last executing test programs:

7.009398751s ago: executing program 0 (id=2017):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x123401, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0xa0c}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pidfd_getfd(0xffffffffffffffff, r0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1e, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x8)

6.633525337s ago: executing program 3 (id=2020):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_usbip_server_init(0x4)
socket(0x2b, 0x80801, 0x1)
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
dup(r0)
socket$nl_generic(0x10, 0x3, 0x10)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
socket$kcm(0x21, 0x2, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x6, 0xb, 0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000240), 0x6, 0x2)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004500002800000000002c9078ac1414bbac1414aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='\t\x00\x00\b\x00\x00\x00\x00'], 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_DQBUF(r5, 0xc044560f, &(0x7f0000000380)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "37bb54f0"}})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000100)=0x1)

5.57079015s ago: executing program 0 (id=2025):
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wlan1\x00'})
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$vim2m(0x0, 0x6, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[], 0x3c}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$midi(&(0x7f00000001c0), 0xac, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f0000000300)={0x0, 0xaf, 0x0, 0x0, 0x4, [], [0x0, 0x1, 0x9]})
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f00000002c0)={0x0, <r6=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000000)={r6})
sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r5, 0x201, 0x0, 0x25dfdbfb, {{}, {}, {0x8, 0x11, 0xffffffff}}}, 0x24}}, 0x20000010)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xffff0000}, 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r7 = openat2(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)={0x900, 0x2c, 0xd}, 0x18)
ioctl$TUNSETVNETBE(r7, 0x400454de, &(0x7f0000000300)=0x1)
unshare(0x62040200)

5.570411425s ago: executing program 1 (id=2026):
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$IOMMU_GET_HW_INFO(r1, 0x3b8a, &(0x7f00000000c0)={0x28, 0x0, 0x0, 0x9f, &(0x7f0000000000)=""/159})

5.350566356s ago: executing program 1 (id=2027):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x8, 0x3, 0x2b4, 0x150, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x220, 0xffffffff, 0xffffffff, 0x220, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x6, 0x130, 0x150, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "0000006dcbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25ecefef2a2d6054f5260ece5ce1a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9e000000000000000000ffffff7f00", 0xf, 0x2}}]}, @unspec=@NOTRACK={0x20}}, {{@ip={@local, @remote, 0x0, 0x0, 'veth1_macvtap\x00', 'bond_slave_1\x00', {0xff}, {0xff}, 0x32, 0x1, 0x18}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x4]}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x310)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r4, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
close(r3)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0900000004000000010000000b00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000010000000000000000000000904f683617ea5f06a74bda417cab7c1300000000"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
writev(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000500)="aefdcd9d240200005a90f57f077029eff0f64ebbee07942c22595943bb", 0x1d}], 0x1)
r8 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0xfffffffd, 0x0, 0x8003, 0xfffffffe}, &(0x7f0000000240)=<r9=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
socket$phonet_pipe(0x23, 0x5, 0x2)
io_uring_enter(r8, 0x6e2, 0x3900, 0x1, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x8, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f0000000200)={[0x7, 0x0, 0xfffffffffffffffe, 0x5, 0x800000000000, 0xfffffffffffffffe, 0x8000, 0x12, 0x7, 0x0, 0xfffffffffffffffd, 0x0, 0x800000000000000], 0x0, 0x40200})

5.012236925s ago: executing program 3 (id=2028):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000580)='?y\b\xdd\xd9\b\xc9P\x1d\x12\x10\xfe[\x99\x10\xb0\xf6\x99\x06\xf5\xc0\xb0p~\xf1\r*\x9d\x94\x8fA\xaa\x1d\xfa|\'K\xac\xa3\xcc]d+1\xb0\x00$\xb2\"zB\xac\x18\x0f\xa9\x10\x94\x94-\xb4\xe5/h\xb1\xfb\xc9\vk\xd3\x10\x1f\xe0\x15\xa7\b\xcc\xca\xc2\xda;o\xca\x9bh\xa7\xcd\xb7\xc4u\xd7\x11k\x90\xed\xd9\bde}\xd6\xbe\xcf\xce\xc8\xbdje\xed\xd9\xd2\x02\xa9\xb0~\'\xfd\xf8$M\xd4\xfcK\xa5!\xfa\xc7D\xfb\x8c\xa5\xc5E#ja\x10\xb3\xd3)\xf0Y\xb5\xf0\x84\xc5m/\x83\x19\xe7{\xa7\x14\xde\x83\xff\xd5J\x9a\xfd', &(0x7f0000000280)='#mS\xb2j\xcb\xa18:.)\xc7\xcb\xc5\xd8\x91\xa1\x1b\xb8B\xc8I\xba\xd5\x80\x1f\xa6`\"\xd5\r\x89M;\x99\xd6\x8e?K\x82\xd5\xd7\xab\x10\xea\xa6\xae\x19\xd8n\xc2[\r&\xf0z\xde\xc0\xf3\xcd\x9a\xae\xa8*v_(\x94]\xdf\xb4?\xe0\xea(\xba\xfd\xfd\xa1G\x06M\xdaz2\x86L\xb7}\xd8(\xe9\xe6\xda\x92U\xaaN\xff\xca\xb37-<3\xb28\xb8:UQ\x95|\xe5\xaa\x0e\xe7{\xd4T\x84\x83\x86\x9d,\x8c\xdd\x02&G\n\xdc\xc0\xb2c\x82\xadr\v\x97\x97_R\xfdDZ\xa0\x86\x91\x11\b\xc6|\x92\x1a;=)\xb1\xe4\x96\x98\x14\x85(3\xb3\xdb\xe3\xea\x80\xc4n\xba\x80\xf7q5Hg\xd9\xfa\x1d\xc0q\xe5\xea`k\x87\xd18U\xd6BDk\xcc\xf1\xf5\x15L\x18Z\x04VK\x8bC\xdd\x1bW\xdc\xf6\x96 \xa2\x90E\xba\xc7\xcc\xd5\xe0\xb6zy\v\xd2h\x9e\n\xba\x91Y>\x89\xfdZ\xc95`\xf2\x13l*\xad\xee.\xc8\x97\xd8\xd8\xaa\x82\xcb\xf0f\xb5\x16Y.\xb8\xf6\x11\x0f.\vn\xf0-\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf2\x97?\xc2\xd1\x1b\x9a\xe0\xb6\xf5\x92', 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000003c0)=<r2=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x3, r2, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x40000)
shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/236)
r6 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x5}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
fchmod(r1, 0xb7)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="5300000007000046009d40", @ANYBLOB="b13e6f88b65c2c3611dab52457d9d859c66d507618a336ad09379492422ad7d8f93f8776ef575aaf047f03b788f3551afbb0c1d6b442fe688418dbe38dc6a4f54d8c181c"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x8, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[], [], 0x6b}})

4.720771536s ago: executing program 2 (id=2032):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xc0}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000140)={0x1, 0x2, 0x100, 0x4})
fcntl$lock(r2, 0x26, &(0x7f00000002c0)={0x0, 0x0, 0xff34, 0x2})
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r3 = getpid()
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000f80)={{0x1, 0x1, 0x18, <r4=>r1, {0x7}}, './cgroup/../file0\x00'})
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r4, 0x40046210, &(0x7f0000000fc0)=0x1)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r7)
sendmsg$NL80211_CMD_GET_REG(r7, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x14, r8, 0xf09, 0x70bd2d, 0x25dfdbfe}, 0x14}}, 0x8084)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r1, &(0x7f0000001100)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000010c0)={&(0x7f00000011c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="200029bd7000fbdbdf2531000000080001005500000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990004000000520000000800db00", @ANYRES32=r4, @ANYBLOB="0800010800db00"/20, @ANYRES32=r2, @ANYBLOB], 0x48}, 0x1, 0x0, 0x0, 0xd7ecd36814b87d08}, 0x4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r9 = fsopen(&(0x7f0000000040)='bpf\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x11, 0xb, &(0x7f0000000040)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x27, '\x00', 0x0, @fallback=0x2d, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)

4.687060699s ago: executing program 0 (id=2033):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x123401, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pidfd_getfd(0xffffffffffffffff, r0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1e, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x8)

4.330766256s ago: executing program 1 (id=2034):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r1 = dup(r0)
syz_usbip_server_init(0x1)
write$6lowpan_enable(r1, &(0x7f0000000140)='0', 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
write$P9_RRENAME(r1, &(0x7f00000000c0)={0x7, 0x15, 0x2}, 0x7)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x200c9, 0x0, "206005000700"})
r4 = syz_open_pts(r3, 0x2000)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0x5)
r5 = dup3(r4, r3, 0x0)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0x44)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c000000280027010000000000000000037c00001700018014000000fe8000000000000000000000000000aa99f5fdd175bc3863daa4f441d8f728c416ac49acfd2c1a63de63c821547d6341082fb95b5f7146cb3b70a3a68b9b235174ef46c3fa0df4659511acdffc27ff06d09c48e622656cbaeb5b27e054b3f9adc9839782010893b74d19ab0427e65c9539a0340d123fc3c39b62ecc3a31b10389e85a863d0c61c27121b399f72a89e31edd2504173887b33366a6d0d56fa7b6940a821c01d92a459cc002026fc025f6bf07cd2"], 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r7 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r7, 0xc0a45320, &(0x7f00000001c0)={0x80, 0x0, 'client0\x00', 0x2, "0900000000001a00", "b437067509005508e17a85bb9ebb8891feff067231776d9ac000", 0x0, 0xffffffff})
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x9)
lseek(r7, 0x9, 0x3)
r8 = getpgrp(0x0)
move_pages(r8, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000040), 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x41, 0x0)
mount$nfs(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000200000065662c7375626a5f757365723d088b1a6b813d17e2485dff0000a3839bc56fe76c60"])
syz_io_uring_setup(0x7bf4, &(0x7f0000000040)={0x0, 0xa9cc, 0x7b18, 0x1, 0x3a1, 0x0, r1}, &(0x7f0000000200), &(0x7f00000001c0))

4.078448442s ago: executing program 3 (id=2035):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1000006a8c797532c2c3"], 0x10}, 0x8000)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$rdma_cm(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
fanotify_mark(0xffffffffffffffff, 0x0, 0x2, 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)

3.860659995s ago: executing program 2 (id=2036):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1000006a8c797532c2c3"], 0x10}, 0x8000)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$rdma_cm(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
fanotify_mark(0xffffffffffffffff, 0x0, 0x2, 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)

3.400551716s ago: executing program 1 (id=2037):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xcc}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000140)={0x1, 0x2, 0x100, 0x4})
fcntl$lock(r2, 0x26, &(0x7f00000002c0)={0x0, 0x0, 0xff34, 0x2})
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r3 = getpid()
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000f80)={{0x1, 0x1, 0x18, <r4=>r1, {0x7}}, './cgroup/../file0\x00'})
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r4, 0x40046210, &(0x7f0000000fc0)=0x1)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r7)
sendmsg$NL80211_CMD_GET_REG(r7, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x14, r8, 0xf09, 0x70bd2d, 0x25dfdbfe}, 0x14}}, 0x8084)

3.030801487s ago: executing program 3 (id=2038):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1000006a8c797532c2c3"], 0x10}, 0x8000)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
fanotify_mark(0xffffffffffffffff, 0x0, 0x2, 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)

2.369575895s ago: executing program 2 (id=2039):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001d40)=@newtfilter={0x34, 0x2c, 0xd2b, 0x0, 0x800, {0x0, 0x0, 0x0, r4, {0x6}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}}, 0x4044040)

2.2996161s ago: executing program 0 (id=2047):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xc0}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000140)={0x1, 0x2, 0x100, 0x4})
fcntl$lock(r1, 0x26, &(0x7f00000002c0)={0x0, 0x0, 0xff34, 0x2})
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r2 = getpid()
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000f80)={{0x1, 0x1, 0x18, <r3=>r0, {0x7}}, './cgroup/../file0\x00'})
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r3, 0x40046210, &(0x7f0000000fc0)=0x1)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r6)
sendmsg$NL80211_CMD_GET_REG(r6, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x14, r7, 0xf09, 0x70bd2d, 0x25dfdbfe}, 0x14}}, 0x8084)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000001100)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000010c0)={&(0x7f00000011c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="200029bd7000fbdbdf2531000000080001005500000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990004000000520000000800db00", @ANYRES32=r3, @ANYBLOB="0800010800db00"/20, @ANYRES32=r1, @ANYBLOB], 0x48}, 0x1, 0x0, 0x0, 0xd7ecd36814b87d08}, 0x4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r8 = fsopen(&(0x7f0000000040)='bpf\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x11, 0xb, &(0x7f0000000040)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x27, '\x00', 0x0, @fallback=0x2d, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)

2.162811963s ago: executing program 1 (id=2040):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1000006a8c797532c2c3"], 0x10}, 0x8000)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$rdma_cm(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
fanotify_mark(0xffffffffffffffff, 0x0, 0x2, 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)

2.162097419s ago: executing program 2 (id=2041):
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000040)=0x8001)
getpgid(0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000006c40), 0x0, 0x40015)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xfc, {"a2e3ad21ed0d1bf91b29420987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f31096c060890e0878f0e1ac6e7049b096e959b509a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b074b0d36cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130f91850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f4077fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b21052010689af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153fae46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c343f7f140f319539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474b0679dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691951264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d984836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, 0x0, &(0x7f00000002c0))
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x7, 0x30}, 0xc)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200), 0x0})

