode
[  818.860623][T14757] team_slave_0: entered promiscuous mode
[  818.867226][T14757] team_slave_1: entered promiscuous mode
[  818.870952][T14757] bridge0: port 3(team0) entered blocking state
[  818.875184][T14757] bridge0: port 3(team0) entered forwarding state
[  820.573674][   T39] audit: type=1326 audit(1725761716.407:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14778 comm="syz.3.2454" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x0
[  820.686254][T14781] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2454'.
[  821.678856][T14790] syz.0.2458[14790] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  821.678935][T14790] syz.0.2458[14790] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  821.765479][T14792] FAULT_INJECTION: forcing a failure.
[  821.765479][T14792] name failslab, interval 1, probability 0, space 0, times 0
[  821.774644][T14792] CPU: 2 UID: 0 PID: 14792 Comm: syz.1.2459 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  821.778736][T14792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  821.783018][T14792] Call Trace:
[  821.784387][T14792]  <TASK>
[  821.785631][T14792]  dump_stack_lvl+0x16c/0x1f0
[  821.787631][T14792]  should_fail_ex+0x497/0x5b0
[  821.789439][T14792]  ? fs_reclaim_acquire+0xae/0x160
[  821.791135][T14792]  should_failslab+0xc2/0x120
[  821.792699][T14792]  __kmalloc_noprof+0xcb/0x410
[  821.794540][T14792]  ? __pfx_lock_acquire+0x10/0x10
[  821.796595][T14792]  tomoyo_realpath_from_path+0xbf/0x710
[  821.798837][T14792]  ? tomoyo_profile+0x47/0x60
[  821.800425][T14792]  tomoyo_path_number_perm+0x245/0x5b0
[  821.802041][T14792]  ? tomoyo_path_number_perm+0x232/0x5b0
[  821.803799][T14792]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  821.806289][T14792]  ? __pfx_lock_release+0x10/0x10
[  821.808364][T14792]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  821.810585][T14792]  ? __fget_files+0x256/0x400
[  821.812485][T14792]  security_file_ioctl_compat+0x75/0xc0
[  821.814560][T14792]  __do_compat_sys_ioctl+0x5d/0x330
[  821.816309][T14792]  __do_fast_syscall_32+0x73/0x120
[  821.818143][T14792]  do_fast_syscall_32+0x32/0x80
[  821.820230][T14792]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  821.822882][T14792] RIP: 0023:0xf73ee579
[  821.824590][T14792] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  821.832068][T14792] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  821.835818][T14792] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0184800
[  821.839048][T14792] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  821.842334][T14792] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  821.845350][T14792] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  821.848348][T14792] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  821.851620][T14792]  </TASK>
[  821.854434][T14792] ERROR: Out of memory at tomoyo_realpath_from_path.
[  821.964345][T14798] FAULT_INJECTION: forcing a failure.
[  821.964345][T14798] name failslab, interval 1, probability 0, space 0, times 0
[  821.969013][T14798] CPU: 3 UID: 0 PID: 14798 Comm: syz.1.2461 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  821.973261][T14798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  821.977941][T14798] Call Trace:
[  821.979433][T14798]  <TASK>
[  821.980762][T14798]  dump_stack_lvl+0x16c/0x1f0
[  821.982886][T14798]  should_fail_ex+0x497/0x5b0
[  821.984878][T14798]  ? fs_reclaim_acquire+0xae/0x160
[  821.987048][T14798]  should_failslab+0xc2/0x120
[  821.989026][T14798]  __kmalloc_noprof+0xcb/0x410
[  821.991049][T14798]  ? __pfx_lock_acquire+0x10/0x10
[  821.993251][T14798]  tomoyo_realpath_from_path+0xbf/0x710
[  821.995749][T14798]  ? tomoyo_profile+0x47/0x60
[  821.997834][T14798]  tomoyo_path_number_perm+0x245/0x5b0
[  822.000117][T14798]  ? tomoyo_path_number_perm+0x232/0x5b0
[  822.002433][T14798]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  822.005020][T14798]  ? __pfx_lock_release+0x10/0x10
[  822.007065][T14798]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  822.009220][T14798]  ? __fget_files+0x256/0x400
[  822.011119][T14798]  security_file_ioctl_compat+0x75/0xc0
[  822.013601][T14798]  __do_compat_sys_ioctl+0x5d/0x330
[  822.015953][T14798]  __do_fast_syscall_32+0x73/0x120
[  822.018272][T14798]  do_fast_syscall_32+0x32/0x80
[  822.020502][T14798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  822.023222][T14798] RIP: 0023:0xf73ee579
[  822.025043][T14798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  822.033487][T14798] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  822.037174][T14798] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040086602
[  822.040704][T14798] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000
[  822.044169][T14798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  822.047633][T14798] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  822.051130][T14798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  822.054624][T14798]  </TASK>
[  822.056127][    C3] vkms_vblank_simulate: vblank timer overrun
[  822.060383][T14798] ERROR: Out of memory at tomoyo_realpath_from_path.
[  822.182607][ T8590] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  822.398149][ T8590] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  822.402163][ T8590] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  822.407119][ T8590] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  822.411153][ T8590] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  822.416294][ T8590] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  822.426758][ T8590] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  822.432844][ T8590] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  822.436465][ T8590] usb 5-1: Product: syz
[  822.438707][ T8590] usb 5-1: Manufacturer: syz
[  822.458555][ T8590] cdc_wdm 5-1:1.0: skipping garbage
[  822.461131][ T8590] cdc_wdm 5-1:1.0: skipping garbage
[  822.468330][ T8590] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  822.471311][ T8590] cdc_wdm 5-1:1.0: Unknown control protocol
[  822.722419][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.726103][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.729198][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.732110][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.734767][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.737392][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.740013][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.742802][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.747480][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.750534][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.753623][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.756958][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.760096][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.763164][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.765981][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.768910][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.771857][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.774862][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.777837][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  822.780759][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  822.784739][   T30] usb 5-1: USB disconnect, device number 17
[  822.787702][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  823.536816][T14809] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2465'.
[  823.570890][T14809] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2465'.
[  824.861596][T14844] block nbd1: shutting down sockets
[  824.936807][T14846] block nbd0: shutting down sockets
[  825.197020][T14852] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  825.259876][T14854] loop0: detected capacity change from 0 to 7
[  825.267724][T14854]  loop0: [CUMANA/ADFS] p1 [ADFS] p1
[  825.270025][T14854] loop0: partition table partially beyond EOD, truncated
[  825.274837][T14854] loop0: p1 size 538856936 extends beyond EOD, truncated
[  825.295649][ T5356] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  825.482572][ T5356] usb 5-1: Using ep0 maxpacket: 16
[  825.494372][ T5356] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  825.499451][ T5356] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  825.507157][ T5356] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  825.513463][ T5356] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  825.519137][ T5356] usb 5-1: config 0 descriptor??
[  825.894160][T14864] FAULT_INJECTION: forcing a failure.
[  825.894160][T14864] name failslab, interval 1, probability 0, space 0, times 0
[  825.899679][T14864] CPU: 0 UID: 0 PID: 14864 Comm: syz.2.2481 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  825.904054][T14864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  825.908265][T14864] Call Trace:
[  825.909470][T14864]  <TASK>
[  825.910479][T14864]  dump_stack_lvl+0x16c/0x1f0
[  825.912371][T14864]  should_fail_ex+0x497/0x5b0
[  825.914459][T14864]  ? fs_reclaim_acquire+0xae/0x160
[  825.916561][T14864]  should_failslab+0xc2/0x120
[  825.918116][T14864]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  825.919946][T14864]  ? getname_flags.part.0+0x4c/0x550
[  825.921784][T14864]  getname_flags.part.0+0x4c/0x550
[  825.923844][T14864]  getname_flags+0x93/0xf0
[  825.925615][T14864]  __ia32_sys_rename+0x57/0xa0
[  825.927652][T14864]  __do_fast_syscall_32+0x73/0x120
[  825.929638][T14864]  do_fast_syscall_32+0x32/0x80
[  825.931506][T14864]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  825.933957][T14864] RIP: 0023:0xf7f80579
[  825.935464][T14864] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  825.942379][T14864] RSP: 002b:00000000f56d456c EFLAGS: 00000296 ORIG_RAX: 0000000000000026
[  825.946399][T14864] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000020000140
[  825.949954][T14864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  825.953868][T14864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  825.957280][T14864] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  825.961325][T14864] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  825.965563][T14864]  </TASK>
[  825.998603][T14866] FAULT_INJECTION: forcing a failure.
[  825.998603][T14866] name failslab, interval 1, probability 0, space 0, times 0
[  826.005839][T14866] CPU: 3 UID: 0 PID: 14866 Comm: syz.3.2482 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  826.010512][T14866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  826.015139][T14866] Call Trace:
[  826.016599][T14866]  <TASK>
[  826.017881][T14866]  dump_stack_lvl+0x16c/0x1f0
[  826.019968][T14866]  should_fail_ex+0x497/0x5b0
[  826.022029][T14866]  ? fs_reclaim_acquire+0xae/0x160
[  826.024258][T14866]  should_failslab+0xc2/0x120
[  826.026292][T14866]  __kmalloc_noprof+0xcb/0x410
[  826.028402][T14866]  ? __pfx_lock_acquire+0x10/0x10
[  826.030657][T14866]  tomoyo_realpath_from_path+0xbf/0x710
[  826.033131][T14866]  ? tomoyo_profile+0x47/0x60
[  826.035249][T14866]  tomoyo_path_number_perm+0x245/0x5b0
[  826.037654][T14866]  ? tomoyo_path_number_perm+0x232/0x5b0
[  826.040325][T14866]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  826.042886][T14866]  ? __pfx_lock_release+0x10/0x10
[  826.045115][T14866]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  826.047722][T14866]  ? __fget_files+0x256/0x400
[  826.049745][T14866]  security_file_ioctl_compat+0x75/0xc0
[  826.052149][T14866]  __do_compat_sys_ioctl+0x5d/0x330
[  826.054276][T14866]  __do_fast_syscall_32+0x73/0x120
[  826.056331][T14866]  do_fast_syscall_32+0x32/0x80
[  826.058288][T14866]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  826.060946][T14866] RIP: 0023:0xf740e579
[  826.062585][T14866] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  826.070116][T14866] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  826.073728][T14866] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000001267
[  826.077140][T14866] RDX: 00000000ffffffff RSI: 0000000000000000 RDI: 0000000000000000
[  826.080716][T14866] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  826.083991][T14866] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  826.087290][T14866] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  826.090818][T14866]  </TASK>
[  826.101277][T14866] ERROR: Out of memory at tomoyo_realpath_from_path.
[  826.272420][ T5356] usbhid 5-1:0.0: can't add hid device: -71
[  826.276409][ T5356] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  826.287777][ T5356] usb 5-1: USB disconnect, device number 18
[  826.954108][T14878] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  828.563241][ T5399] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  828.569575][T14888] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2489'.
[  828.583192][T14888] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2489'.
[  828.595249][T14888] Illegal XDP return value 4294967274 on prog  (id 733) dev N/A, expect packet loss!
[  828.609341][T14890] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2490'.
[  828.693127][T14892] FAULT_INJECTION: forcing a failure.
[  828.693127][T14892] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  828.698835][T14892] CPU: 2 UID: 0 PID: 14892 Comm: syz.2.2491 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  828.703084][T14892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  828.707871][T14892] Call Trace:
[  828.709482][T14892]  <TASK>
[  828.710941][T14892]  dump_stack_lvl+0x16c/0x1f0
[  828.713226][T14892]  should_fail_ex+0x497/0x5b0
[  828.715512][T14892]  _copy_from_user+0x30/0xf0
[  828.718174][T14892]  __sys_bpf+0x239/0x55e0
[  828.720162][T14892]  ? __pfx___sys_bpf+0x10/0x10
[  828.722211][T14892]  ? ksys_write+0x12f/0x260
[  828.725295][T14892]  ? find_held_lock+0x2d/0x110
[  828.728596][T14892]  ? ksys_write+0x21c/0x260
[  828.730824][T14892]  ? __pfx_lock_release+0x10/0x10
[  828.733484][T14892]  ? vfs_write+0x14d/0x1140
[  828.735439][T14892]  ? __mutex_unlock_slowpath+0x164/0x650
[  828.737853][T14892]  ? fput+0x32/0x390
[  828.739579][T14892]  ? ksys_write+0x1ab/0x260
[  828.742497][T14892]  ? __pfx_ksys_write+0x10/0x10
[  828.744505][T14892]  __ia32_sys_bpf+0x76/0xe0
[  828.746615][T14892]  __do_fast_syscall_32+0x73/0x120
[  828.748919][T14892]  do_fast_syscall_32+0x32/0x80
[  828.751137][T14892]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  828.753953][T14892] RIP: 0023:0xf7f80579
[  828.771891][T14892] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  828.786592][T14892] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  828.790269][T14892] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000020000040
[  828.793741][T14892] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  828.797391][T14892] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  828.800877][T14892] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  828.804349][T14892] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  828.807831][T14892]  </TASK>
[  828.917398][ T5399] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  828.922157][ T5399] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  828.928112][ T5399] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  828.932135][ T5399] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  828.979398][ T5399] usb 5-1: config 0 descriptor??
[  829.039560][T14904] dccp_close: ABORT with 1 bytes unread
[  829.177093][T14910] FAULT_INJECTION: forcing a failure.
[  829.177093][T14910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  829.208831][T14910] CPU: 3 UID: 0 PID: 14910 Comm: syz.2.2498 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  829.214097][T14910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  829.220284][T14910] Call Trace:
[  829.221877][T14910]  <TASK>
[  829.223446][T14910]  dump_stack_lvl+0x16c/0x1f0
[  829.225800][T14910]  should_fail_ex+0x497/0x5b0
[  829.227741][T14910]  _copy_to_iter+0x27a/0xfc0
[  829.229470][T14910]  ? __pfx__copy_to_iter+0x10/0x10
[  829.231642][T14910]  ? __virt_addr_valid+0x5e/0x590
[  829.233574][T14910]  ? __phys_addr_symbol+0x30/0x80
[  829.235464][T14910]  ? __check_object_size+0x4b0/0x720
[  829.237539][T14910]  simple_copy_to_iter+0x4f/0x80
[  829.239495][T14910]  __skb_datagram_iter+0x122/0x800
[  829.242166][T14910]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  829.245148][T14910]  skb_copy_datagram_iter+0xac/0x250
[  829.247732][T14910]  dccp_recvmsg+0x7e8/0xa70
[  829.249937][T14910]  ? prune_icache_sb+0x134/0x150
[  829.252304][T14910]  ? __pfx_dccp_recvmsg+0x10/0x10
[  829.254091][T14910]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  829.256817][T14910]  sock_common_recvmsg+0xea/0x1a0
[  829.258846][T14910]  ? __pfx_sock_common_recvmsg+0x10/0x10
[  829.261100][T14910]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  829.263552][T14910]  ? security_socket_recvmsg+0x98/0xd0
[  829.265991][T14910]  sock_recvmsg+0x1f6/0x250
[  829.268134][T14910]  __sys_recvfrom+0x1ab/0x2e0
[  829.270789][T14910]  ? __pfx___sys_recvfrom+0x10/0x10
[  829.273151][T14910]  ? ksys_write+0x1ab/0x260
[  829.275229][T14910]  ? __pfx_ksys_write+0x10/0x10
[  829.277391][T14910]  __ia32_compat_sys_recvfrom+0xe4/0x1c0
[  829.279874][T14910]  ? lockdep_hardirqs_on+0x7c/0x110
[  829.282185][T14910]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  829.285085][T14910]  __do_fast_syscall_32+0x73/0x120
[  829.287378][T14910]  do_fast_syscall_32+0x32/0x80
[  829.289530][T14910]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  829.292319][T14910] RIP: 0023:0xf7f80579
[  829.294148][T14910] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  829.301667][T14910] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000173
[  829.304909][T14910] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  829.308502][T14910] RDX: 0000000000000300 RSI: 0000000000000023 RDI: 0000000000000000
[  829.312022][T14910] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  829.315932][T14910] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  829.319471][T14910] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  829.323241][T14910]  </TASK>
[  829.344562][T14909] dccp_close: ABORT with 1 bytes unread
[  829.550726][ T5399] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  829.573376][ T5399] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  829.577276][ T5399] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  829.602900][ T5399] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  829.815491][T14919] FAULT_INJECTION: forcing a failure.