1.679265756s ago: executing program 3 (id=2042):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f00000008c0)="88eb45e7fb5bf2dddcd14c66eb73d6cccd21ae6abb79ffffff7f9de3752ce5a0b850c8f60300821032411fe395a8ecdfde1de0885394bbd7fe88b6050000003422c1b7d02f49106cd7fc56f00e9e04aa8aad6173b3d566c62113a7335a82c0cb91e95f6a7bb6a34280f79838de14710acc29b454c4744a41912e4c3474c163ad1a32ed1942ef1d47b322594a059e2700751591e48f2e72009e0008b63b599f4bca3b02460110dca2812011ebb871a68f098459cf148f3bbe4a45fe7c611f72402d6cffcbce8dfc2742aa1cb3468cdd2c90", 0xd1)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x0, 0xfffffffd}, &(0x7f0000000240), &(0x7f0000001880))
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x9a54a87ac2bd5ea9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x3, &(0x7f0000000300), 0x4)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r5, 0x0, 0x82, &(0x7f0000000180)={'nat\x00', 0x0, 0x0, 0x0, [0x6f, 0x343e9804, 0x4, 0xe, 0x1, 0x3]}, &(0x7f00000004c0)=0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x1da3, &(0x7f00000003c0)={0x0, 0xd933, 0x2, 0x1ffffff, 0x800a0d}, &(0x7f0000000300), &(0x7f0000000080))
r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r6, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0xc0)

1.11493318s ago: executing program 0 (id=2043):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000580)='?y\b\xdd\xd9\b\xc9P\x1d\x12\x10\xfe[\x99\x10\xb0\xf6\x99\x06\xf5\xc0\xb0p~\xf1\r*\x9d\x94\x8fA\xaa\x1d\xfa|\'K\xac\xa3\xcc]d+1\xb0\x00$\xb2\"zB\xac\x18\x0f\xa9\x10\x94\x94-\xb4\xe5/h\xb1\xfb\xc9\vk\xd3\x10\x1f\xe0\x15\xa7\b\xcc\xca\xc2\xda;o\xca\x9bh\xa7\xcd\xb7\xc4u\xd7\x11k\x90\xed\xd9\bde}\xd6\xbe\xcf\xce\xc8\xbdje\xed\xd9\xd2\x02\xa9\xb0~\'\xfd\xf8$M\xd4\xfcK\xa5!\xfa\xc7D\xfb\x8c\xa5\xc5E#ja\x10\xb3\xd3)\xf0Y\xb5\xf0\x84\xc5m/\x83\x19\xe7{\xa7\x14\xde\x83\xff\xd5J\x9a\xfd', &(0x7f0000000280)='#mS\xb2j\xcb\xa18:.)\xc7\xcb\xc5\xd8\x91\xa1\x1b\xb8B\xc8I\xba\xd5\x80\x1f\xa6`\"\xd5\r\x89M;\x99\xd6\x8e?K\x82\xd5\xd7\xab\x10\xea\xa6\xae\x19\xd8n\xc2[\r&\xf0z\xde\xc0\xf3\xcd\x9a\xae\xa8*v_(\x94]\xdf\xb4?\xe0\xea(\xba\xfd\xfd\xa1G\x06M\xdaz2\x86L\xb7}\xd8(\xe9\xe6\xda\x92U\xaaN\xff\xca\xb37-<3\xb28\xb8:UQ\x95|\xe5\xaa\x0e\xe7{\xd4T\x84\x83\x86\x9d,\x8c\xdd\x02&G\n\xdc\xc0\xb2c\x82\xadr\v\x97\x97_R\xfdDZ\xa0\x86\x91\x11\b\xc6|\x92\x1a;=)\xb1\xe4\x96\x98\x14\x85(3\xb3\xdb\xe3\xea\x80\xc4n\xba\x80\xf7q5Hg\xd9\xfa\x1d\xc0q\xe5\xea`k\x87\xd18U\xd6BDk\xcc\xf1\xf5\x15L\x18Z\x04VK\x8bC\xdd\x1bW\xdc\xf6\x96 \xa2\x90E\xba\xc7\xcc\xd5\xe0\xb6zy\v\xd2h\x9e\n\xba\x91Y>\x89\xfdZ\xc95`\xf2\x13l*\xad\xee.\xc8\x97\xd8\xd8\xaa\x82\xcb\xf0f\xb5\x16Y.\xb8\xf6\x11\x0f.\vn\xf0-\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf2\x97?\xc2\xd1\x1b\x9a\xe0\xb6\xf5\x92', 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000003c0)=<r2=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x3, r2, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x40000)
shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/236)
r6 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x5}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
fchmod(r1, 0xb7)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="5300000007000046009d40", @ANYBLOB="b13e6f88b65c2c3611dab52457d9d859c66d507618a336ad09379492422ad7d8f93f8776ef575aaf047f03b788f3551afbb0c1d6b442fe688418dbe38dc6a4f54d8c181c"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x8, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[], [], 0x6b}})

1.073851822s ago: executing program 2 (id=2044):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000000c0)=[0x0, 0x0], 0x0, 0x0, 0x8e, 0x0, 0x0, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x1d, 0x8, 0x8, &(0x7f0000000200)}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'batadv0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000440)={'syztnl1\x00', &(0x7f00000003c0)={'ip6tnl0\x00', <r4=>0x0, 0x29, 0x50, 0x7, 0x80, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private0, 0x80, 0x8, 0x4, 0x9650}})
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f00000005c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000580)={&(0x7f0000000480)={0xf8, r1, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x40, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x5}, @MPTCP_PM_ATTR_ADDR={0x60, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x21}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xb7}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x40}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xff}]}, 0xf8}, 0x1, 0x0, 0x0, 0x240080c0}, 0x14)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000680)={'ip6gre0\x00', &(0x7f0000000600)={'syztnl1\x00', r4, 0x2f, 0x2, 0x3, 0x80000000, 0x20, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, 0x700, 0x7, 0x7, 0x3}})
r6 = openat$kvm(0xffffff9c, &(0x7f00000006c0), 0x101, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_TRANSLATE(r8, 0xc018ae85, &(0x7f0000000700)={0xdddd0000, 0x2000, 0x46, 0x39})
r9 = getpgid(0x0)
sched_setscheduler(r9, 0x0, &(0x7f0000000740)=0x7)
r10 = ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r10)
r11 = socket$isdn(0x22, 0x3, 0x24)
ioctl$IMCTRLREQ(r11, 0x80044945, &(0x7f0000000780)={0x4008, 0x8, 0x1ff, 0x8})
preadv2(r7, &(0x7f0000003b80)=[{&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/239, 0xef}, {&(0x7f00000018c0)}, {&(0x7f0000001900)=""/4096, 0x1000}, {&(0x7f0000002900)=""/235, 0xeb}, {&(0x7f0000002a00)=""/4096, 0x1000}, {&(0x7f0000003a00)=""/248, 0xf8}, {&(0x7f0000003b00)=""/107, 0x6b}], 0x8, 0x80000001, 0x9f76, 0x2)
r12 = openat$6lowpan_enable(0xffffff9c, &(0x7f0000003bc0), 0x2, 0x0)
write$6lowpan_enable(r12, &(0x7f0000003c00)='1', 0x1)
sched_setaffinity(r9, 0x8, &(0x7f0000003c40)=0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000003d40)={&(0x7f0000003c80), 0xc, &(0x7f0000003d00)={&(0x7f0000003cc0)={0x1c, 0x0, 0x9, 0x5, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xd}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0)
r13 = openat$ttyprintk(0xffffff9c, 0x0, 0x40a000, 0x0)
ioctl$TIOCSTI(r13, 0x5412, &(0x7f0000003dc0)=0xd)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000003e00)={0x18, 0x0, 0x0, {0x3}}, 0x18)
ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000003e40)={0x0, {0x2, 0x4e20, @remote}, {0x2, 0x4e20, @loopback}, {0x2, 0x4e22, @remote}, 0x1, 0x0, 0x0, 0x0, 0x69e8, 0x0, 0x9, 0x4, 0x3})
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003f00), r13)
sendmsg$NL80211_CMD_DEL_TX_TS(r0, &(0x7f0000004000)={&(0x7f0000003ec0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000003fc0)={&(0x7f0000003f80)={0x40, r14, 0x10, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x40}, 0x1, 0x0, 0x0, 0x50}, 0x4)

775.601999ms ago: executing program 3 (id=2045):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f00000008c0)="88eb45e7fb5bf2dddcd14c66eb73d6cccd21ae6abb79ffffff7f9de3752ce5a0b850c8f60300821032411fe395a8ecdfde1de0885394bbd7fe88b6050000003422c1b7d02f49106cd7fc56f00e9e04aa8aad6173b3d566c62113a7335a82c0cb91e95f6a7bb6a34280f79838de14710acc29b454c4744a41912e4c3474c163ad1a32ed1942ef1d47b322594a059e2700751591e48f2e72009e0008b63b599f4bca3b02460110dca2812011ebb871a68f098459cf148f3bbe4a45fe7c611f72402d6cffcbce8dfc2742aa1cb3468cdd2c90", 0xd1)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500, 0x0, 0xfffffffd}, &(0x7f0000000240), &(0x7f0000001880))
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x9a54a87ac2bd5ea9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x3, &(0x7f0000000300), 0x4)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r5, 0x0, 0x82, &(0x7f0000000180)={'nat\x00', 0x0, 0x0, 0x0, [0x6f, 0x343e9804, 0x4, 0xe, 0x1, 0x3]}, &(0x7f00000004c0)=0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x1da3, &(0x7f00000003c0)={0x0, 0xd933, 0x2, 0x1ffffff, 0x800a0d}, &(0x7f0000000300), &(0x7f0000000080))
r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r6, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0xc0)

771.117796ms ago: executing program 1 (id=2046):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1000006a8c797532c2c3"], 0x10}, 0x8000)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$rdma_cm(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
fanotify_mark(0xffffffffffffffff, 0x0, 0x2, 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)

680.400686ms ago: executing program 2 (id=2048):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x123401, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pidfd_getfd(0xffffffffffffffff, r0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1e, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x8)

0s ago: executing program 0 (id=2049):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xcc}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000140)={0x1, 0x2, 0x100, 0x4})
fcntl$lock(r2, 0x26, &(0x7f00000002c0)={0x0, 0x0, 0xff34, 0x2})
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r3 = getpid()
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000f80)={{0x1, 0x1, 0x18, <r4=>r1, {0x7}}, './cgroup/../file0\x00'})
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r4, 0x40046210, &(0x7f0000000fc0)=0x1)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r7)
sendmsg$NL80211_CMD_GET_REG(r7, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x14, r8, 0xf09, 0x70bd2d, 0x25dfdbfe}, 0x14}}, 0x8084)

kernel console output (not intermixed with test programs):