[  829.815491][T14919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  829.822398][T14919] CPU: 2 UID: 0 PID: 14919 Comm: syz.2.2501 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  829.827500][T14919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  829.833338][T14919] Call Trace:
[  829.835367][T14919]  <TASK>
[  829.837167][T14919]  dump_stack_lvl+0x16c/0x1f0
[  829.839688][T14919]  should_fail_ex+0x497/0x5b0
[  829.842594][T14919]  _copy_from_user+0x30/0xf0
[  829.846010][T14919]  get_compat_msghdr+0xa8/0x170
[  829.847862][ T5356] usb 5-1: USB disconnect, device number 19
[  829.848282][T14919]  ? __pfx_get_compat_msghdr+0x10/0x10
[  829.852731][T14919]  ? __pfx___lock_acquire+0x10/0x10
[  829.854844][T14919]  ___sys_sendmsg+0x1b0/0x1e0
[  829.856620][T14919]  ? __pfx____sys_sendmsg+0x10/0x10
[  829.858617][T14919]  ? ksys_write+0x21c/0x260
[  829.860505][T14919]  ? __fget_light+0x173/0x210
[  829.862539][T14919]  __sys_sendmsg+0x117/0x1f0
[  829.864933][T14919]  ? __pfx___sys_sendmsg+0x10/0x10
[  829.867590][T14919]  __do_fast_syscall_32+0x73/0x120
[  829.869989][T14919]  do_fast_syscall_32+0x32/0x80
[  829.872117][T14919]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  829.874784][T14919] RIP: 0023:0xf7f80579
[  829.876399][T14919] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  829.884923][T14919] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  829.888692][T14919] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200012c0
[  829.892154][T14919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  829.895707][T14919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  829.899088][T14919] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  829.902643][T14919] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  829.905675][T14919]  </TASK>
[  830.720522][T14931] FAULT_INJECTION: forcing a failure.
[  830.720522][T14931] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  830.729705][T14931] CPU: 3 UID: 0 PID: 14931 Comm: syz.0.2505 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  830.734000][T14931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  830.738272][T14931] Call Trace:
[  830.739739][T14931]  <TASK>
[  830.741027][T14931]  dump_stack_lvl+0x16c/0x1f0
[  830.743060][T14931]  should_fail_ex+0x497/0x5b0
[  830.745154][T14931]  _copy_from_user+0x30/0xf0
[  830.747144][T14931]  get_compat_msghdr+0xa8/0x170
[  830.749214][T14931]  ? __pfx_get_compat_msghdr+0x10/0x10
[  830.751499][T14931]  ? __pfx___lock_acquire+0x10/0x10
[  830.753608][T14931]  ___sys_sendmsg+0x1b0/0x1e0
[  830.755550][T14931]  ? __pfx____sys_sendmsg+0x10/0x10
[  830.757819][T14931]  ? ksys_write+0x21c/0x260
[  830.759809][T14931]  ? __fget_light+0x173/0x210
[  830.761833][T14931]  __sys_sendmsg+0x117/0x1f0
[  830.763847][T14931]  ? __pfx___sys_sendmsg+0x10/0x10
[  830.766025][T14931]  __do_fast_syscall_32+0x73/0x120
[  830.768158][T14931]  do_fast_syscall_32+0x32/0x80
[  830.770194][T14931]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  830.772848][T14931] RIP: 0023:0xf747e579
[  830.774564][T14931] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  830.782749][T14931] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  830.786253][T14931] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000200001c0
[  830.789510][T14931] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  830.792849][T14931] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  830.796191][T14931] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  830.799672][T14931] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  830.803049][T14931]  </TASK>
[  831.101882][T14942] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2509'.
[  831.201136][T14946] trusted_key: encrypted_key: insufficient parameters specified
[  831.383397][T14953] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2513'.
[  831.517911][   T39] audit: type=1800 audit(1725761727.357:59): pid=14958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2514" name="/" dev="fuse" ino=1 res=0 errno=0
[  832.065254][T14969] FAULT_INJECTION: forcing a failure.
[  832.065254][T14969] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  832.070474][T14969] CPU: 3 UID: 0 PID: 14969 Comm: syz.1.2517 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  832.074354][T14969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  832.078354][T14969] Call Trace:
[  832.079783][T14969]  <TASK>
[  832.080997][T14969]  dump_stack_lvl+0x16c/0x1f0
[  832.082950][T14969]  should_fail_ex+0x497/0x5b0
[  832.084972][T14969]  _copy_from_user+0x30/0xf0
[  832.086903][T14969]  get_compat_msghdr+0xa8/0x170
[  832.089016][T14969]  ? __pfx_get_compat_msghdr+0x10/0x10
[  832.091414][T14969]  ? __pfx___lock_acquire+0x10/0x10
[  832.093572][T14969]  ? __might_fault+0x13b/0x190
[  832.095565][T14969]  ___sys_sendmsg+0x1b0/0x1e0
[  832.097486][T14969]  ? __pfx____sys_sendmsg+0x10/0x10
[  832.099584][T14969]  ? __pfx_lock_release+0x10/0x10
[  832.101612][T14969]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  832.103982][T14969]  ? __fget_light+0x173/0x210
[  832.105575][T14969]  __sys_sendmmsg+0x2a5/0x450
[  832.107261][T14969]  ? __pfx___sys_sendmmsg+0x10/0x10
[  832.109545][T14969]  ? vfs_write+0x14d/0x1140
[  832.111597][T14969]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  832.114222][T14969]  ? fput+0x32/0x390
[  832.115993][T14969]  ? ksys_write+0x1ab/0x260
[  832.118130][T14969]  ? __pfx_ksys_write+0x10/0x10
[  832.120481][T14969]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  832.122959][T14969]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  832.125264][T14969]  __do_fast_syscall_32+0x73/0x120
[  832.126988][T14969]  do_fast_syscall_32+0x32/0x80
[  832.128870][T14969]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  832.131225][T14969] RIP: 0023:0xf73ee579
[  832.132770][T14969] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  832.140816][T14969] RSP: 002b:00000000f56c556c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  832.144133][T14969] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020003c40
[  832.147341][T14969] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  832.150366][T14969] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  832.153302][T14969] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  832.156501][T14969] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  832.159465][T14969]  </TASK>
[  832.270394][T14971] could not allocate digest TFM handle blake2s-224-generic
[  832.455944][T14977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2518'.
[  832.799160][T14980] xt_hashlimit: max too large, truncated to 1048576
[  832.802303][T14980] xt_hashlimit: overflow, try lower: 0/0
[  833.115488][T14988] FAULT_INJECTION: forcing a failure.
[  833.115488][T14988] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  833.121124][T14988] CPU: 0 UID: 0 PID: 14988 Comm: syz.3.2522 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  833.125623][T14988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  833.130286][T14988] Call Trace:
[  833.131728][T14988]  <TASK>
[  833.132994][T14988]  dump_stack_lvl+0x16c/0x1f0
[  833.134957][T14988]  should_fail_ex+0x497/0x5b0
[  833.137126][T14988]  _copy_from_user+0x30/0xf0
[  833.139180][T14988]  move_addr_to_kernel+0x68/0x160
[  833.141306][T14988]  __sys_sendto+0x169/0x4e0
[  833.143472][T14988]  ? __pfx___sys_sendto+0x10/0x10
[  833.145710][T14988]  ? ksys_write+0x1ab/0x260
[  833.147668][T14988]  ? __pfx_ksys_write+0x10/0x10
[  833.149694][T14988]  __ia32_sys_sendto+0xdd/0x1b0
[  833.151665][T14988]  ? lockdep_hardirqs_on+0x7c/0x110
[  833.153793][T14988]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  833.156205][T14988]  __do_fast_syscall_32+0x73/0x120
[  833.158086][T14988]  do_fast_syscall_32+0x32/0x80
[  833.159987][T14988]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  833.162534][T14988] RIP: 0023:0xf740e579
[  833.164414][T14988] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  833.172712][T14988] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  833.176801][T14988] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000140
[  833.180542][T14988] RDX: 0000000000000014 RSI: 0000000000000000 RDI: 00000000200000c0
[  833.184013][T14988] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  833.187388][T14988] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  833.190761][T14988] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  833.194201][T14988]  </TASK>
[  833.483592][T14992] FAULT_INJECTION: forcing a failure.