 __alloc_skb+0x2b2/0x380
[  270.588399][T10888]  __alloc_skb+0x2b2/0x380
[  270.588415][T10888]  ? __pfx___alloc_skb+0x10/0x10
[  270.588440][T10888]  alloc_skb_with_frags+0xe0/0x860
[  270.588459][T10888]  ? __might_fault+0xe3/0x190
[  270.588482][T10888]  ? __might_fault+0xe3/0x190
[  270.588511][T10888]  sock_alloc_send_pskb+0x7fb/0x990
[  270.588528][T10888]  ? _copy_from_iter+0x161/0x15b0
[  270.588551][T10888]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  270.588569][T10888]  ? iov_iter_advance+0x7d/0x6c0
[  270.588590][T10888]  tun_get_user+0x502/0x3b10
[  270.588640][T10888]  ? __pfx_tun_get_user+0x10/0x10
[  270.588660][T10888]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  270.588692][T10888]  ? find_held_lock+0x2b/0x80
[  270.588714][T10888]  ? tun_get+0x191/0x370
[  270.588737][T10888]  tun_chr_write_iter+0xdc/0x210
[  270.588759][T10888]  vfs_write+0x5ba/0x1180
[  270.588782][T10888]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  270.588804][T10888]  ? __pfx_vfs_write+0x10/0x10
[  270.588824][T10888]  ? find_held_lock+0x2b/0x80
[  270.588860][T10888]  ksys_write+0x12a/0x240
[  270.588882][T10888]  ? __pfx_ksys_write+0x10/0x10
[  270.588906][T10888]  ? rcu_is_watching+0x12/0xc0
[  270.588927][T10888]  __do_fast_syscall_32+0x73/0x120
[  270.588947][T10888]  do_fast_syscall_32+0x32/0x80
[  270.588965][T10888]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  270.588985][T10888] RIP: 0023:0xf7f84579
[  270.588998][T10888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  270.589013][T10888] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  270.589029][T10888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001840
[  270.589038][T10888] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000000
[  270.589047][T10888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  270.589056][T10888] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  270.589065][T10888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  270.589087][T10888]  </TASK>
[  271.062109][T10901] block nbd0: not configured, cannot reconfigure
[  272.245636][T10930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1275'.
[  272.286285][T10928] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1274'.
[  272.831795][T10946] veth1_to_team: entered promiscuous mode
[  272.833453][T10946] veth1_to_team: entered allmulticast mode
[  273.056252][   T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.059189][   T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.496165][ T6009] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  273.669278][ T6009] usb 5-1: config 0 has an invalid interface number: 50 but max is 0
[  273.672114][ T6009] usb 5-1: config 0 has no interface number 0
[  273.674403][ T6009] usb 5-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  273.681134][ T6009] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  273.684400][ T6009] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.687235][ T6009] usb 5-1: Product: syz
[  273.688795][ T6009] usb 5-1: Manufacturer: syz
[  273.690447][ T6009] usb 5-1: SerialNumber: syz
[  273.694015][ T6009] usb 5-1: config 0 descriptor??
[  273.700620][ T6009] yurex 5-1:0.50: USB YUREX device now attached to Yurex #0
[  273.906015][ T6009] usb 5-1: USB disconnect, device number 10
[  274.205646][ T6009] yurex 5-1:0.50: USB YUREX #0 now disconnected
[  275.234272][T11015] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1301'.
[  275.238135][T11015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1301'.
[  275.241583][T11015] overlayfs: missing 'lowerdir'
[  275.968343][T11034] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  275.974256][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  275.977110][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  275.979845][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  275.982731][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  275.985502][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  275.991566][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  275.994697][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  275.997766][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.000470][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.003546][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.006361][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.009167][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.011901][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.014642][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.017463][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.020156][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.023529][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.026325][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.029103][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.031837][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.034568][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.037376][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.040147][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.042892][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.045630][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.048445][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.051247][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.053991][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.056798][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.059523][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.062364][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.065067][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.067864][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.070592][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.073442][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.076205][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.078979][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.081367][T11038] block nbd1: not configured, cannot reconfigure
[  276.081716][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.086231][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.088938][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: unknown main item tag 0x0
[  276.096231][ T1018] hid-generic 0004:FFFFFFFF:0000.0006: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  276.114526][T11041] FAULT_INJECTION: forcing a failure.
[  276.114526][T11041] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.118674][T11041] CPU: 0 UID: 0 PID: 11041 Comm: syz.3.1310 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  276.118694][T11041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.118704][T11041] Call Trace:
[  276.118709][T11041]  <TASK>
[  276.118715][T11041]  dump_stack_lvl+0x16c/0x1f0
[  276.118736][T11041]  should_fail_ex+0x512/0x640
[  276.118755][T11041]  _copy_from_user+0x2e/0xd0
[  276.118774][T11041]  video_usercopy+0xedd/0x1720
[  276.118796][T11041]  ? __pfx___video_do_ioctl+0x10/0x10
[  276.118816][T11041]  ? __pfx_video_usercopy+0x10/0x10
[  276.118845][T11041]  ? hook_file_ioctl_common+0x145/0x410
[  276.118866][T11041]  v4l2_ioctl+0x1ba/0x250
[  276.118887][T11041]  v4l2_compat_ioctl32+0x214/0x2c0
[  276.118905][T11041]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  276.118923][T11041]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  276.118944][T11041]  __do_fast_syscall_32+0x73/0x120
[  276.118962][T11041]  do_fast_syscall_32+0x32/0x80
[  276.118979][T11041]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  276.118997][T11041] RIP: 0023:0xf742e579
[  276.119008][T11041] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  276.119023][T11041] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  276.119036][T11041] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c058565d
[  276.119046][T11041] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  276.119054][T11041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  276.119063][T11041] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  276.119071][T11041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  276.119092][T11041]  </TASK>
[  276.216140][ T6537] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  276.388836][ T6537] usb 5-1: config 0 has no interfaces?
[  276.390375][ T6537] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  276.392848][ T6537] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.416532][ T6537] usb 5-1: config 0 descriptor??
[  276.624193][ T6009] usb 5-1: USB disconnect, device number 11
[  278.241239][   T40] kauditd_printk_skb: 59 callbacks suppressed
[  278.241249][   T40] audit: type=1326 audit(1743591911.503:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11098 comm="syz.2.1326" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb4579 code=0x0
[  278.293274][T11102] tmpfs: Bad value for 'mpol'
[  278.323154][T11105] FAULT_INJECTION: forcing a failure.
[  278.323154][T11105] name failslab, interval 1, probability 0, space 0, times 0
[  278.327016][T11105] CPU: 2 UID: 0 PID: 11105 Comm: syz.0.1328 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  278.327032][T11105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  278.327038][T11105] Call Trace:
[  278.327042][T11105]  <TASK>
[  278.327046][T11105]  dump_stack_lvl+0x16c/0x1f0
[  278.327061][T11105]  should_fail_ex+0x512/0x640
[  278.327073][T11105]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  278.327095][T11105]  should_failslab+0xc2/0x120
[  278.327105][T11105]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  278.327120][T11105]  ? __d_alloc+0x31/0xaa0
[  278.327131][T11105]  __d_alloc+0x31/0xaa0
[  278.327142][T11105]  d_alloc+0x4a/0x1e0
[  278.327152][T11105]  lookup_one_qstr_excl+0x175/0x260
[  278.327164][T11105]  ? mnt_want_write+0x161/0x450
[  278.327178][T11105]  filename_create+0x1e7/0x4a0
[  278.327191][T11105]  ? __pfx_filename_create+0x10/0x10
[  278.327220][T11105]  ? __might_fault+0xe3/0x190
[  278.327234][T11105]  ? __might_fault+0xe3/0x190
[  278.327248][T11105]  ? __might_fault+0x13b/0x190
[  278.327264][T11105]  do_mknodat+0x18a/0x5d0
[  278.327278][T11105]  ? strncpy_from_user+0x203/0x2e0
[  278.327287][T11105]  ? __pfx_do_mknodat+0x10/0x10
[  278.327301][T11105]  ? getname_flags.part.0+0x1c2/0x540
[  278.327315][T11105]  __ia32_sys_mknod+0x85/0xb0
[  278.327330][T11105]  __do_fast_syscall_32+0x73/0x120
[  278.327343][T11105]  do_fast_syscall_32+0x32/0x80
[  278.327354][T11105]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  278.327366][T11105] RIP: 0023:0xf7f84579
[  278.327379][T11105] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  278.327388][T11105] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 000000000000000e
[  278.327398][T11105] RAX: ffffffffffffffda RBX: 00000000800002c0 RCX: 0000000000002000
[  278.327404][T11105] RDX: 0000000000000700 RSI: 0000000000000000 RDI: 0000000000000000
[  278.327409][T11105] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  278.327415][T11105] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  278.327420][T11105] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  278.327433][T11105]  </TASK>
[  278.852558][T11120] 9pnet_fd: Insufficient options for proto=fd
[  279.400133][T11131] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1336'.
[  279.845263][T11150] FAULT_INJECTION: forcing a failure.
[  279.845263][T11150] name failslab, interval 1, probability 0, space 0, times 0
[  279.850800][T11150] CPU: 2 UID: 0 PID: 11150 Comm: syz.2.1344 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  279.850815][T11150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  279.850821][T11150] Call Trace:
[  279.850825][T11150]  <TASK>
[  279.850829][T11150]  dump_stack_lvl+0x16c/0x1f0
[  279.850844][T11150]  should_fail_ex+0x512/0x640
[  279.850855][T11150]  ? __kmalloc_node_noprof+0xc5/0x500
[  279.850873][T11150]  should_failslab+0xc2/0x120
[  279.850883][T11150]  __kmalloc_node_noprof+0xd8/0x500
[  279.850898][T11150]  ? __vmalloc_node_range_noprof+0x3eb/0x1540
[  279.850913][T11150]  __vmalloc_node_range_noprof+0x3eb/0x1540
[  279.850926][T11150]  ? find_held_lock+0x2b/0x80
[  279.850942][T11150]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  279.850961][T11150]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  279.850975][T11150]  ? __pfx_aa_get_newest_label+0x10/0x10
[  279.850992][T11150]  ? rcu_is_watching+0x12/0xc0
[  279.851005][T11150]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  279.851021][T11150]  __vmalloc_noprof+0x6d/0x90
[  279.851033][T11150]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  279.851048][T11150]  bpf_prog_alloc_no_stats+0x54/0x630
[  279.851062][T11150]  ? security_capable+0x7e/0x260
[  279.851079][T11150]  bpf_prog_alloc+0x3b/0x230
[  279.851093][T11150]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  279.851105][T11150]  bpf_prog_load+0x160e/0x2490
[  279.851119][T11150]  ? __pfx_bpf_prog_load+0x10/0x10
[  279.851139][T11150]  ? bpf_lsm_bpf+0x9/0x10
[  279.851154][T11150]  __sys_bpf+0x433c/0x4d80
[  279.851167][T11150]  ? __pfx___sys_bpf+0x10/0x10
[  279.851178][T11150]  ? ksys_write+0x190/0x240
[  279.851194][T11150]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  279.851213][T11150]  ? fput+0x70/0xf0
[  279.851222][T11150]  ? ksys_write+0x1b9/0x240
[  279.851235][T11150]  ? __pfx_ksys_write+0x10/0x10
[  279.851251][T11150]  __ia32_sys_bpf+0x76/0xe0
[  279.851263][T11150]  __do_fast_syscall_32+0x73/0x120
[  279.851275][T11150]  do_fast_syscall_32+0x32/0x80
[  279.851287][T11150]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  279.851299][T11150] RIP: 0023:0xf7fb4579
[  279.851311][T11150] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  279.851320][T11150] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  279.851330][T11150] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000840
[  279.851336][T11150] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  279.851341][T11150] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  279.851347][T11150] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  279.851352][T11150] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  279.851364][T11150]  </TASK>
[  279.851369][T11150] syz.2.1344: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  279.935097][T11150] CPU: 2 UID: 0 PID: 11150 Comm: syz.2.1344 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  279.935111][T11150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  279.935117][T11150] Call Trace:
[  279.935121][T11150]  <TASK>
[  279.935125][T11150]  dump_stack_lvl+0x16c/0x1f0
[  279.935140][T11150]  warn_alloc+0x248/0x3a0
[  279.935156][T11150]  ? __pfx_warn_alloc+0x10/0x10
[  279.935169][T11150]  ? dump_stack_lvl+0x185/0x1f0
[  279.935183][T11150]  ? rcu_is_watching+0x12/0xc0
[  279.935196][T11150]  ? __kmalloc_node_noprof+0x23b/0x500
[  279.935214][T11150]  __vmalloc_node_range_noprof+0x1110/0x1540
[  279.935228][T11150]  ? find_held_lock+0x2b/0x80
[  279.935244][T11150]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  279.935263][T11150]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  279.935277][T11150]  ? __pfx_aa_get_newest_label+0x10/0x10
[  279.935293][T11150]  ? rcu_is_watching+0x12/0xc0
[  279.935310][T11150]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  279.935325][T11150]  __vmalloc_noprof+0x6d/0x90
[  279.935337][T11150]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  279.935352][T11150]  bpf_prog_alloc_no_stats+0x54/0x630
[  279.935366][T11150]  ? security_capable+0x7e/0x260
[  279.935383][T11150]  bpf_prog_alloc+0x3b/0x230
[  279.935397][T11150]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  279.935409][T11150]  bpf_prog_load+0x160e/0x2490
[  279.935423][T11150]  ? __pfx_bpf_prog_load+0x10/0x10
[  279.935443][T11150]  ? bpf_lsm_bpf+0x9/0x10
[  279.935458][T11150]  __sys_bpf+0x433c/0x4d80
[  279.935470][T11150]  ? __pfx___sys_bpf+0x10/0x10
[  279.935481][T11150]  ? ksys_write+0x190/0x240
[  279.935497][T11150]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  279.935516][T11150]  ? fput+0x70/0xf0
[  279.935525][T11150]  ? ksys_write+0x1b9/0x240
[  279.935538][T11150]  ? __pfx_ksys_write+0x10/0x10
[  279.935553][T11150]  __ia32_sys_bpf+0x76/0xe0
[  279.935565][T11150]  __do_fast_syscall_32+0x73/0x120
[  279.935578][T11150]  do_fast_syscall_32+0x32/0x80
[  279.935589][T11150]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  279.935602][T11150] RIP: 0023:0xf7fb4579
[  279.935610][T11150] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  279.935619][T11150] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  279.935629][T11150] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000840
[  279.935635][T11150] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000
[  279.935640][T11150] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  279.935645][T11150] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  279.935651][T11150] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  279.935662][T11150]  </TASK>
[  279.935666][T11150] Mem-Info:
[  280.012454][T11150] active_anon:13229 inactive_anon:92 isolated_anon:0
[  280.012454][T11150]  active_file:1583 inactive_file:20687 isolated_file:0
[  280.012454][T11150]  unevictable:1768 dirty:838 writeback:0
[  280.012454][T11150]  slab_reclaimable:7966 slab_unreclaimable:64855
[  280.012454][T11150]  mapped:33973 shmem:11043 pagetables:774
[  280.012454][T11150]  sec_pagetables:306 bounce:0
[  280.012454][T11150]  kernel_misc_reclaimable:0
[  280.012454][T11150]  free:53523 free_pcp:2358 free_cma:0
[  280.024670][T11150] Node 0 active_anon:3408kB inactive_anon:0kB active_file:0kB inactive_file:9612kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5892kB dirty:0kB writeback:0kB shmem:4332kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9176kB pagetables:864kB sec_pagetables:1104kB all_unreclaimable? yes Balloon:0kB
[  280.033513][T11150] Node 1 active_anon:49508kB inactive_anon:368kB active_file:6332kB inactive_file:73136kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:130000kB dirty:3352kB writeback:0kB shmem:39840kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3172kB pagetables:2232kB sec_pagetables:120kB all_unreclaimable? no Balloon:0kB
[  280.042519][T11150] Node 0 DMA free:3288kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:96kB local_pcp:0kB free_cma:0kB
[  280.049976][T11150] lowmem_reserve[]: 0 290 290 290 290
[  280.052644][T11150] Node 0 DMA32 free:24512kB boost:6144kB min:19480kB low:22812kB high:26144kB reserved_highatomic:4096KB active_anon:3408kB inactive_anon:0kB active_file:0kB inactive_file:9608kB unevictable:3536kB writepending:0kB present:1032196kB managed:297564kB mlocked:0kB bounce:0kB free_pcp:1568kB local_pcp:228kB free_cma:0kB
[  280.061024][T11150] lowmem_reserve[]: 0 0 0 0 0
[  280.062378][T11150] Node 1 DMA32 free:186292kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:4096KB active_anon:49508kB inactive_anon:368kB active_file:6332kB inactive_file:73136kB unevictable:3536kB writepending:3352kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:7724kB local_pcp:1300kB free_cma:0kB
[  280.070607][T11150] lowmem_reserve[]: 0 0 0 0 0
[  280.071952][T11150] Node 0 DMA: 64*4kB (UM) 37*8kB (UM) 17*16kB (U) 15*32kB (UM) 3*64kB (UM) 0*128kB 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 3288kB
[  280.076081][T11150] Node 0 DMA32: 294*4kB (UEH) 89*8kB (UMEH) 50*16kB (MEH) 68*32kB (UMEH) 81*64kB (UMEH) 31*128kB (UMEH) 15*256kB (UMEH) 7*512kB (UME) 3*1024kB (UM) 0*2048kB 0*4096kB = 24512kB
[  280.080913][T11150] Node 1 DMA32: 163*4kB (UMEH) 366*8kB (UMEH) 162*16kB (UMEH) 416*32kB (UMEH) 73*64kB (UMEH) 17*128kB (UEH) 20*256kB (UMEH) 86*512kB (UM) 70*1024kB (UMH) 15*2048kB (UMH) 2*4096kB (U) = 186076kB
[  280.086493][ T6537] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  280.089595][T11150] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  280.092218][T11150] Node 0 hugepages_total=62 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  280.094784][T11150] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  280.097481][T11150] Node 1 hugepages_total=4294967240 hugepages_free=0 hugepages_surp=2 hugepages_size=2048kB
[  280.100663][T11150] 33313 total pagecache pages
[  280.101989][T11150] 0 pages in swap cache
[  280.103155][T11150] Free swap  = 124996kB
[  280.104319][T11150] Total swap = 124996kB
[  280.105499][T11150] 524155 pages RAM
[  280.106624][T11150] 0 pages HighMem/MovableOnly
[  280.107920][T11150] 208853 pages reserved
[  280.109085][T11150] 0 pages cma reserved
[  280.411951][T11163] block nbd2: not configured, cannot reconfigure
[  281.136346][T11181] 9pnet_fd: Insufficient options for proto=fd
[  281.746953][T11209] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1357'.
[  281.864768][T11219] FAULT_INJECTION: forcing a failure.
[  281.864768][T11219] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.870085][T11219] CPU: 0 UID: 0 PID: 11219 Comm: syz.3.1359 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  281.870105][T11219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.870114][T11219] Call Trace:
[  281.870119][T11219]  <TASK>
[  281.870137][T11219]  dump_stack_lvl+0x16c/0x1f0
[  281.870158][T11219]  should_fail_ex+0x512/0x640
[  281.870172][T11219]  _copy_from_user+0x2e/0xd0
[  281.870184][T11219]  bpf_test_init.isra.0+0xe2/0x140
[  281.870196][T11219]  bpf_prog_test_run_xdp+0x4f0/0x1540
[  281.870212][T11219]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  281.870223][T11219]  ? __might_fault+0xe0/0x190
[  281.870241][T11219]  ? fput+0x70/0xf0
[  281.870251][T11219]  ? __bpf_prog_get+0xa0/0x290
[  281.870268][T11219]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  281.870279][T11219]  __sys_bpf+0x1485/0x4d80
[  281.870292][T11219]  ? __pfx___sys_bpf+0x10/0x10
[  281.870303][T11219]  ? ksys_write+0x190/0x240
[  281.870318][T11219]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  281.870338][T11219]  ? fput+0x70/0xf0
[  281.870347][T11219]  ? ksys_write+0x1b9/0x240
[  281.870360][T11219]  ? __pfx_ksys_write+0x10/0x10
[  281.870376][T11219]  __ia32_sys_bpf+0x76/0xe0
[  281.870388][T11219]  __do_fast_syscall_32+0x73/0x120
[  281.870401][T11219]  do_fast_syscall_32+0x32/0x80
[  281.870412][T11219]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  281.870424][T11219] RIP: 0023:0xf742e579
[  281.870432][T11219] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  281.870441][T11219] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  281.870451][T11219] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000180
[  281.870457][T11219] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  281.870462][T11219] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  281.870467][T11219] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  281.870473][T11219] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  281.870486][T11219]  </TASK>
[  281.985544][T11223] FAULT_INJECTION: forcing a failure.
[  281.985544][T11223] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.989276][T11223] CPU: 2 UID: 0 PID: 11223 Comm: syz.2.1361 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  281.989292][T11223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.989299][T11223] Call Trace:
[  281.989302][T11223]  <TASK>
[  281.989306][T11223]  dump_stack_lvl+0x16c/0x1f0
[  281.989321][T11223]  should_fail_ex+0x512/0x640
[  281.989335][T11223]  _copy_to_user+0x32/0xd0
[  281.989348][T11223]  simple_read_from_buffer+0xcb/0x170
[  281.989364][T11223]  proc_fail_nth_read+0x197/0x270
[  281.989378][T11223]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  281.989393][T11223]  ? rw_verify_area+0xcf/0x680
[  281.989404][T11223]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  281.989418][T11223]  vfs_read+0x1de/0xc70
[  281.989433][T11223]  ? __pfx___mutex_lock+0x10/0x10
[  281.989445][T11223]  ? __pfx_vfs_read+0x10/0x10
[  281.989461][T11223]  ? __fget_files+0x20e/0x3c0
[  281.989480][T11223]  ksys_read+0x12a/0x240
[  281.989493][T11223]  ? __pfx_ksys_read+0x10/0x10
[  281.989507][T11223]  ? rcu_is_watching+0x12/0xc0
[  281.989522][T11223]  __do_fast_syscall_32+0x73/0x120
[  281.989536][T11223]  do_fast_syscall_32+0x32/0x80
[  281.989547][T11223]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  281.989560][T11223] RIP: 0023:0xf7fb4579
[  281.989568][T11223] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  281.989577][T11223] RSP: 002b:00000000f50d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  281.989586][T11223] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f50d6620
[  281.989592][T11223] RDX: 000000000000000f RSI: 00000000f743cff4 RDI: 0000000000000000
[  281.989598][T11223] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  281.989603][T11223] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  281.989614][T11223] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  281.989627][T11223]  </TASK>
[  282.728725][T11239] block nbd1: not configured, cannot reconfigure
[  283.466337][T11243] 9pnet_fd: Insufficient options for proto=fd
[  284.123595][T11272] netlink: 'syz.3.1372': attribute type 4 has an invalid length.
[  284.151749][T11272] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  284.803852][T11289] cgroup: fork rejected by pids controller in /syz3
[  284.900527][T11293] cgroup: fork rejected by pids controller in /syz1
[  285.210758][ T7791] raw-gadget.0 gadget.1: failed to queue disconnect event
[  285.415153][ T5965] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  285.418746][ T5965] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  285.421673][ T5965] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  285.424710][ T5965] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  285.427034][ T5965] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  285.537817][T11303] chnl_net:caif_netlink_parms(): no params data found
[  285.602617][ T5306] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  285.605371][ T5306] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  285.609680][ T5306] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  285.612422][ T5306] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  285.615766][ T5306] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  285.716431][T11303] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.718553][T11303] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.720604][T11303] bridge_slave_0: entered allmulticast mode
[  285.721709][T11306] 9pnet_fd: Insufficient options for proto=fd
[  285.722945][T11303] bridge_slave_0: entered promiscuous mode
[  285.727866][T11303] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.729876][T11303] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.732525][T11303] bridge_slave_1: entered allmulticast mode
[  285.734894][T11303] bridge_slave_1: entered promiscuous mode
[  285.794749][T11303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  285.801678][T11303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  285.848950][T11319] block nbd2: not configured, cannot reconfigure
[  285.861695][T11303] team0: Port device team_slave_0 added
[  285.867524][T11303] team0: Port device team_slave_1 added
[  285.921404][T11303] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.923354][T11303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.930409][T11303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.953580][T11303] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.955520][T11303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.963180][T11303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.003567][   T46] bridge_slave_1: left allmulticast mode
[  286.005958][   T46] bridge_slave_1: left promiscuous mode
[  286.008812][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.012755][   T46] bridge_slave_0: left allmulticast mode
[  286.014339][   T46] bridge_slave_0: left promiscuous mode
[  286.015967][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.291235][T11325] virtio-fs: tag <(null)> not found
[  286.295044][T11325] netlink: 'syz.0.1386': attribute type 39 has an invalid length.
[  286.540988][T11327] FAULT_INJECTION: forcing a failure.
[  286.540988][T11327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  286.545450][T11327] CPU: 3 UID: 0 PID: 11327 Comm: syz.2.1387 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  286.545465][T11327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.545471][T11327] Call Trace:
[  286.545475][T11327]  <TASK>
[  286.545479][T11327]  dump_stack_lvl+0x16c/0x1f0
[  286.545494][T11327]  should_fail_ex+0x512/0x640
[  286.545507][T11327]  strncpy_from_user+0x3b/0x2e0
[  286.545518][T11327]  getname_flags.part.0+0x8b/0x540
[  286.545531][T11327]  getname_flags+0x93/0xf0
[  286.545545][T11327]  io_renameat_prep+0x209/0x3e0
[  286.545561][T11327]  io_submit_sqes+0x825/0x25d0
[  286.545583][T11327]  __do_sys_io_uring_enter+0xd6a/0x1630
[  286.545601][T11327]  ? __fget_files+0x20e/0x3c0
[  286.545615][T11327]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  286.545632][T11327]  ? fput+0x70/0xf0
[  286.545641][T11327]  ? ksys_write+0x1b9/0x240
[  286.545654][T11327]  ? __pfx_ksys_write+0x10/0x10
[  286.545669][T11327]  ? rcu_is_watching+0x12/0xc0
[  286.545683][T11327]  __do_fast_syscall_32+0x73/0x120
[  286.545696][T11327]  do_fast_syscall_32+0x32/0x80
[  286.545707][T11327]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.545720][T11327] RIP: 0023:0xf7fb4579
[  286.545729][T11327] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  286.545738][T11327] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  286.545748][T11327] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000002dbe
[  286.545754][T11327] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  286.545759][T11327] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  286.545765][T11327] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  286.545770][T11327] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  286.545782][T11327]  </TASK>
[  286.626615][ T9059] cgroup: fork rejected by pids controller in /syz2
[  286.724673][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  286.728311][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  286.731131][   T46] bond0 (unregistering): Released all slaves
[  286.752656][T11303] hsr_slave_0: entered promiscuous mode
[  286.754744][T11303] hsr_slave_1: entered promiscuous mode
[  286.757062][T11303] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  286.759151][T11303] Cannot create hsr debugfs directory
[  286.824981][   T46] tipc: Left network mode
[  286.874844][T11312] chnl_net:caif_netlink_parms(): no params data found
[  286.988519][T11312] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.991134][T11312] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.994126][T11312] bridge_slave_0: entered allmulticast mode
[  287.002096][T11312] bridge_slave_0: entered promiscuous mode
[  287.123144][T11312] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.126503][T11312] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.128667][T11312] bridge_slave_1: entered allmulticast mode
[  287.131178][T11312] bridge_slave_1: entered promiscuous mode
[  287.171474][   T46] hsr_slave_0: left promiscuous mode
[  287.173437][   T46] hsr_slave_1: left promiscuous mode
[  287.175335][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.178144][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  287.241742][ T5306] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  287.252452][ T5306] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  287.255277][ T5306] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  287.266013][ T5306] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  287.273886][ T5306] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  287.446300][ T5965] Bluetooth: hci0: command tx timeout
[  287.688890][ T5965] Bluetooth: hci1: command tx timeout
[  287.737260][   T46] team0 (unregistering): Port device team_slave_1 removed
[  287.792828][   T46] team0 (unregistering): Port device team_slave_0 removed
[  288.307729][T11312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  288.316662][T11312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.365263][T11312] team0: Port device team_slave_0 added
[  288.379871][T11312] team0: Port device team_slave_1 added
[  288.415933][T11312] batman_adv: batadv0: Adding interface: batadv_slave_0
[  288.418018][T11312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.424920][T11312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  288.430904][T11312] batman_adv: batadv0: Adding interface: batadv_slave_1
[  288.432851][T11312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.439908][T11312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  288.492668][T11312] hsr_slave_0: entered promiscuous mode
[  288.494800][T11312] hsr_slave_1: entered promiscuous mode
[  288.496922][T11312] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  288.499221][T11312] Cannot create hsr debugfs directory
[  288.632690][T11340] chnl_net:caif_netlink_parms(): no params data found