[  833.483592][T14992] name failslab, interval 1, probability 0, space 0, times 0
[  833.489521][T14992] CPU: 1 UID: 0 PID: 14992 Comm: syz.3.2524 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  833.494120][T14992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  833.498939][T14992] Call Trace:
[  833.500341][T14992]  <TASK>
[  833.501519][T14992]  dump_stack_lvl+0x16c/0x1f0
[  833.503430][T14992]  should_fail_ex+0x497/0x5b0
[  833.505426][T14992]  ? fs_reclaim_acquire+0xae/0x160
[  833.507710][T14992]  should_failslab+0xc2/0x120
[  833.509754][T14992]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  833.511883][T14992]  ? getname_flags.part.0+0x4c/0x550
[  833.514191][T14992]  getname_flags.part.0+0x4c/0x550
[  833.516600][T14992]  getname_flags+0x93/0xf0
[  833.518567][T14992]  user_path_at+0x24/0x60
[  833.520378][T14992]  __do_sys_pivot_root+0x175/0x1660
[  833.522699][T14992]  ? __pfx___do_sys_pivot_root+0x10/0x10
[  833.525160][T14992]  ? fput+0x32/0x390
[  833.526649][T14992]  ? __pfx_ksys_write+0x10/0x10
[  833.528444][T14992]  __do_fast_syscall_32+0x73/0x120
[  833.530368][T14992]  do_fast_syscall_32+0x32/0x80
[  833.532413][T14992]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  833.535116][T14992] RIP: 0023:0xf740e579
[  833.536691][T14992] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  833.548364][T14992] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 00000000000000d9
[  833.551922][T14992] RAX: ffffffffffffffda RBX: 0000000020000140 RCX: 00000000200001c0
[  833.555243][T14992] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  833.558681][T14992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  833.562122][T14992] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  833.565687][T14992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  833.568919][T14992]  </TASK>
[  833.804263][T14998] netlink: 'syz.0.2525': attribute type 22 has an invalid length.
[  833.818710][T14998] netlink: 'syz.0.2525': attribute type 22 has an invalid length.
[  834.094563][ T5399] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  834.324362][ T5399] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  834.340944][T15001] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2527'.
[  834.347234][ T5399] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  834.351398][ T5399] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  834.353298][T15001] netlink: 'syz.3.2527': attribute type 3 has an invalid length.
[  834.357917][ T5399] usb 5-1: config 0 interface 0 has no altsetting 0
[  834.389719][ T5399] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  834.394371][ T5399] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  834.399298][ T5399] usb 5-1: config 0 interface 0 has no altsetting 0
[  834.404958][ T5399] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  834.409048][ T5399] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  834.414534][ T5399] usb 5-1: config 0 interface 0 has no altsetting 0
[  834.418413][ T5399] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  834.422975][ T5399] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  834.427860][ T5399] usb 5-1: config 0 interface 0 has no altsetting 0
[  834.431243][T15007] FAULT_INJECTION: forcing a failure.
[  834.431243][T15007] name failslab, interval 1, probability 0, space 0, times 0
[  834.434027][ T5399] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  834.437066][T15007] CPU: 1 UID: 0 PID: 15007 Comm: syz.1.2530 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  834.441057][ T5399] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  834.445800][T15007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  834.445816][T15007] Call Trace:
[  834.445823][T15007]  <TASK>
[  834.445830][T15007]  dump_stack_lvl+0x16c/0x1f0
[  834.445856][T15007]  should_fail_ex+0x497/0x5b0
[  834.445877][T15007]  ? fs_reclaim_acquire+0xae/0x160
[  834.445909][T15007]  should_failslab+0xc2/0x120
[  834.445931][T15007]  __kmalloc_noprof+0xcb/0x410
[  834.445950][T15007]  ? __pfx_lock_acquire+0x10/0x10
[  834.445980][T15007]  tomoyo_realpath_from_path+0xbf/0x710
[  834.446003][T15007]  ? tomoyo_profile+0x47/0x60
[  834.446026][T15007]  tomoyo_path_number_perm+0x245/0x5b0
[  834.446052][T15007]  ? tomoyo_path_number_perm+0x232/0x5b0
[  834.446080][T15007]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  834.446115][T15007]  ? __pfx_lock_release+0x10/0x10
[  834.446154][T15007]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  834.446190][T15007]  ? __fget_files+0x256/0x400
[  834.446217][T15007]  security_file_ioctl_compat+0x75/0xc0
[  834.446266][T15007]  __do_compat_sys_ioctl+0x5d/0x330
[  834.446291][T15007]  __do_fast_syscall_32+0x73/0x120
[  834.446319][T15007]  do_fast_syscall_32+0x32/0x80
[  834.446345][T15007]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  834.446366][T15007] RIP: 0023:0xf73ee579
[  834.446382][T15007] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  834.446399][T15007] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  834.446418][T15007] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000008b04
[  834.446431][T15007] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  834.446442][T15007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  834.446454][T15007] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  834.446465][T15007] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  834.446491][T15007]  </TASK>
[  834.446983][T15007] ERROR: Out of memory at tomoyo_realpath_from_path.
[  834.559751][ T5399] usb 5-1: config 0 interface 0 has no altsetting 0
[  834.564042][ T5399] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  834.567931][ T5399] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  834.574555][ T5399] usb 5-1: config 0 interface 0 has no altsetting 0
[  834.579397][ T5399] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  834.583850][ T5399] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  834.587835][ T5399] usb 5-1: config 0 interface 0 has no altsetting 0
[  834.591358][ T5399] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  834.595875][ T5399] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  834.600052][ T5399] usb 5-1: config 0 interface 0 has no altsetting 0
[  834.608781][ T5399] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  834.613900][ T5399] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  834.617922][ T5399] usb 5-1: Product: syz
[  834.619970][ T5399] usb 5-1: Manufacturer: syz
[  834.622177][ T5399] usb 5-1: SerialNumber: syz
[  834.627677][ T5399] usb 5-1: config 0 descriptor??
[  834.645928][ T5399] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  834.839654][T15020] FAULT_INJECTION: forcing a failure.
[  834.839654][T15020] name failslab, interval 1, probability 0, space 0, times 0
[  834.846373][T15020] CPU: 3 UID: 0 PID: 15020 Comm: syz.3.2533 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  834.851616][T15020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  834.856411][T15020] Call Trace:
[  834.857849][T15020]  <TASK>
[  834.859137][T15020]  dump_stack_lvl+0x16c/0x1f0
[  834.860840][T15020]  should_fail_ex+0x497/0x5b0
[  834.862563][T15020]  ? fs_reclaim_acquire+0xae/0x160
[  834.864650][T15020]  should_failslab+0xc2/0x120
[  834.866520][T15020]  __kmalloc_noprof+0xcb/0x410
[  834.868513][T15020]  iter_file_splice_write+0x1d2/0x10b0
[  834.870842][T15020]  ? __pfx___lock_acquire+0x10/0x10
[  834.873271][T15020]  ? __pfx_aa_file_perm+0x10/0x10
[  834.875504][T15020]  ? __pfx_iter_file_splice_write+0x10/0x10
[  834.878317][T15020]  ? __pfx_lock_acquire+0x10/0x10
[  834.880904][T15020]  ? __pfx_iter_file_splice_write+0x10/0x10
[  834.883667][T15020]  do_splice+0x148c/0x1f90
[  834.885343][T15020]  ? find_held_lock+0x2d/0x110
[  834.887402][T15020]  ? __pfx_do_splice+0x10/0x10
[  834.889425][T15020]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  834.892379][T15020]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  834.896033][T15020]  __do_splice+0x327/0x360
[  834.898346][T15020]  ? __pfx___do_splice+0x10/0x10
[  834.900497][T15020]  __ia32_sys_splice+0x1d0/0x260
[  834.902934][T15020]  __do_fast_syscall_32+0x73/0x120
[  834.905215][T15020]  do_fast_syscall_32+0x32/0x80
[  834.907384][T15020]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  834.909927][T15020] RIP: 0023:0xf740e579
[  834.911905][T15020] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  834.919985][T15020] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000139
[  834.923586][T15020] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  834.926402][T15020] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000600
[  834.929678][T15020] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  834.933142][T15020] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  834.936295][T15020] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  834.939431][T15020]  </TASK>
[  835.031804][T15024] net veth1_virt_wifi virt_wifi0: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  835.470369][T15032] FAULT_INJECTION: forcing a failure.