[  288.644491][T11303] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  288.653030][T11303] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  288.659990][T11303] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  288.697556][T11312] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.705554][T11303] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  288.746460][T11340] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.748550][T11340] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.756805][T11340] bridge_slave_0: entered allmulticast mode
[  288.759219][T11340] bridge_slave_0: entered promiscuous mode
[  288.762000][T11340] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.764003][T11340] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.766013][T11340] bridge_slave_1: entered allmulticast mode
[  288.768390][T11340] bridge_slave_1: entered promiscuous mode
[  288.810275][T11312] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.818310][T11340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  288.823843][T11340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.864679][T11340] team0: Port device team_slave_0 added
[  288.867927][T11340] team0: Port device team_slave_1 added
[  288.910490][T11340] batman_adv: batadv0: Adding interface: batadv_slave_0
[  288.913242][T11340] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.923791][T11340] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  288.940750][T11312] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.946828][T11340] batman_adv: batadv0: Adding interface: batadv_slave_1
[  288.948762][T11340] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.955765][T11340] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.031701][T11312] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.040071][T11340] hsr_slave_0: entered promiscuous mode
[  289.042123][T11340] hsr_slave_1: entered promiscuous mode
[  289.043974][T11340] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  289.046347][T11340] Cannot create hsr debugfs directory
[  289.200839][T11303] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.250895][T11303] 8021q: adding VLAN 0 to HW filter on device team0
[  289.269780][T11340] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.278398][T11312] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  289.283295][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.285343][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.286249][ T5965] Bluetooth: hci3: command tx timeout
[  289.291787][T11312] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  289.297182][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.299847][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.316695][T11312] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  289.320510][T11312] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  289.374880][T11340] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.425219][T11312] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.435607][T11312] 8021q: adding VLAN 0 to HW filter on device team0
[  289.440227][ T1168] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.442508][ T1168] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.455178][T11340] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.465338][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.467382][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.500725][T11303] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.527548][ T5965] Bluetooth: hci0: command tx timeout
[  289.533097][T11303] veth0_vlan: entered promiscuous mode
[  289.548535][T11340] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.557071][T11303] veth1_vlan: entered promiscuous mode
[  289.571779][T11303] veth0_macvtap: entered promiscuous mode
[  289.575407][T11303] veth1_macvtap: entered promiscuous mode
[  289.583754][T11303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.587042][T11303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.590057][T11303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.593029][T11303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.595676][T11303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.598599][T11303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.601972][T11303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.604803][T11303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.608701][T11303] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.615877][T11303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.618862][T11303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.621558][T11303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.624779][T11303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.627848][T11303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.630710][T11303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.633382][T11303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.636246][T11303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.639832][T11303] batman_adv: batadv0: Interface activated: batadv_slave_1
[  289.645084][T11303] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  289.647664][T11303] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.650113][T11303] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.652563][T11303] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.678783][T11312] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.733792][  T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.735957][  T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.750182][T11340] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  289.757860][T11340] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  289.761572][T11340] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  289.765930][T11340] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  289.768005][ T5965] Bluetooth: hci1: command tx timeout
[  289.779593][   T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.782741][   T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.796617][T11312] veth0_vlan: entered promiscuous mode
[  289.809343][T11312] veth1_vlan: entered promiscuous mode
[  289.844234][T11312] veth0_macvtap: entered promiscuous mode
[  289.851007][T11340] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.853850][T11312] veth1_macvtap: entered promiscuous mode
[  289.870207][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.873187][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.875932][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.879007][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.881745][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.884993][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.888594][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.891471][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.894397][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  289.897283][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.901027][T11312] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.905211][T11340] 8021q: adding VLAN 0 to HW filter on device team0
[  289.910816][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.913687][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.916625][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.919537][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.922443][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.925271][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.928421][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.931603][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.934285][T11312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  289.937252][T11312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  289.941973][T11312] batman_adv: batadv0: Interface activated: batadv_slave_1
[  289.952667][  T102] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.954674][  T102] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.958077][  T102] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.960061][  T102] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.963491][T11312] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  289.965996][T11312] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.969044][T11312] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.971587][T11312] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.998842][T11340] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  290.001747][T11340] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  290.119995][T11340] 8021q: adding VLAN 0 to HW filter on device batadv0
[  290.124740][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.133172][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.147602][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.149795][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.183716][T11340] veth0_vlan: entered promiscuous mode
[  290.190389][T11340] veth1_vlan: entered promiscuous mode
[  290.204293][T11340] veth0_macvtap: entered promiscuous mode
[  290.210596][T11340] veth1_macvtap: entered promiscuous mode
[  290.219660][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.222571][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.225250][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.241626][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.250571][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.279423][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.284682][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.333181][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.338076][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.341994][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.344845][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.348828][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.354974][T11340] batman_adv: batadv0: Interface activated: batadv_slave_0
[  290.364270][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.367296][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.370025][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.373389][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.376111][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.379042][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.382702][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.388967][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.392619][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.396456][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.400095][T11340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.403929][T11340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.408101][T11340] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.413456][T11340] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.415904][T11340] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.419130][T11340] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.421548][T11340] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.452379][  T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.454676][  T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.464969][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.467672][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.590318][T11400] tipc: Started in network mode
[  290.591765][T11400] tipc: Node identity ffffffff, cluster identity 4711
[  290.593682][T11400] tipc: Node number set to 4294967295
[  290.737328][   T58] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  290.883017][T11406] vxcan1: entered allmulticast mode
[  290.884833][T11406] vxcan1: left allmulticast mode
[  291.077451][   T58] usb 5-1: config 0 has no interfaces?
[  291.079172][   T58] usb 5-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  291.081804][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.093544][   T58] usb 5-1: config 0 descriptor??
[  291.151572][T11410] tipc: Started in network mode
[  291.153564][T11410] tipc: Node identity ffffffff, cluster identity 4711
[  291.156267][T11410] tipc: Node number set to 4294967295
[  291.304619][ T6011] usb 5-1: USB disconnect, device number 12
[  291.366318][ T5965] Bluetooth: hci3: command tx timeout
[  291.606213][ T5965] Bluetooth: hci0: command tx timeout
[  291.743947][   T40] audit: type=1800 audit(1743591925.003:1214): pid=11421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1406" name="bus" dev="tmpfs" ino=2 res=0 errno=0
[  291.846962][ T5965] Bluetooth: hci1: command tx timeout
[  292.040576][T11432] tipc: Started in network mode
[  292.042198][T11432] tipc: Node identity ffffffff, cluster identity 4711
[  292.044034][T11432] tipc: Node number set to 4294967295
[  292.215069][T11428] block nbd0: not configured, cannot reconfigure
[  292.676326][ T5991] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  292.822199][T11456] UHID_CREATE from different security context by process 1206 (syz.0.1418), this is not allowed.
[  292.847534][ T5991] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  292.851155][ T5991] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  292.853961][ T5991] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  292.856504][ T5991] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.860634][ T5991] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  292.863253][ T5991] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  292.865496][ T5991] usb 6-1: Product: syz
[  292.870196][ T5991] usb 6-1: Manufacturer: syz
[  292.877921][ T5991] cdc_wdm 6-1:1.0: skipping garbage
[  292.879468][ T5991] cdc_wdm 6-1:1.0: skipping garbage
[  292.881825][ T5991] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  292.883496][ T5991] cdc_wdm 6-1:1.0: Unknown control protocol
[  293.083965][  T836] usb 6-1: USB disconnect, device number 9
[  293.405387][T11470] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1423'.
[  293.446284][ T5965] Bluetooth: hci3: command tx timeout
[  293.586642][T11473] FAULT_INJECTION: forcing a failure.
[  293.586642][T11473] name failslab, interval 1, probability 0, space 0, times 0
[  293.590690][T11473] CPU: 3 UID: 0 PID: 11473 Comm: syz.0.1424 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  293.590705][T11473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  293.590711][T11473] Call Trace:
[  293.590715][T11473]  <TASK>
[  293.590719][T11473]  dump_stack_lvl+0x16c/0x1f0
[  293.590734][T11473]  should_fail_ex+0x512/0x640
[  293.590745][T11473]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  293.590761][T11473]  should_failslab+0xc2/0x120
[  293.590771][T11473]  __kmalloc_cache_noprof+0x6a/0x3e0
[  293.590785][T11473]  ? vhost_task_create+0xe5/0x2e0
[  293.590796][T11473]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  293.590809][T11473]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  293.590823][T11473]  vhost_task_create+0xe5/0x2e0
[  293.590834][T11473]  ? __pfx_vhost_task_create+0x10/0x10
[  293.590844][T11473]  ? kvm_mmu_post_init_vm+0xb4/0x370
[  293.590857][T11473]  ? __pfx_vhost_task_fn+0x10/0x10
[  293.590874][T11473]  kvm_mmu_post_init_vm+0x1b7/0x370
[  293.590885][T11473]  kvm_arch_vcpu_ioctl_run+0x66/0x18c0
[  293.590901][T11473]  ? kvm_vcpu_ioctl+0x14c2/0x1680
[  293.590920][T11473]  kvm_vcpu_ioctl+0x5e9/0x1680
[  293.590937][T11473]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  293.590952][T11473]  ? tomoyo_path_number_perm+0x18d/0x580
[  293.590965][T11473]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  293.590976][T11473]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  293.590988][T11473]  ? do_vfs_ioctl+0x512/0x1990
[  293.591000][T11473]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  293.591023][T11473]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  293.591039][T11473]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  293.591055][T11473]  ? __fget_files+0x20e/0x3c0
[  293.591072][T11473]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  293.591088][T11473]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  293.591102][T11473]  __do_fast_syscall_32+0x73/0x120
[  293.591114][T11473]  do_fast_syscall_32+0x32/0x80
[  293.591126][T11473]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  293.591138][T11473] RIP: 0023:0xf7f84579
[  293.591145][T11473] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  293.591155][T11473] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  293.591164][T11473] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  293.591170][T11473] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  293.591175][T11473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  293.591180][T11473] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  293.591186][T11473] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  293.591202][T11473]  </TASK>
[  293.677071][T11476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1425'.
[  293.683745][T11476] mkiss: ax0: crc mode is auto.
[  293.696327][ T5965] Bluetooth: hci0: command tx timeout
[  293.760524][T11480] FAULT_INJECTION: forcing a failure.
[  293.760524][T11480] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.765246][T11480] CPU: 0 UID: 0 PID: 11480 Comm: syz.0.1426 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  293.765261][T11480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  293.765284][T11480] Call Trace:
[  293.765289][T11480]  <TASK>
[  293.765294][T11480]  dump_stack_lvl+0x16c/0x1f0
[  293.765309][T11480]  should_fail_ex+0x512/0x640
[  293.765323][T11480]  _copy_to_user+0x32/0xd0
[  293.765336][T11480]  simple_read_from_buffer+0xcb/0x170
[  293.765352][T11480]  proc_fail_nth_read+0x197/0x270
[  293.765366][T11480]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  293.765381][T11480]  ? rw_verify_area+0xcf/0x680
[  293.765392][T11480]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  293.765406][T11480]  vfs_read+0x1de/0xc70
[  293.765426][T11480]  ? __pfx___mutex_lock+0x10/0x10
[  293.765437][T11480]  ? __pfx_vfs_read+0x10/0x10
[  293.765454][T11480]  ? __fget_files+0x20e/0x3c0
[  293.765473][T11480]  ksys_read+0x12a/0x240
[  293.765486][T11480]  ? __pfx_ksys_read+0x10/0x10
[  293.765500][T11480]  ? rcu_is_watching+0x12/0xc0
[  293.765515][T11480]  __do_fast_syscall_32+0x73/0x120
[  293.765528][T11480]  do_fast_syscall_32+0x32/0x80
[  293.765539][T11480]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  293.765551][T11480] RIP: 0023:0xf7f84579
[  293.765559][T11480] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  293.765569][T11480] RSP: 002b:00000000f50a6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  293.765578][T11480] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50a6620
[  293.765584][T11480] RDX: 000000000000000f RSI: 00000000f740cff4 RDI: 0000000000000000
[  293.765589][T11480] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  293.765595][T11480] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  293.765600][T11480] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  293.765612][T11480]  </TASK>
[  293.871397][T11485] bridge7: entered promiscuous mode
[  293.900390][T11488] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1427'.
[  293.926242][ T5965] Bluetooth: hci1: command tx timeout
[  294.341282][T11513] FAULT_INJECTION: forcing a failure.
[  294.341282][T11513] name failslab, interval 1, probability 0, space 0, times 0
[  294.344931][T11513] CPU: 3 UID: 0 PID: 11513 Comm: syz.0.1436 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  294.344947][T11513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  294.344954][T11513] Call Trace:
[  294.344957][T11513]  <TASK>
[  294.344961][T11513]  dump_stack_lvl+0x16c/0x1f0
[  294.344976][T11513]  should_fail_ex+0x512/0x640
[  294.344986][T11513]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  294.345003][T11513]  should_failslab+0xc2/0x120
[  294.345013][T11513]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  294.345041][T11513]  ? __d_alloc+0x31/0xaa0
[  294.345050][T11513]  ? map_id_range_up+0x2ce/0x3b0
[  294.345063][T11513]  __d_alloc+0x31/0xaa0
[  294.345074][T11513]  d_alloc+0x4a/0x1e0
[  294.345084][T11513]  d_alloc_parallel+0xe3/0x12e0
[  294.345100][T11513]  ? register_lock_class+0x41/0x4c0
[  294.345110][T11513]  ? __lock_acquire+0xaa4/0x1ba0
[  294.345118][T11513]  ? __pfx_d_alloc_parallel+0x10/0x10
[  294.345132][T11513]  ? lockdep_init_map_type+0x5c/0x280
[  294.345154][T11513]  ? lockdep_init_map_type+0x5c/0x280
[  294.345166][T11513]  __lookup_slow+0x193/0x460
[  294.345178][T11513]  ? __pfx___lookup_slow+0x10/0x10
[  294.345202][T11513]  ? lookup_fast+0x156/0x610
[  294.345216][T11513]  walk_component+0x353/0x5b0
[  294.345230][T11513]  path_lookupat+0x17e/0x780
[  294.345246][T11513]  filename_lookup+0x224/0x5f0
[  294.345260][T11513]  ? __pfx_filename_lookup+0x10/0x10
[  294.345286][T11513]  ? getname_flags.part.0+0x1c2/0x540
[  294.345300][T11513]  user_path_at+0x3a/0x60
[  294.345314][T11513]  do_fchownat+0xf9/0x200
[  294.345324][T11513]  ? __pfx_do_fchownat+0x10/0x10
[  294.345334][T11513]  ? __pfx_ksys_write+0x10/0x10
[  294.345350][T11513]  __ia32_sys_lchown16+0xe6/0x120
[  294.345364][T11513]  __do_fast_syscall_32+0x73/0x120
[  294.345377][T11513]  do_fast_syscall_32+0x32/0x80
[  294.345389][T11513]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  294.345402][T11513] RIP: 0023:0xf7f84579
[  294.345410][T11513] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  294.345419][T11513] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000010
[  294.345428][T11513] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000000000
[  294.345434][T11513] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  294.345439][T11513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  294.345444][T11513] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  294.345450][T11513] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  294.345462][T11513]  </TASK>
[  294.621420][T11532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1443'.
[  294.686194][ T6537] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  294.982019][ T6537] usb 5-1: device descriptor read/64, error -71
[  295.229529][ T6537] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  295.264718][T11556] FAULT_INJECTION: forcing a failure.
[  295.264718][T11556] name failslab, interval 1, probability 0, space 0, times 0
[  295.270005][T11556] CPU: 1 UID: 0 PID: 11556 Comm: syz.1.1450 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  295.270020][T11556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.270026][T11556] Call Trace:
[  295.270030][T11556]  <TASK>
[  295.270034][T11556]  dump_stack_lvl+0x16c/0x1f0
[  295.270049][T11556]  should_fail_ex+0x512/0x640
[  295.270072][T11556]  ? __kmalloc_noprof+0xbf/0x510
[  295.270090][T11556]  ? vb2_core_allocated_buffers_storage+0x184/0x220
[  295.270100][T11556]  should_failslab+0xc2/0x120
[  295.270110][T11556]  __kmalloc_noprof+0xd2/0x510
[  295.270128][T11556]  vb2_core_allocated_buffers_storage+0x184/0x220
[  295.270139][T11556]  vb2_core_reqbufs+0x398/0xfe0
[  295.270152][T11556]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  295.270174][T11556]  __vb2_init_fileio+0x3f1/0x1100
[  295.270184][T11556]  ? lockdep_hardirqs_on+0x7c/0x110
[  295.270194][T11556]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  295.270205][T11556]  ? __pollwait+0x271/0x490
[  295.270220][T11556]  vb2_core_poll+0x5ec/0x700
[  295.270239][T11556]  vb2_poll+0x33/0x150
[  295.270256][T11556]  vb2_fop_poll+0x10f/0x2c0
[  295.270273][T11556]  ? __pfx_vb2_fop_poll+0x10/0x10
[  295.270288][T11556]  v4l2_poll+0x160/0x320
[  295.270301][T11556]  ? __pfx_v4l2_poll+0x10/0x10
[  295.270312][T11556]  do_sys_poll+0x523/0xe00
[  295.270330][T11556]  ? __pfx_do_sys_poll+0x10/0x10
[  295.270356][T11556]  ? find_held_lock+0x2b/0x80
[  295.270369][T11556]  ? __pfx___pollwait+0x10/0x10
[  295.270384][T11556]  ? __pfx_pollwake+0x10/0x10
[  295.270418][T11556]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  295.270431][T11556]  ? set_compat_user_sigmask+0x213/0x2a0
[  295.270444][T11556]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  295.270456][T11556]  ? __fget_files+0x20e/0x3c0
[  295.270472][T11556]  __ia32_compat_sys_ppoll_time32+0x248/0x2c0
[  295.270489][T11556]  ? __pfx___ia32_compat_sys_ppoll_time32+0x10/0x10
[  295.270504][T11556]  ? ksys_write+0x1b9/0x240
[  295.270517][T11556]  ? __pfx_ksys_write+0x10/0x10
[  295.270532][T11556]  ? rcu_is_watching+0x12/0xc0
[  295.270546][T11556]  __do_fast_syscall_32+0x73/0x120
[  295.270558][T11556]  do_fast_syscall_32+0x32/0x80
[  295.270570][T11556]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  295.270582][T11556] RIP: 0023:0xf739e579
[  295.270590][T11556] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  295.270599][T11556] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000135
[  295.270609][T11556] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 0000000000000001
[  295.270615][T11556] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  295.270620][T11556] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  295.270625][T11556] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  295.270631][T11556] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  295.270643][T11556]  </TASK>
[  295.283821][T11557] random: crng reseeded on system resumption
[  295.426187][ T6537] usb 5-1: device descriptor read/64, error -71
[  295.536939][ T6537] usb usb5-port1: attempt power cycle
[  295.539691][ T5965] Bluetooth: hci3: command tx timeout
[  295.759418][T11575] block nbd3: not configured, cannot reconfigure
[  295.886275][ T6537] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  295.906603][ T6537] usb 5-1: device descriptor read/8, error -71
[  296.146413][ T6537] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  296.186617][ T6537] usb 5-1: device descriptor read/8, error -71
[  296.195017][T11584] tmpfs: Unknown parameter 'grpquota_inode_h'
[  296.296243][ T6537] usb usb5-port1: unable to enumerate USB device
[  296.503481][T11590] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1458'.
[  297.089708][T11600] FAULT_INJECTION: forcing a failure.
[  297.089708][T11600] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.093165][T11600] CPU: 0 UID: 0 PID: 11600 Comm: syz.1.1461 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  297.093179][T11600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  297.093185][T11600] Call Trace:
[  297.093189][T11600]  <TASK>
[  297.093193][T11600]  dump_stack_lvl+0x16c/0x1f0
[  297.093208][T11600]  should_fail_ex+0x512/0x640
[  297.093222][T11600]  _copy_to_user+0x32/0xd0
[  297.093238][T11600]  simple_read_from_buffer+0xcb/0x170
[  297.093254][T11600]  proc_fail_nth_read+0x197/0x270
[  297.093268][T11600]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  297.093283][T11600]  ? rw_verify_area+0xcf/0x680
[  297.093295][T11600]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  297.093308][T11600]  vfs_read+0x1de/0xc70
[  297.093324][T11600]  ? __pfx___mutex_lock+0x10/0x10
[  297.093335][T11600]  ? __pfx_vfs_read+0x10/0x10
[  297.093351][T11600]  ? __fget_files+0x20e/0x3c0
[  297.093369][T11600]  ksys_read+0x12a/0x240
[  297.093382][T11600]  ? __pfx_ksys_read+0x10/0x10
[  297.093397][T11600]  ? rcu_is_watching+0x12/0xc0
[  297.093411][T11600]  __do_fast_syscall_32+0x73/0x120
[  297.093424][T11600]  do_fast_syscall_32+0x32/0x80
[  297.093435][T11600]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  297.093448][T11600] RIP: 0023:0xf739e579
[  297.093455][T11600] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  297.093465][T11600] RSP: 002b:00000000f5026590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  297.093474][T11600] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5026620
[  297.093480][T11600] RDX: 000000000000000f RSI: 00000000f738cff4 RDI: 0000000000000000
[  297.093485][T11600] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  297.093490][T11600] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  297.093495][T11600] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  297.093507][T11600]  </TASK>
[  297.148552][    C0] vkms_vblank_simulate: vblank timer overrun
[  297.644153][T11618] FAULT_INJECTION: forcing a failure.
[  297.644153][T11618] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.648068][T11618] CPU: 3 UID: 0 PID: 11618 Comm: syz.2.1469 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  297.648084][T11618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  297.648090][T11618] Call Trace:
[  297.648094][T11618]  <TASK>
[  297.648098][T11618]  dump_stack_lvl+0x16c/0x1f0
[  297.648113][T11618]  should_fail_ex+0x512/0x640
[  297.648126][T11618]  _copy_to_user+0x32/0xd0
[  297.648139][T11618]  simple_read_from_buffer+0xcb/0x170
[  297.648154][T11618]  proc_fail_nth_read+0x197/0x270
[  297.648168][T11618]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  297.648182][T11618]  ? rw_verify_area+0xcf/0x680
[  297.648194][T11618]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  297.648207][T11618]  vfs_read+0x1de/0xc70
[  297.648222][T11618]  ? __pfx___mutex_lock+0x10/0x10
[  297.648233][T11618]  ? __pfx_vfs_read+0x10/0x10
[  297.648250][T11618]  ? __fget_files+0x20e/0x3c0
[  297.648268][T11618]  ksys_read+0x12a/0x240
[  297.648281][T11618]  ? __pfx_ksys_read+0x10/0x10
[  297.648296][T11618]  ? rcu_is_watching+0x12/0xc0
[  297.648310][T11618]  __do_fast_syscall_32+0x73/0x120
[  297.648323][T11618]  do_fast_syscall_32+0x32/0x80
[  297.648334][T11618]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  297.648346][T11618] RIP: 0023:0xf745e579
[  297.648355][T11618] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  297.648364][T11618] RSP: 002b:00000000f50e6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  297.648398][T11618] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50e6620
[  297.648404][T11618] RDX: 000000000000000f RSI: 00000000f744cff4 RDI: 0000000000000000
[  297.648410][T11618] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  297.648415][T11618] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  297.648420][T11618] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  297.648433][T11618]  </TASK>
[  297.722282][T11620] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  297.814680][T11625] block nbd0: not configured, cannot reconfigure
[  297.946471][T11628] lo speed is unknown, defaulting to 1000
[  297.953614][T11628] lo speed is unknown, defaulting to 1000
[  297.958355][T11628] lo speed is unknown, defaulting to 1000
[  298.049781][T11628] infiniband s
z1: set active
[  298.051182][T11628] infiniband s
z1: added lo
[  298.070695][T11628] RDS/IB: s
z1: added
[  298.072103][T11628] smc: adding ib device s
z1 with port count 1
[  298.073756][T11628] smc:    ib device s
z1 port 1 has pnetid 
[  298.077648][T11628] lo speed is unknown, defaulting to 1000
[  298.155840][T11628] lo speed is unknown, defaulting to 1000
[  298.233063][T11628] lo speed is unknown, defaulting to 1000
[  298.308221][T11628] lo speed is unknown, defaulting to 1000
[  298.383584][T11628] lo speed is unknown, defaulting to 1000
[  298.460569][T11628] lo speed is unknown, defaulting to 1000
[  298.546035][T11628] lo speed is unknown, defaulting to 1000
[  298.597986][   T58] lo speed is unknown, defaulting to 1000
[  298.599998][   T58] lo speed is unknown, defaulting to 1000
[  298.634222][T11628] lo speed is unknown, defaulting to 1000
[  298.726757][T11628] lo speed is unknown, defaulting to 1000
[  298.802220][T11628] lo speed is unknown, defaulting to 1000
[  298.878115][T11628] lo speed is unknown, defaulting to 1000
[  298.953389][T11628] lo speed is unknown, defaulting to 1000
[  299.028285][T11628] lo speed is unknown, defaulting to 1000
[  299.105103][T11628] lo speed is unknown, defaulting to 1000
[  299.287212][  T836] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  299.602517][T11648] lo speed is unknown, defaulting to 1000
[  299.847808][T11655] lo speed is unknown, defaulting to 1000
[  299.890630][T11657] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1479'.
[  300.736358][T11674] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  300.738679][T11674] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  301.198785][T11687] block nbd0: not configured, cannot reconfigure
[  301.956968][T11698] lo speed is unknown, defaulting to 1000
[  302.135468][T11699] lo speed is unknown, defaulting to 1000
[  302.538410][T11717] Bluetooth: MGMT ver 1.23
[  304.287739][T11753] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1503'.
[  304.418849][T11748] block nbd2: not configured, cannot reconfigure
[  304.438816][T11747] lo speed is unknown, defaulting to 1000
[  304.670744][T11757] lo speed is unknown, defaulting to 1000
[  304.733532][T11758] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1504'.
[  304.885836][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x4
[  304.889201][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x2