[  835.470369][T15032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  835.479650][T15032] CPU: 2 UID: 0 PID: 15032 Comm: syz.3.2537 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  835.486316][T15032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  835.492186][T15032] Call Trace:
[  835.494710][T15032]  <TASK>
[  835.496869][T15032]  dump_stack_lvl+0x16c/0x1f0
[  835.499314][T15032]  should_fail_ex+0x497/0x5b0
[  835.502065][T15032]  _copy_from_user+0x30/0xf0
[  835.504318][T15032]  __keyctl_dh_compute+0x1b4/0xf50
[  835.508182][T15032]  ? get_pid_task+0xfc/0x250
[  835.510411][T15032]  ? __pfx_lock_release+0x10/0x10
[  835.512977][T15032]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  835.516020][T15032]  ? __pfx___keyctl_dh_compute+0x10/0x10
[  835.519300][T15032]  ? find_held_lock+0x2d/0x110
[  835.521371][T15032]  ? find_held_lock+0x2d/0x110
[  835.524350][T15032]  ? ksys_write+0x21c/0x260
[  835.526891][T15032]  compat_keyctl_dh_compute+0x161/0x1d0
[  835.530957][T15032]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[  835.536178][T15032]  ? ksys_write+0x1ab/0x260
[  835.538536][T15032]  ? __pfx_ksys_write+0x10/0x10
[  835.540875][T15032]  __do_compat_sys_keyctl+0x27b/0x440
[  835.543708][T15032]  __do_fast_syscall_32+0x73/0x120
[  835.546712][T15032]  do_fast_syscall_32+0x32/0x80
[  835.550060][T15032]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  835.552733][T15032] RIP: 0023:0xf740e579
[  835.554363][T15032] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  835.562354][T15032] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[  835.566863][T15032] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000020000140
[  835.570061][T15032] RDX: 00000000200000c0 RSI: 00000000fffffe4f RDI: 0000000000000000
[  835.573895][T15032] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  835.577550][T15032] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  835.580935][T15032] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  835.585180][T15032]  </TASK>
[  836.314084][ T5399] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  836.444930][T15045] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2539'.
[  836.542904][ T5399] usb 8-1: Using ep0 maxpacket: 16
[  836.552994][ T5399] usb 8-1: config 0 has no interfaces?
[  836.555673][ T5399] usb 8-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  836.560029][ T5399] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  836.577623][ T5399] usb 8-1: config 0 descriptor??
[  836.996569][T15036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  837.002031][T15036] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  837.186462][    C2] usb 5-1: yurex_control_callback - control failed: -2
[  837.230725][   T30] usb 5-1: USB disconnect, device number 20
[  837.257271][   T30] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  838.708831][   T30] usb 8-1: USB disconnect, device number 22
[  838.824113][T15059] syzkaller1: entered promiscuous mode
[  838.826424][T15059] syzkaller1: entered allmulticast mode
[  839.300212][   T39] audit: type=1800 audit(1725761735.137:60): pid=15070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2547" name="/" dev="fuse" ino=1 res=0 errno=0
[  839.326447][T15072] FAULT_INJECTION: forcing a failure.
[  839.326447][T15072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  839.332751][T15072] CPU: 2 UID: 0 PID: 15072 Comm: syz.1.2548 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  839.337334][T15072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  839.341945][T15072] Call Trace:
[  839.343454][T15072]  <TASK>
[  839.344714][T15072]  dump_stack_lvl+0x16c/0x1f0
[  839.346917][T15072]  should_fail_ex+0x497/0x5b0
[  839.348854][T15072]  _copy_from_user+0x30/0xf0
[  839.350864][T15072]  get_compat_msghdr+0xa8/0x170
[  839.353031][T15072]  ? __pfx_get_compat_msghdr+0x10/0x10
[  839.355358][T15072]  ? __pfx___lock_acquire+0x10/0x10
[  839.357582][T15072]  ___sys_sendmsg+0x1b0/0x1e0
[  839.359865][T15072]  ? __pfx____sys_sendmsg+0x10/0x10
[  839.362610][T15072]  ? ksys_write+0x21c/0x260
[  839.364942][T15072]  ? __fget_light+0x173/0x210
[  839.367015][T15072]  __sys_sendmsg+0x117/0x1f0
[  839.368825][T15072]  ? __pfx___sys_sendmsg+0x10/0x10
[  839.371061][T15072]  __do_fast_syscall_32+0x73/0x120
[  839.373288][T15072]  do_fast_syscall_32+0x32/0x80
[  839.375113][T15072]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  839.377852][T15072] RIP: 0023:0xf73ee579
[  839.379627][T15072] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  839.385093][   T58] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  839.388499][T15072] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  839.396205][T15072] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  839.400216][T15072] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  839.404231][T15072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  839.407821][T15072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  839.411355][T15072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  839.414336][T15072]  </TASK>
[  839.575718][   T58] usb 5-1: Using ep0 maxpacket: 8
[  839.580998][   T58] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  839.586001][   T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  839.590079][   T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  839.594483][   T58] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  839.599716][   T58] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  839.605937][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  839.812281][   T39] audit: type=1804 audit(1725761735.647:61): pid=15074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2549" name="/newroot/209/bus/cgroup.controllers" dev="overlay" ino=1175 res=1 errno=0
[  839.821590][   T39] audit: type=1800 audit(1725761735.657:62): pid=15074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2549" name="cgroup.controllers" dev="overlay" ino=1175 res=0 errno=0
[  839.827915][   T58] usb 5-1: GET_CAPABILITIES returned 0
[  839.832764][   T25] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  839.833785][   T58] usbtmc 5-1:16.0: can't read capabilities
[  840.067769][   T39] audit: type=1804 audit(1725761735.907:63): pid=15063 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2543" name="/newroot/34/bus/cgroup.controllers" dev="overlay" ino=216 res=1 errno=0
[  840.082044][   T39] audit: type=1800 audit(1725761735.907:64): pid=15063 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2543" name="cgroup.controllers" dev="overlay" ino=216 res=0 errno=0
[  840.114348][ T5399] usb 5-1: USB disconnect, device number 21
[  840.728846][T15087] FAULT_INJECTION: forcing a failure.
[  840.728846][T15087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  840.749991][T15087] CPU: 0 UID: 0 PID: 15087 Comm: syz.1.2554 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  840.757330][T15087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  840.762777][T15087] Call Trace:
[  840.764563][T15087]  <TASK>
[  840.766212][T15087]  dump_stack_lvl+0x16c/0x1f0
[  840.768292][T15087]  should_fail_ex+0x497/0x5b0
[  840.774206][T15087]  _copy_from_user+0x30/0xf0
[  840.776595][T15087]  get_compat_msghdr+0xa8/0x170
[  840.779068][T15087]  ? __pfx_get_compat_msghdr+0x10/0x10
[  840.782098][T15087]  ? __pfx___lock_acquire+0x10/0x10
[  840.784492][T15087]  ? __might_fault+0x13b/0x190
[  840.786968][T15087]  ___sys_sendmsg+0x1b0/0x1e0
[  840.789457][T15087]  ? __pfx____sys_sendmsg+0x10/0x10
[  840.792253][T15087]  ? __pfx_lock_release+0x10/0x10
[  840.794454][T15087]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  840.797408][T15087]  ? __fget_light+0x173/0x210
[  840.799781][T15087]  __sys_sendmmsg+0x2a5/0x450
[  840.801492][T15087]  ? __pfx___sys_sendmmsg+0x10/0x10
[  840.803429][T15087]  ? vfs_write+0x14d/0x1140
[  840.805424][T15087]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  840.808163][T15087]  ? fput+0x32/0x390
[  840.809784][T15087]  ? ksys_write+0x1ab/0x260
[  840.811762][T15087]  ? __pfx_ksys_write+0x10/0x10
[  840.813851][T15087]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  840.816180][T15087]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  840.818792][T15087]  __do_fast_syscall_32+0x73/0x120
[  840.820666][T15087]  do_fast_syscall_32+0x32/0x80
[  840.822448][T15087]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  840.824785][T15087] RIP: 0023:0xf73ee579
[  840.826281][T15087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  840.834427][T15087] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  840.837846][T15087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000b80
[  840.841168][T15087] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  840.844431][T15087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  840.847738][T15087] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  840.851566][T15087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  840.854804][T15087]  </TASK>
[  841.029523][T15093] libceph: resolve '.
[  841.029523][T15093] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  841.029523][T15093] ' (ret=-3): failed
[  841.723914][T15093] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  841.731781][T15093] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  841.812133][T15093] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  841.845507][T12857] Bluetooth: hci1: sending frame failed (-49)
[  841.850042][ T4777] Bluetooth: hci1: Opcode 0x1003 failed: -49
[  842.523470][T15110] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2560'.
[  842.922677][   T58] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  843.144924][   T58] usb 5-1: config 0 has no interfaces?
[  843.155598][   T58] usb 5-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=a0.35
[  843.159739][   T58] usb 5-1: New USB device strings: Mfr=140, Product=47, SerialNumber=177
[  843.172579][   T58] usb 5-1: Product: syz
[  843.174487][   T58] usb 5-1: Manufacturer: syz
[  843.176595][   T58] usb 5-1: SerialNumber: syz
[  843.194100][   T58] usb 5-1: config 0 descriptor??
[  843.333190][ T4777] Bluetooth: hci4: command 0x0c1a tx timeout
[  843.354820][T14376] Bluetooth: hci1: Frame reassembly failed (-84)
[  843.676442][T15114] ipt_ECN: cannot use operation on non-tcp rule
[  843.684950][T15114] Bluetooth: hci1: Frame reassembly failed (-84)
[  843.767859][T15126] netlink: 19 bytes leftover after parsing attributes in process `syz.2.2564'.
[  843.826360][T15125] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  843.896937][T15125] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  844.248962][T15126] block device autoloading is deprecated and will be removed.
[  844.757020][   T58] usb 5-1: USB disconnect, device number 22
[  845.060864][T15134] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  845.076067][T15134] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  845.402617][ T4777] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  845.412606][T12857] Bluetooth: hci1: command 0x1003 tx timeout
[  845.418297][T12857] Bluetooth: hci4: command 0x0c1a tx timeout
[  847.483372][T12857] Bluetooth: hci4: command 0x0c1a tx timeout
[  848.077226][T15173] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  848.081275][T15173] overlayfs: missing 'lowerdir'
[  848.107095][T15173] mkiss: ax0: crc mode is auto.
[  848.179124][T15176] FAULT_INJECTION: forcing a failure.
[  848.179124][T15176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  848.185266][T15176] CPU: 2 UID: 0 PID: 15176 Comm: syz.2.2578 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  848.189823][T15176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  848.194222][T15176] Call Trace:
[  848.195619][T15176]  <TASK>
[  848.196849][T15176]  dump_stack_lvl+0x16c/0x1f0
[  848.198879][T15176]  should_fail_ex+0x497/0x5b0
[  848.201063][T15176]  _copy_from_user+0x30/0xf0
[  848.203125][T15176]  __sys_bpf+0x239/0x55e0
[  848.205083][T15176]  ? __pfx___sys_bpf+0x10/0x10
[  848.206922][T15176]  ? ksys_write+0x12f/0x260
[  848.208731][T15176]  ? find_held_lock+0x2d/0x110
[  848.210811][T15176]  ? ksys_write+0x21c/0x260
[  848.212451][T15176]  ? __pfx_lock_release+0x10/0x10
[  848.214544][T15176]  ? vfs_write+0x14d/0x1140
[  848.216264][T15176]  ? __mutex_unlock_slowpath+0x164/0x650
[  848.218334][T15176]  ? fput+0x32/0x390
[  848.219525][T15176]  ? ksys_write+0x1ab/0x260
[  848.221190][T15176]  ? __pfx_ksys_write+0x10/0x10
[  848.222967][T15176]  __ia32_sys_bpf+0x76/0xe0
[  848.224591][T15176]  __do_fast_syscall_32+0x73/0x120
[  848.226455][T15176]  do_fast_syscall_32+0x32/0x80
[  848.228307][T15176]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  848.230737][T15176] RIP: 0023:0xf7f80579
[  848.232635][T15176] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  848.240929][T15176] RSP: 002b:00000000f56f556c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  848.244412][T15176] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000640
[  848.247748][T15176] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  848.251235][T15176] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  848.254869][T15176] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  848.258298][T15176] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  848.262605][T15176]  </TASK>
[  849.704647][T15200] FAULT_INJECTION: forcing a failure.
[  849.704647][T15200] name failslab, interval 1, probability 0, space 0, times 0
[  849.722471][T15200] CPU: 2 UID: 0 PID: 15200 Comm: syz.0.2584 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  849.726874][T15200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  849.731266][T15200] Call Trace:
[  849.732680][T15200]  <TASK>
[  849.733917][T15200]  dump_stack_lvl+0x16c/0x1f0
[  849.735878][T15200]  should_fail_ex+0x497/0x5b0
[  849.737843][T15200]  ? fs_reclaim_acquire+0xae/0x160
[  849.740300][T15200]  should_failslab+0xc2/0x120
[  849.742937][T15200]  __kmalloc_noprof+0xcb/0x410
[  849.744915][T15200]  ? __pfx_lock_acquire+0x10/0x10
[  849.747012][T15200]  tomoyo_realpath_from_path+0xbf/0x710
[  849.749272][T15200]  ? tomoyo_profile+0x47/0x60
[  849.751348][T15200]  tomoyo_path_number_perm+0x245/0x5b0
[  849.753770][T15200]  ? tomoyo_path_number_perm+0x232/0x5b0
[  849.755981][T15200]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  849.758444][T15200]  ? __pfx_lock_release+0x10/0x10
[  849.760729][T15200]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  849.763641][T15200]  ? __fget_files+0x256/0x400
[  849.766041][T15200]  security_file_ioctl_compat+0x75/0xc0
[  849.768524][T15200]  __do_compat_sys_ioctl+0x5d/0x330
[  849.770897][T15200]  __do_fast_syscall_32+0x73/0x120
[  849.773298][T15200]  do_fast_syscall_32+0x32/0x80
[  849.775606][T15200]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  849.778425][T15200] RIP: 0023:0xf747e579
[  849.780256][T15200] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  849.788734][T15200] RSP: 002b:00000000f575556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  849.792258][T15200] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000004c0a
[  849.795712][T15200] RDX: 00000000200002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  849.799154][T15200] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  849.802622][T15200] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  849.806059][T15200] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  849.809543][T15200]  </TASK>
[  849.840984][T15200] ERROR: Out of memory at tomoyo_realpath_from_path.
[  849.845224][T15200] loop2: detected capacity change from 0 to 7
[  849.856610][T15200] Dev loop2: unable to read RDB block 7
[  849.863930][T15200]  loop2: unable to read partition table
[  849.883179][T15200] loop2: partition table beyond EOD, truncated
[  849.886241][T15200] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5)
[  851.071809][T15209] "syz.0.2587" (15209) uses obsolete ecb(arc4) skcipher
[  851.409182][T15227] FAULT_INJECTION: forcing a failure.
[  851.409182][T15227] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  851.419934][T15227] CPU: 3 UID: 0 PID: 15227 Comm: syz.1.2591 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  851.424734][T15227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  851.429403][T15227] Call Trace:
[  851.430945][T15227]  <TASK>
[  851.432273][T15227]  dump_stack_lvl+0x16c/0x1f0
[  851.434586][T15227]  should_fail_ex+0x497/0x5b0
[  851.436654][T15227]  _copy_from_user+0x30/0xf0
[  851.438742][T15227]  move_addr_to_kernel+0x68/0x160
[  851.440802][T15227]  __sys_bind+0xc4/0x220
[  851.442506][T15227]  ? __pfx___sys_bind+0x10/0x10
[  851.444441][T15227]  ? __pfx_ksys_write+0x10/0x10
[  851.446379][T15227]  __ia32_sys_bind+0x71/0xb0
[  851.448465][T15227]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  851.451158][T15227]  __do_fast_syscall_32+0x73/0x120
[  851.453146][T15227]  do_fast_syscall_32+0x32/0x80
[  851.455374][T15227]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  851.458140][T15227] RIP: 0023:0xf73ee579
[  851.459948][T15227] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  851.468665][T15227] RSP: 002b:00000000f56e656c EFLAGS: 00000296 ORIG_RAX: 0000000000000169
[  851.472250][T15227] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000180
[  851.476152][T15227] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  851.479747][T15227] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  851.483129][T15227] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  851.486410][T15227] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  851.489879][T15227]  </TASK>
[  852.006626][T15235] mkiss: ax0: crc mode is auto.
[  852.074855][T15243] FAULT_INJECTION: forcing a failure.
[  852.074855][T15243] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  852.074929][T15243] 
[  852.074933][T15243] ======================================================
[  852.074937][T15243] WARNING: possible circular locking dependency detected
[  852.074942][T15243] 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 Not tainted
[  852.074950][T15243] ------------------------------------------------------
[  852.074955][T15243] syz.2.2595/15243 is trying to acquire lock:
[  852.074962][T15243] ffffffff8dda75d8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x12/0x70
[  852.075003][T15243] 
[  852.075003][T15243] but task is already holding lock:
[  852.075007][T15243] ffff88802b83edd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  852.075041][T15243] 
[  852.075041][T15243] which lock already depends on the new lock.