[  304.891416][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.893510][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.895604][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.898226][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.900358][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.902550][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.904649][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.906854][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.908943][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.911013][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.913180][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.915260][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.918082][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.920547][ T1018] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0
[  304.923717][ T1018] hid-generic 0000:3000000:0000.0007: hidraw1: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  305.336441][ T6009] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  305.359900][T11773] block nbd1: not configured, cannot reconfigure
[  305.536440][ T6009] usb 7-1: Using ep0 maxpacket: 8
[  305.539982][ T6009] usb 7-1: config 0 has an invalid descriptor of length 182, skipping remainder of the config
[  305.543176][ T6009] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  305.548451][ T6009] usb 7-1: New USB device found, idVendor=6f97, idProduct=c20e, bcdDevice= 0.00
[  305.551016][ T6009] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.554258][ T6009] usb 7-1: config 0 descriptor??
[  305.766821][T11766] netlink: 'syz.2.1505': attribute type 8 has an invalid length.
[  305.847426][T11781] 9pnet_fd: Insufficient options for proto=fd
[  306.720796][T11795] block nbd0: not configured, cannot reconfigure
[  306.881563][T11792] 9pnet_fd: Insufficient options for proto=fd
[  307.422041][T11809] block nbd1: not configured, cannot reconfigure
[  307.843535][ T6009] usb 7-1: string descriptor 0 read error: -71
[  307.846333][ T6009] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  307.849004][ T6009] usb 7-1: USB disconnect, device number 22
[  308.591645][T11819] lo speed is unknown, defaulting to 1000
[  309.247317][T11836] 9pnet_fd: Insufficient options for proto=fd
[  309.683252][T11849] lo speed is unknown, defaulting to 1000
[  310.084726][T11842] lo speed is unknown, defaulting to 1000
[  310.930023][T11875] 9pnet_fd: Insufficient options for proto=fd
[  312.662224][T11913] lo speed is unknown, defaulting to 1000
[  313.240779][T11924] 9pnet_fd: Insufficient options for proto=fd
[  313.346346][T11927] block nbd1: not configured, cannot reconfigure
[  315.018445][T11960] lo speed is unknown, defaulting to 1000
[  315.527283][T11973] 9pnet_fd: Insufficient options for proto=fd
[  316.161020][T11977] usb usb1: usbfs: process 11977 (syz.2.1559) did not claim interface 0 before use
[  316.579370][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  316.585104][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  317.330360][T12012] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1570'.
[  317.782168][T12018] lo speed is unknown, defaulting to 1000
[  317.807597][T12017] 9pnet_fd: Insufficient options for proto=fd
[  317.961957][T12026] lo speed is unknown, defaulting to 1000
[  318.009240][T12022] veth1_to_team: entered promiscuous mode
[  318.010872][T12022] veth1_to_team: entered allmulticast mode
[  318.460624][T12038] block nbd0: not configured, cannot reconfigure
[  318.591215][   T65] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  318.596964][  T102] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  319.652107][T12065] lo speed is unknown, defaulting to 1000
[  320.368435][T12070] lo speed is unknown, defaulting to 1000
[  320.512690][T12063] lo speed is unknown, defaulting to 1000
[  321.231433][T12093] block nbd3: not configured, cannot reconfigure
[  322.163236][T12116] lo speed is unknown, defaulting to 1000
[  322.308057][ T6537] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  322.432021][T12121] lo speed is unknown, defaulting to 1000
[  323.154683][T12133] lo speed is unknown, defaulting to 1000
[  323.686495][ T1168] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  323.791935][T12144] lo speed is unknown, defaulting to 1000
[  324.517063][T12173] 9pnet_fd: Insufficient options for proto=fd
[  325.551086][T12188] lo speed is unknown, defaulting to 1000
[  325.715129][T12196] rdma_rxe: rxe_newlink: failed to add lo
[  327.204838][T12225] 9pnet_fd: Insufficient options for proto=fd
[  327.282535][T12223] lo speed is unknown, defaulting to 1000
[  327.817960][T12228] block nbd1: not configured, cannot reconfigure
[  327.860486][T12232] lo speed is unknown, defaulting to 1000
[  329.376773][ T1227] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  329.461332][T12264] lo speed is unknown, defaulting to 1000
[  329.742752][T12279] 9pnet_fd: Insufficient options for proto=fd
[  330.394252][T12289] block nbd1: not configured, cannot reconfigure
[  330.447733][T12288] lo speed is unknown, defaulting to 1000
[  333.009964][T12330] lo speed is unknown, defaulting to 1000
[  333.461376][T12342] lo speed is unknown, defaulting to 1000
[  333.787256][T12355] FAULT_INJECTION: forcing a failure.
[  333.787256][T12355] name failslab, interval 1, probability 0, space 0, times 0
[  333.790849][T12355] CPU: 3 UID: 0 PID: 12355 Comm: syz.1.1657 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  333.790864][T12355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  333.790870][T12355] Call Trace:
[  333.790874][T12355]  <TASK>
[  333.790878][T12355]  dump_stack_lvl+0x16c/0x1f0
[  333.790894][T12355]  should_fail_ex+0x512/0x640
[  333.790905][T12355]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  333.790922][T12355]  should_failslab+0xc2/0x120
[  333.790932][T12355]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  333.790946][T12355]  ? rcu_is_watching+0x12/0xc0
[  333.790958][T12355]  ? prepare_creds+0x2c/0x7d0
[  333.790971][T12355]  prepare_creds+0x2c/0x7d0
[  333.790983][T12355]  copy_creds+0xa7/0xa50
[  333.790995][T12355]  copy_process+0x10b1/0x91a0
[  333.791009][T12355]  ? __lock_acquire+0x5ca/0x1ba0
[  333.791026][T12355]  ? __pfx_copy_process+0x10/0x10
[  333.791046][T12355]  ? find_held_lock+0x2b/0x80
[  333.791058][T12355]  ? __might_fault+0xe3/0x190
[  333.791072][T12355]  ? __might_fault+0xe3/0x190
[  333.791086][T12355]  ? __might_fault+0x13b/0x190
[  333.791103][T12355]  ? _copy_from_user+0x59/0xd0
[  333.791117][T12355]  kernel_clone+0xfc/0x960
[  333.791130][T12355]  ? get_pid_task+0xfc/0x250
[  333.791140][T12355]  ? __pfx_kernel_clone+0x10/0x10
[  333.791161][T12355]  __do_sys_clone3+0x212/0x290
[  333.791175][T12355]  ? __pfx___do_sys_clone3+0x10/0x10
[  333.791195][T12355]  ? __fget_files+0x20e/0x3c0
[  333.791216][T12355]  ? rcu_is_watching+0x12/0xc0
[  333.791229][T12355]  __do_fast_syscall_32+0x73/0x120
[  333.791242][T12355]  do_fast_syscall_32+0x32/0x80
[  333.791253][T12355]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  333.791265][T12355] RIP: 0023:0xf739e579
[  333.791273][T12355] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  333.791283][T12355] RSP: 002b:00000000f502642c EFLAGS: 00000286 ORIG_RAX: 00000000000001b3
[  333.791292][T12355] RAX: ffffffffffffffda RBX: 00000000f5026460 RCX: 0000000000000058
[  333.791307][T12355] RDX: 0000000000000000 RSI: 0000000000000400 RDI: 0000000000000002
[  333.791314][T12355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  333.791319][T12355] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  333.791325][T12355] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  333.791337][T12355]  </TASK>
[  334.423668][T12375] block nbd0: not configured, cannot reconfigure
[  334.896669][T12386] FAULT_INJECTION: forcing a failure.
[  334.896669][T12386] name failslab, interval 1, probability 0, space 0, times 0
[  334.917247][T12386] CPU: 0 UID: 0 PID: 12386 Comm: syz.3.1667 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  334.917269][T12386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  334.917279][T12386] Call Trace:
[  334.917285][T12386]  <TASK>
[  334.917291][T12386]  dump_stack_lvl+0x16c/0x1f0
[  334.917313][T12386]  should_fail_ex+0x512/0x640
[  334.917331][T12386]  ? fs_reclaim_acquire+0xae/0x150
[  334.917352][T12386]  ? tomoyo_encode2+0x100/0x3e0
[  334.917372][T12386]  should_failslab+0xc2/0x120
[  334.917388][T12386]  __kmalloc_noprof+0xd2/0x510
[  334.917411][T12386]  ? d_absolute_path+0x136/0x1a0
[  334.917433][T12386]  tomoyo_encode2+0x100/0x3e0
[  334.917455][T12386]  tomoyo_encode+0x29/0x50
[  334.917473][T12386]  tomoyo_realpath_from_path+0x18f/0x6e0
[  334.917501][T12386]  tomoyo_path_number_perm+0x245/0x580
[  334.917518][T12386]  ? tomoyo_path_number_perm+0x237/0x580
[  334.917537][T12386]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  334.917556][T12386]  ? find_held_lock+0x2b/0x80
[  334.917597][T12386]  ? find_held_lock+0x2b/0x80
[  334.917615][T12386]  ? hook_file_ioctl_common+0x145/0x410
[  334.917635][T12386]  ? __fget_files+0x20e/0x3c0
[  334.917663][T12386]  security_file_ioctl_compat+0x9b/0x240
[  334.917685][T12386]  __do_compat_sys_ioctl+0x4e/0x2c0
[  334.917708][T12386]  __do_fast_syscall_32+0x73/0x120
[  334.917730][T12386]  do_fast_syscall_32+0x32/0x80
[  334.917749][T12386]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  334.917768][T12386] RIP: 0023:0xf7f64579
[  334.917781][T12386] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  334.917795][T12386] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  334.917810][T12386] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004008ae89
[  334.917829][T12386] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  334.917838][T12386] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  334.917847][T12386] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  334.917856][T12386] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  334.917877][T12386]  </TASK>
[  334.917894][T12386] ERROR: Out of memory at tomoyo_realpath_from_path.
[  335.127165][   T66] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  335.387606][T12393] lo speed is unknown, defaulting to 1000
[  336.374264][T12387] syz.2.1666 (12387) used greatest stack depth: 18856 bytes left
[  336.517479][ T6537] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  336.638878][T12420] lo speed is unknown, defaulting to 1000
[  336.677306][ T6537] usb 6-1: config 0 has no interfaces?
[  336.678765][ T6537] usb 6-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  336.681274][ T6537] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.684894][ T6537] usb 6-1: config 0 descriptor??
[  336.890813][   T34] usb 6-1: USB disconnect, device number 10
[  337.980701][T12433] block nbd2: not configured, cannot reconfigure
[  338.776158][   T65] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  338.988794][   T65] usb 7-1: config 0 has no interfaces?
[  338.990931][   T65] usb 7-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  338.997768][   T65] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.001043][   T65] usb 7-1: config 0 descriptor??
[  339.210778][ T6537] usb 7-1: USB disconnect, device number 23
[  339.696013][T12466] block nbd0: not configured, cannot reconfigure
[  340.208370][T12475] lo speed is unknown, defaulting to 1000
[  340.886727][   T84] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  341.247498][T12494] block nbd2: not configured, cannot reconfigure
[  341.656132][ T5956] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  341.709286][T12507] FAULT_INJECTION: forcing a failure.
[  341.709286][T12507] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.712662][T12507] CPU: 3 UID: 0 PID: 12507 Comm: syz.2.1704 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  341.712677][T12507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  341.712684][T12507] Call Trace:
[  341.712688][T12507]  <TASK>
[  341.712692][T12507]  dump_stack_lvl+0x16c/0x1f0
[  341.712707][T12507]  should_fail_ex+0x512/0x640
[  341.712720][T12507]  _copy_from_iter+0x2a4/0x15b0
[  341.712735][T12507]  ? __pfx__copy_from_iter+0x10/0x10
[  341.712748][T12507]  ? __pfx___might_resched+0x10/0x10
[  341.712762][T12507]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  341.712775][T12507]  hci_sock_sendmsg+0x46d/0x25e0
[  341.712793][T12507]  ? __pfx_aa_sk_perm+0x10/0x10
[  341.712804][T12507]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  341.712823][T12507]  sock_write_iter+0x4fc/0x5b0
[  341.712838][T12507]  ? __pfx_sock_write_iter+0x10/0x10
[  341.712856][T12507]  ? bpf_lsm_file_permission+0x9/0x10
[  341.712869][T12507]  ? security_file_permission+0x71/0x210
[  341.712882][T12507]  ? rw_verify_area+0xcf/0x680
[  341.712895][T12507]  vfs_write+0x5ba/0x1180
[  341.712909][T12507]  ? __pfx_sock_write_iter+0x10/0x10
[  341.712923][T12507]  ? __pfx_vfs_write+0x10/0x10
[  341.712936][T12507]  ? find_held_lock+0x2b/0x80
[  341.712956][T12507]  ksys_write+0x205/0x240
[  341.712969][T12507]  ? __pfx_ksys_write+0x10/0x10
[  341.712984][T12507]  ? rcu_is_watching+0x12/0xc0
[  341.712998][T12507]  __do_fast_syscall_32+0x73/0x120
[  341.713011][T12507]  do_fast_syscall_32+0x32/0x80
[  341.713022][T12507]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  341.713038][T12507] RIP: 0023:0xf745e579
[  341.713046][T12507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  341.713055][T12507] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  341.713064][T12507] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080001280
[  341.713070][T12507] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000
[  341.713075][T12507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  341.713080][T12507] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  341.713086][T12507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  341.713097][T12507]  </TASK>
[  341.821368][   T40] audit: type=1326 audit(1743591975.083:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  341.829227][   T40] audit: type=1326 audit(1743591975.083:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  341.836334][   T40] audit: type=1326 audit(1743591975.083:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf745e579 code=0x7ffc0000
[  341.842298][   T40] audit: type=1326 audit(1743591975.083:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  341.852498][   T40] audit: type=1326 audit(1743591975.083:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  341.857935][ T5956] usb 6-1: config 0 has no interfaces?
[  341.860852][   T40] audit: type=1326 audit(1743591975.083:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=379 compat=1 ip=0xf745e579 code=0x7ffc0000
[  341.862012][ T5956] usb 6-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  341.873937][ T5956] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.874040][   T40] audit: type=1326 audit(1743591975.083:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  341.878150][ T5956] usb 6-1: config 0 descriptor??
[  341.882110][   T40] audit: type=1326 audit(1743591975.083:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  341.895404][   T40] audit: type=1326 audit(1743591975.083:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  341.901911][   T40] audit: type=1326 audit(1743591975.083:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12509 comm="syz.2.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  342.090528][   T65] usb 6-1: USB disconnect, device number 11
[  343.404337][T12544] block nbd0: not configured, cannot reconfigure
[  343.814273][T12558] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1717'.
[  344.296329][T12565] 9pnet_fd: Insufficient options for proto=fd
[  344.623286][T12567] lo speed is unknown, defaulting to 1000
[  345.448922][T12581] lo speed is unknown, defaulting to 1000
[  346.308978][T12606] netlink: 'syz.1.1728': attribute type 1 has an invalid length.
[  346.337244][T12606] 8021q: adding VLAN 0 to HW filter on device bond1
[  346.349116][T12606] bond1: (slave gretap1): making interface the new active one
[  346.351747][T12606] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  346.440302][T12598] lo speed is unknown, defaulting to 1000
[  346.448907][T12607] block nbd3: not configured, cannot reconfigure
[  346.647536][ T1227] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  347.132068][T12613] 9pnet_fd: Insufficient options for proto=fd
[  347.158872][T12623] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1734'.
[  347.574480][T12629] lo speed is unknown, defaulting to 1000
[  348.270786][T12640] hub 6-0:1.0: USB hub found