[  852.075041][T15243] 
[  852.075045][T15243] 
[  852.075045][T15243] the existing dependency chain (in reverse order) is:
[  852.075049][T15243] 
[  852.075049][T15243] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  852.075066][T15243]        _raw_spin_lock_nested+0x31/0x40
[  852.075082][T15243]        raw_spin_rq_lock_nested+0x29/0x130
[  852.075100][T15243]        task_fork_fair+0x73/0x250
[  852.075114][T15243]        sched_cgroup_fork+0x3cf/0x510
[  852.075129][T15243]        copy_process+0x4710/0x6f50
[  852.075143][T15243]        kernel_clone+0xfd/0x960
[  852.075157][T15243]        user_mode_thread+0xb4/0xf0
[  852.075171][T15243]        rest_init+0x23/0x2b0
[  852.075183][T15243]        start_kernel+0x3df/0x4c0
[  852.075201][T15243]        x86_64_start_reservations+0x18/0x30
[  852.075219][T15243]        x86_64_start_kernel+0xb2/0xc0
[  852.075236][T15243]        common_startup_64+0x13e/0x148
[  852.075250][T15243] 
[  852.075250][T15243] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  852.075267][T15243]        _raw_spin_lock_irqsave+0x3a/0x60
[  852.075283][T15243]        try_to_wake_up+0x9a/0x13e0
[  852.075300][T15243]        up+0x79/0xb0
[  852.075317][T15243]        console_unlock+0x23e/0x290
[  852.075338][T15243]        vga_remove_vgacon+0x90/0xd0
[  852.075354][T15243]        aperture_remove_conflicting_pci_devices+0x16a/0x1e0
[  852.075377][T15243]        bochs_pci_probe+0x101/0x1150
[  852.075396][T15243]        local_pci_probe+0xde/0x1b0
[  852.075414][T15243]        pci_device_probe+0x29d/0x7b0
[  852.075433][T15243]        really_probe+0x23e/0xa90
[  852.075454][T15243]        __driver_probe_device+0x1de/0x440
[  852.075465][T15243]        driver_probe_device+0x4c/0x1b0
[  852.075478][T15243]        __driver_attach+0x283/0x580
[  852.075490][T15243]        bus_for_each_dev+0x13c/0x1d0
[  852.075506][T15243]        bus_add_driver+0x2e9/0x690
[  852.075524][T15243]        driver_register+0x15c/0x4b0
[  852.075538][T15243]        bochs_pci_driver_init+0x67/0x80
[  852.075556][T15243]        do_one_initcall+0x128/0x630
[  852.075575][T15243]        kernel_init_freeable+0x660/0xc50
[  852.075594][T15243]        kernel_init+0x1c/0x2b0
[  852.075605][T15243]        ret_from_fork+0x45/0x80
[  852.075630][T15243]        ret_from_fork_asm+0x1a/0x30
[  852.075649][T15243] 
[  852.075649][T15243] -> #0 ((console_sem).lock){-.-.}-{2:2}:
[  852.075665][T15243]        __lock_acquire+0x24ed/0x3cb0
[  852.075684][T15243]        lock_acquire+0x1b1/0x560
[  852.075700][T15243]        _raw_spin_lock_irqsave+0x3a/0x60
[  852.075716][T15243]        down_trylock+0x12/0x70
[  852.075734][T15243]        __down_trylock_console_sem+0x40/0x140
[  852.075752][T15243]        vprintk_emit+0x3d3/0x600
[  852.075763][T15243]        vprintk+0x7f/0xa0
[  852.075775][T15243]        _printk+0xc8/0x100
[  852.075792][T15243]        should_fail_ex+0x46c/0x5b0
[  852.075806][T15243]        strncpy_from_user+0x38/0x320
[  852.075818][T15243]        strncpy_from_user_nofault+0x7f/0x180
[  852.075836][T15243]        bpf_probe_read_compat_str+0x131/0x170
[  852.075851][T15243]        bpf_prog_f2ce78ec2d45df6f+0x3d/0x3f
[  852.075862][T15243]        bpf_trace_run4+0x245/0x5a0
[  852.075876][T15243]        __traceiter_sched_switch+0x6c/0xc0
[  852.075895][T15243]        __schedule+0x17cf/0x5490
[  852.075911][T15243]        schedule+0xe7/0x350
[  852.075926][T15243]        schedule_preempt_disabled+0x13/0x30
[  852.075943][T15243]        __mutex_lock+0x5b8/0x9c0
[  852.075961][T15243]        ppp_release+0x170/0x230
[  852.075974][T15243]        __fput+0x408/0xbb0
[  852.075993][T15243]        __fput_sync+0x47/0x50
[  852.076004][T15243]        __ia32_sys_close+0x86/0x100
[  852.076017][T15243]        __do_fast_syscall_32+0x73/0x120
[  852.076037][T15243]        do_fast_syscall_32+0x32/0x80
[  852.076054][T15243]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  852.076070][T15243] 
[  852.076070][T15243] other info that might help us debug this:
[  852.076070][T15243] 
[  852.076074][T15243] Chain exists of:
[  852.076074][T15243]   (console_sem).lock --> &p->pi_lock --> &rq->__lock
[  852.076074][T15243] 
[  852.076092][T15243]  Possible unsafe locking scenario:
[  852.076092][T15243] 
[  852.076096][T15243]        CPU0                    CPU1
[  852.076099][T15243]        ----                    ----
[  852.076102][T15243]   lock(&rq->__lock);
[  852.076110][T15243]                                lock(&p->pi_lock);
[  852.076118][T15243]                                lock(&rq->__lock);
[  852.076126][T15243]   lock((console_sem).lock);
[  852.076134][T15243] 
[  852.076134][T15243]  *** DEADLOCK ***
[  852.076134][T15243] 
[  852.076137][T15243] 3 locks held by syz.2.2595/15243:
[  852.076145][T15243]  #0: ffffffff8fa17fa8 (rtnl_mutex){+.+.}-{3:3}, at: ppp_release+0x170/0x230
[  852.076176][T15243]  #1: ffff88802b83edd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  852.076210][T15243]  #2: ffffffff8ddb94a0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x1d6/0x5a0
[  852.076242][T15243] 
[  852.076242][T15243] stack backtrace:
[  852.076246][T15243] CPU: 3 UID: 0 PID: 15243 Comm: syz.2.2595 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  852.076263][T15243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  852.076271][T15243] Call Trace:
[  852.076276][T15243]  <TASK>
[  852.076282][T15243]  dump_stack_lvl+0x116/0x1f0
[  852.076299][T15243]  check_noncircular+0x31a/0x400
[  852.076318][T15243]  ? __pfx_check_noncircular+0x10/0x10
[  852.076336][T15243]  ? __pfx__prb_read_valid+0x10/0x10
[  852.076352][T15243]  ? __pfx_format_decode+0x10/0x10
[  852.076374][T15243]  ? lockdep_lock+0xc6/0x200
[  852.076388][T15243]  ? __pfx_lockdep_lock+0x10/0x10
[  852.076403][T15243]  ? vsnprintf+0x40f/0x1870
[  852.076426][T15243]  __lock_acquire+0x24ed/0x3cb0
[  852.076450][T15243]  ? __pfx___lock_acquire+0x10/0x10
[  852.076469][T15243]  ? vprintk_store+0x222/0xbb0
[  852.076491][T15243]  lock_acquire+0x1b1/0x560
[  852.076510][T15243]  ? down_trylock+0x12/0x70
[  852.076531][T15243]  ? __pfx_lock_acquire+0x10/0x10
[  852.076549][T15243]  ? __pfx_mark_lock+0x10/0x10
[  852.076567][T15243]  ? page_ext_put+0x48/0xd0
[  852.076585][T15243]  ? vprintk+0x7f/0xa0
[  852.076593][T15243]  _raw_spin_lock_irqsave+0x3a/0x60
[  852.076603][T15243]  ? down_trylock+0x12/0x70
[  852.076618][T15243]  down_trylock+0x12/0x70
[  852.076631][T15243]  __down_trylock_console_sem+0x40/0x140
[  852.076643][T15243]  vprintk_emit+0x3d3/0x600
[  852.076652][T15243]  vprintk+0x7f/0xa0
[  852.076660][T15243]  _printk+0xc8/0x100
[  852.076671][T15243]  ? __pfx__printk+0x10/0x10
[  852.076681][T15243]  ? ___ratelimit+0x24c/0x580
[  852.076694][T15243]  ? __pfx___lock_acquire+0x10/0x10
[  852.076705][T15243]  ? __pfx____ratelimit+0x10/0x10
[  852.076719][T15243]  should_fail_ex+0x46c/0x5b0
[  852.076729][T15243]  strncpy_from_user+0x38/0x320
[  852.076738][T15243]  strncpy_from_user_nofault+0x7f/0x180
[  852.076749][T15243]  bpf_probe_read_compat_str+0x131/0x170
[  852.076759][T15243]  bpf_prog_f2ce78ec2d45df6f+0x3d/0x3f
[  852.076766][T15243]  bpf_trace_run4+0x245/0x5a0
[  852.076776][T15243]  ? __pfx_bpf_trace_run4+0x10/0x10
[  852.076787][T15243]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  852.076801][T15243]  __traceiter_sched_switch+0x6c/0xc0
[  852.076813][T15243]  __schedule+0x17cf/0x5490
[  852.076823][T15243]  ? __pfx___lock_acquire+0x10/0x10
[  852.076837][T15243]  ? __pfx___schedule+0x10/0x10
[  852.076847][T15243]  ? schedule+0x298/0x350
[  852.076856][T15243]  ? __pfx_lock_release+0x10/0x10
[  852.076871][T15243]  ? __mutex_lock+0x5b3/0x9c0
[  852.076890][T15243]  ? __mutex_trylock_common+0x78/0x250
[  852.076912][T15243]  schedule+0xe7/0x350
[  852.076929][T15243]  schedule_preempt_disabled+0x13/0x30
[  852.076948][T15243]  __mutex_lock+0x5b8/0x9c0
[  852.076970][T15243]  ? ppp_release+0x170/0x230
[  852.076983][T15243]  ? __pfx___mutex_lock+0x10/0x10
[  852.077002][T15243]  ? __pfx_locks_remove_file+0x10/0x10
[  852.077025][T15243]  ? __pfx_ppp_release+0x10/0x10
[  852.077040][T15243]  ? ppp_release+0x170/0x230
[  852.077055][T15243]  ppp_release+0x170/0x230
[  852.077071][T15243]  __fput+0x408/0xbb0
[  852.077097][T15243]  __fput_sync+0x47/0x50
[  852.077112][T15243]  __ia32_sys_close+0x86/0x100
[  852.077128][T15243]  __do_fast_syscall_32+0x73/0x120
[  852.077147][T15243]  do_fast_syscall_32+0x32/0x80
[  852.077163][T15243]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  852.077180][T15243] RIP: 0023:0xf7f80579
[  852.077191][T15243] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  852.077206][T15243] RSP: 002b:00000000f56f556c EFLAGS: 00000296 ORIG_RAX: 0000000000000006
[  852.077221][T15243] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  852.077231][T15243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  852.077240][T15243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  852.077250][T15243] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  852.077259][T15243] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  852.077274][T15243]  </TASK>
[  852.485783][T15243] CPU: 3 UID: 0 PID: 15243 Comm: syz.2.2595 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0
[  852.490198][T15243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  852.494341][T15243] Call Trace:
[  852.495604][T15243]  <TASK>
[  852.496725][T15243]  dump_stack_lvl+0x116/0x1f0
[  852.498490][T15243]  should_fail_ex+0x497/0x5b0
[  852.500258][T15243]  strncpy_from_user+0x38/0x320
[  852.502070][T15243]  strncpy_from_user_nofault+0x7f/0x180
[  852.504200][T15243]  bpf_probe_read_compat_str+0x131/0x170
[  852.506376][T15243]  bpf_prog_f2ce78ec2d45df6f+0x3d/0x3f
[  852.508375][T15243]  bpf_trace_run4+0x245/0x5a0
[  852.510404][T15243]  ? __pfx_bpf_trace_run4+0x10/0x10
[  852.512446][T15243]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  852.515052][T15243]  __traceiter_sched_switch+0x6c/0xc0
[  852.517315][T15243]  __schedule+0x17cf/0x5490
[  852.519240][T15243]  ? __pfx___lock_acquire+0x10/0x10
[  852.521452][T15243]  ? __pfx___schedule+0x10/0x10
[  852.523268][T15243]  ? schedule+0x298/0x350
[  852.524882][T15243]  ? __pfx_lock_release+0x10/0x10
[  852.526774][T15243]  ? __mutex_lock+0x5b3/0x9c0
[  852.528611][T15243]  ? __mutex_trylock_common+0x78/0x250
[  852.530986][T15243]  schedule+0xe7/0x350
[  852.532712][T15243]  schedule_preempt_disabled+0x13/0x30
[  852.534787][T15243]  __mutex_lock+0x5b8/0x9c0
[  852.536679][T15243]  ? ppp_release+0x170/0x230
[  852.538664][T15243]  ? __pfx___mutex_lock+0x10/0x10
[  852.540867][T15243]  ? __pfx_locks_remove_file+0x10/0x10
[  852.543184][T15243]  ? __pfx_ppp_release+0x10/0x10
[  852.545260][T15243]  ? ppp_release+0x170/0x230
[  852.547207][T15243]  ppp_release+0x170/0x230
[  852.549058][T15243]  __fput+0x408/0xbb0
[  852.550701][T15243]  __fput_sync+0x47/0x50
[  852.552382][T15243]  __ia32_sys_close+0x86/0x100
[  852.554337][T15243]  __do_fast_syscall_32+0x73/0x120
[  852.556416][T15243]  do_fast_syscall_32+0x32/0x80
[  852.558485][T15243]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  852.561326][T15243] RIP: 0023:0xf7f80579
[  852.562837][T15243] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  852.570294][T15243] RSP: 002b:00000000f56f556c EFLAGS: 00000296 ORIG_RAX: 0000000000000006
[  852.573293][T15243] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  852.576569][T15243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  852.579935][T15243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  852.582888][T15243] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  852.585596][T15243] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  852.588712][T15243]  </TASK>
[  852.614007][T15239] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2594'.
[  852.634845][T15239] ��: entered promiscuous mode

VM DIAGNOSIS:
02:15:48  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802b63ff40 RCX=ffffffff817f10a8 RDX=ffff88801b7e8000
RSI=0000000000000000 RDI=0000000000000005 RBP=ffffc90000457d60 RSP=ffffc90000457c38
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff8ddc4570
R12=1ffff9200008af8c R13=0000000000000001 R14=0000000000000003 R15=ffffed10056c7fe9
RIP=ffffffff818b1b2b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000000db7c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff214173d RBX=ffffc900215fec80 RCX=ffffc9000c001000 RDX=dffffc0000000000
RSI=ffffffff813c94fe RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900215feba8
R8 =0000000000000001 R9 =0000000000000009 R10=0000000000000005 R11=dffffc0000000000
R12=ffffffff90a0b9ee R13=0000000000000005 R14=ffffffff90a0b9f2 R15=ffffc900215fec20
RIP=ffffffff813c9530 RFL=00000a03 [-O----C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020c30000 CR3=0000000044d46000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813be4ae RDX=ffff888021c94880
RSI=ffffffff813be4cb RDI=0000000000000000 RBP=ffff88802b83edc0 RSP=ffffc90022927ad0
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000000
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b83fc80 R15=ffffed1005707db8
RIP=ffffffff813be4cc RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f263a6af740 ffffffff 00c00000
GS =0000 ffff88802b800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000004a542000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefeffc8 Opmask01=0000000001100000 Opmask02=000000000fffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000ff0000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000ff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6573206f74206465 6c696166203a7325 002f74656e2f7373 616c632f7379732f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000562100000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000561c040749dd 0000561c04040000 0d50000d004e5850 5c535b5413495853
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000181 0000000000000000 326874652f74656e 2f306d6973766564
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0000000000000000 00306e6170772f74 656e2f307968702f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 3

CPU#3
RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fc2445 RDI=ffffffff9a516640 RBP=ffffffff9a516600 RSP=ffffc900210df508
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000037 R14=ffffffff84fc23e0 R15=0000000000000000
RIP=ffffffff84fc246f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f56f4fbc CR3=0000000057a38000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000