[  348.272312][T12640] hub 6-0:1.0: 1 port detected
[  349.622529][T12657] block nbd0: not configured, cannot reconfigure
[  349.759785][T12662] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1743'.
[  349.774417][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  349.776142][   T40] audit: type=1326 audit(1743591983.033:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  349.782899][   T40] audit: type=1326 audit(1743591983.033:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  349.792366][   T40] audit: type=1326 audit(1743591983.033:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=241 compat=1 ip=0xf745e579 code=0x7ffc0000
[  349.800497][   T40] audit: type=1326 audit(1743591983.033:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  349.807168][   T40] audit: type=1326 audit(1743591983.033:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  349.814889][   T40] audit: type=1326 audit(1743591983.033:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf745e579 code=0x7ffc0000
[  349.822766][   T40] audit: type=1326 audit(1743591983.033:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  349.828781][   T40] audit: type=1326 audit(1743591983.033:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  349.835337][   T40] audit: type=1326 audit(1743591983.043:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=241 compat=1 ip=0xf745e579 code=0x7ffc0000
[  349.841281][   T40] audit: type=1326 audit(1743591983.043:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.2.1743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000
[  351.768875][ T1168] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  352.353659][T12707] block nbd0: not configured, cannot reconfigure
[  352.617935][T12712] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1756'.
[  353.527763][T12717] lo speed is unknown, defaulting to 1000
[  354.900851][T12741] hub 6-0:1.0: USB hub found
[  354.902369][T12741] hub 6-0:1.0: 1 port detected
[  355.567900][T12755] block nbd3: not configured, cannot reconfigure
[  355.750529][T12753] lo speed is unknown, defaulting to 1000
[  357.540579][ T1168] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  358.238640][ T6009] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  358.309454][T12801] 9pnet_fd: Insufficient options for proto=fd
[  358.606691][ T6009] usb 5-1: config 0 has no interfaces?
[  358.608670][ T6009] usb 5-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  358.612218][ T6009] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.636332][ T6009] usb 5-1: config 0 descriptor??
[  358.850562][ T6009] usb 5-1: USB disconnect, device number 17
[  360.907989][T12846] 9pnet_fd: Insufficient options for proto=fd
[  361.713176][T12864] 9pnet_fd: Insufficient options for proto=fd
[  362.657036][ T1139] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  363.054951][T12886] 9pnet_fd: Insufficient options for proto=fd
[  363.273212][T12891] FAULT_INJECTION: forcing a failure.
[  363.273212][T12891] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.277978][T12891] CPU: 2 UID: 0 PID: 12891 Comm: syz.2.1806 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  363.277993][T12891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  363.278000][T12891] Call Trace:
[  363.278003][T12891]  <TASK>
[  363.278007][T12891]  dump_stack_lvl+0x16c/0x1f0
[  363.278022][T12891]  should_fail_ex+0x512/0x640
[  363.278036][T12891]  _copy_to_user+0x32/0xd0
[  363.278048][T12891]  simple_read_from_buffer+0xcb/0x170
[  363.278064][T12891]  proc_fail_nth_read+0x197/0x270
[  363.278078][T12891]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  363.278093][T12891]  ? rw_verify_area+0xcf/0x680
[  363.278104][T12891]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  363.278118][T12891]  vfs_read+0x1de/0xc70
[  363.278133][T12891]  ? __pfx___mutex_lock+0x10/0x10
[  363.278145][T12891]  ? __pfx_vfs_read+0x10/0x10
[  363.278161][T12891]  ? __fget_files+0x20e/0x3c0
[  363.278179][T12891]  ksys_read+0x12a/0x240
[  363.278192][T12891]  ? __pfx_ksys_read+0x10/0x10
[  363.278206][T12891]  ? rcu_is_watching+0x12/0xc0
[  363.278221][T12891]  __do_fast_syscall_32+0x73/0x120
[  363.278233][T12891]  do_fast_syscall_32+0x32/0x80
[  363.278245][T12891]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  363.278257][T12891] RIP: 0023:0xf745e579
[  363.278264][T12891] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  363.278273][T12891] RSP: 002b:00000000f50e6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  363.278283][T12891] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000f50e6620
[  363.278289][T12891] RDX: 000000000000000f RSI: 00000000f744cff4 RDI: 0000000000000000
[  363.278295][T12891] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  363.278300][T12891] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  363.278305][T12891] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  363.278317][T12891]  </TASK>
[  364.636133][   T34] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  364.917269][   T34] usb 7-1: config 0 has no interfaces?
[  364.918824][   T34] usb 7-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  364.921346][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.924603][   T34] usb 7-1: config 0 descriptor??
[  365.160542][ T6537] usb 7-1: USB disconnect, device number 24
[  366.042180][T12935] 9pnet_fd: Insufficient options for proto=fd
[  367.826734][T12972] block nbd3: not configured, cannot reconfigure
[  367.852349][T12971] block nbd2: not configured, cannot reconfigure
[  367.956179][ T6009] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  368.067083][T12978] lo speed is unknown, defaulting to 1000
[  368.109185][ T6009] usb 6-1: config 0 has no interfaces?
[  368.110773][ T6009] usb 6-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  368.113271][ T6009] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.136788][ T6009] usb 6-1: config 0 descriptor??
[  368.341581][ T6009] usb 6-1: USB disconnect, device number 12
[  368.407697][   T66] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  368.743819][T12997] 9pnet_fd: Insufficient options for proto=fd
[  368.939236][T13003] overlayfs: failed to resolve './file1': -2
[  369.929844][T13021] block nbd3: not configured, cannot reconfigure
[  370.185769][T13034] FAULT_INJECTION: forcing a failure.
[  370.185769][T13034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  370.190980][T13034] CPU: 3 UID: 0 PID: 13034 Comm: syz.1.1847 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  370.190995][T13034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  370.191002][T13034] Call Trace:
[  370.191005][T13034]  <TASK>
[  370.191009][T13034]  dump_stack_lvl+0x16c/0x1f0
[  370.191024][T13034]  should_fail_ex+0x512/0x640
[  370.191037][T13034]  _copy_from_user+0x2e/0xd0
[  370.191049][T13034]  bpf_test_init.isra.0+0xe2/0x140
[  370.191061][T13034]  bpf_prog_test_run_skb+0x245/0x2280
[  370.191073][T13034]  ? __fget_files+0x204/0x3c0
[  370.191090][T13034]  ? __fget_files+0x20e/0x3c0
[  370.191103][T13034]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  370.191116][T13034]  ? fput+0x70/0xf0
[  370.191127][T13034]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  370.191137][T13034]  __sys_bpf+0x1485/0x4d80
[  370.191151][T13034]  ? __pfx___sys_bpf+0x10/0x10
[  370.191162][T13034]  ? ksys_write+0x190/0x240
[  370.191177][T13034]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  370.191196][T13034]  ? fput+0x70/0xf0
[  370.191205][T13034]  ? ksys_write+0x1b9/0x240
[  370.191218][T13034]  ? __pfx_ksys_write+0x10/0x10
[  370.191233][T13034]  __ia32_sys_bpf+0x76/0xe0
[  370.191245][T13034]  __do_fast_syscall_32+0x73/0x120
[  370.191258][T13034]  do_fast_syscall_32+0x32/0x80
[  370.191269][T13034]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  370.191281][T13034] RIP: 0023:0xf739e579
[  370.191289][T13034] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  370.191298][T13034] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  370.191308][T13034] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000800004c0
[  370.191314][T13034] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  370.191320][T13034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  370.191325][T13034] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  370.191330][T13034] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  370.191342][T13034]  </TASK>
[  370.416377][ T5956] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  370.440280][T13042] block nbd2: not configured, cannot reconfigure
[  370.569050][ T5956] usb 5-1: config 0 has no interfaces?
[  370.571223][ T5956] usb 5-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  370.574196][ T5956] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.620308][ T5956] usb 5-1: config 0 descriptor??
[  370.833494][ T5956] usb 5-1: USB disconnect, device number 18
[  370.848380][T13048] 9pnet_fd: Insufficient options for proto=fd
[  371.091832][T13050] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  371.208370][T13050] /dev/sr0: Can't open blockdev
[  373.006569][T13092] lo speed is unknown, defaulting to 1000
[  374.176382][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  374.614434][T13123] block nbd1: not configured, cannot reconfigure
[  374.783525][T13126] lo speed is unknown, defaulting to 1000
[  375.618290][T13155] lo speed is unknown, defaulting to 1000
[  376.990272][T13178] lo speed is unknown, defaulting to 1000
[  377.715441][T13192] lo speed is unknown, defaulting to 1000
[  377.860230][T13186] lo speed is unknown, defaulting to 1000
[  378.008034][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  378.009821][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  378.899455][T13201] lo speed is unknown, defaulting to 1000
[  379.926739][ T1143] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  380.059153][T13212] lo speed is unknown, defaulting to 1000
[  380.869849][T13230] block nbd2: not configured, cannot reconfigure
[  381.725603][T13253] lo speed is unknown, defaulting to 1000
[  381.872059][ T5965] Bluetooth: hci0: ACL packet for unknown connection handle 346
[  381.946221][T13241] lo speed is unknown, defaulting to 1000
[  382.017819][T13245] lo speed is unknown, defaulting to 1000
[  382.992936][T13278] 9pnet_fd: Insufficient options for proto=fd
[  383.774336][T13290] lo speed is unknown, defaulting to 1000
[  383.913177][T13281] block nbd0: not configured, cannot reconfigure
[  383.918259][T13286] block nbd2: not configured, cannot reconfigure
[  384.619792][T13306] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  384.625436][T13306] batman_adv: batadv0: Adding interface: gretap1
[  384.627314][T13306] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.634149][T13306] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  385.025804][T13309] FAULT_INJECTION: forcing a failure.
[  385.025804][T13309] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  385.035665][T13309] CPU: 2 UID: 0 PID: 13309 Comm: syz.1.1923 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  385.035679][T13309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  385.035686][T13309] Call Trace:
[  385.035689][T13309]  <TASK>
[  385.035693][T13309]  dump_stack_lvl+0x16c/0x1f0
[  385.035709][T13309]  should_fail_ex+0x512/0x640
[  385.035723][T13309]  _copy_from_user+0x2e/0xd0
[  385.035745][T13309]  memdup_user+0x6b/0xe0
[  385.035757][T13309]  sctp_getsockopt+0x2a0b/0x6b90
[  385.035773][T13309]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  385.035786][T13309]  ? __pfx_sctp_getsockopt+0x10/0x10
[  385.035809][T13309]  ? get_pid_task+0xfc/0x250
[  385.035819][T13309]  ? __pfx___might_resched+0x10/0x10
[  385.035836][T13309]  ? aa_sk_perm+0x2f4/0xb10
[  385.035847][T13309]  ? __pfx_aa_sk_perm+0x10/0x10
[  385.035858][T13309]  ? find_held_lock+0x2b/0x80
[  385.035872][T13309]  ? sock_common_getsockopt+0x21/0xb0
[  385.035884][T13309]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  385.035897][T13309]  do_sock_getsockopt+0x3fc/0x800
[  385.035912][T13309]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  385.035924][T13309]  ? __fget_files+0x204/0x3c0
[  385.035945][T13309]  __sys_getsockopt+0x12f/0x260
[  385.035959][T13309]  __ia32_sys_getsockopt+0xbc/0x160
[  385.035968][T13309]  ? lockdep_hardirqs_on+0x7c/0x110
[  385.035979][T13309]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  385.035990][T13309]  __do_fast_syscall_32+0x73/0x120
[  385.036003][T13309]  do_fast_syscall_32+0x32/0x80
[  385.036014][T13309]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  385.036027][T13309] RIP: 0023:0xf739e579
[  385.036036][T13309] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  385.036045][T13309] RSP: 002b:00000000f500555c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  385.036064][T13309] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000084
[  385.036071][T13309] RDX: 000000000000006f RSI: 0000000080000280 RDI: 00000000800002c0
[  385.036077][T13309] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  385.036082][T13309] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  385.036087][T13309] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  385.036100][T13309]  </TASK>
[  385.535245][T13328] lo speed is unknown, defaulting to 1000
[  385.688554][ T1139] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  385.736135][ T5956] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  386.137513][ T5956] usb 5-1: config 0 has no interfaces?
[  386.139088][ T5956] usb 5-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  386.141563][ T5956] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.144989][ T5956] usb 5-1: config 0 descriptor??
[  386.190877][T13331] lo speed is unknown, defaulting to 1000
[  386.248873][T13339] 8021q: adding VLAN 0 to HW filter on device bond1
[  386.251804][T13339] bond0: (slave bond1): Enslaving as an active interface with an up link
[  386.349402][ T6537] usb 5-1: USB disconnect, device number 19
[  386.495361][T13343] 9pnet_fd: Insufficient options for proto=fd
[  386.625059][T13354] kvm: pic: single mode not supported
[  386.625081][T13354] kvm: pic: level sensitive irq not supported
[  386.629342][T13354] kvm: pic: non byte read
[  386.633124][T13354] kvm: pic: single mode not supported
[  386.633132][T13354] kvm: pic: level sensitive irq not supported
[  386.634867][T13354] kvm: pic: non byte read
[  387.060889][T13372] netlink: 'syz.0.1940': attribute type 5 has an invalid length.
[  387.067904][T13373] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  387.073531][T13373] batman_adv: batadv0: Adding interface: gretap2
[  387.075405][T13373] batman_adv: batadv0: The MTU of interface gretap2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.082891][T13373] batman_adv: batadv0: Not using interface gretap2 (retrying later): interface not active
[  387.288190][T13378] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  387.456833][T13378] /dev/sr0: Can't open blockdev
[  387.476407][T13379] lo speed is unknown, defaulting to 1000
[  387.854332][T13391] tipc: Failed to remove unknown binding: 66,1,1/4294967295:712221036/712221038
[  388.257646][   T34] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  388.409680][   T34] usb 6-1: config 0 has no interfaces?
[  388.411254][   T34] usb 6-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  388.413768][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.417312][   T34] usb 6-1: config 0 descriptor??
[  388.629941][ T6011] usb 6-1: USB disconnect, device number 13
[  389.407947][T13419] 9pnet_fd: Insufficient options for proto=fd
[  390.601553][T13432] lo speed is unknown, defaulting to 1000
[  390.806488][ T1139] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  391.576218][ T6011] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  391.738494][ T6011] usb 6-1: config 0 has no interfaces?
[  391.740237][ T6011] usb 6-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  391.743247][ T6011] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.748865][ T6011] usb 6-1: config 0 descriptor??
[  391.968715][ T1018] usb 6-1: USB disconnect, device number 14
[  392.508187][T13457] lo speed is unknown, defaulting to 1000
[  392.519227][T13456] 9pnet_fd: Insufficient options for proto=fd
[  393.547483][T13494] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  393.917852][T13501] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[  393.919748][T13501] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  393.921940][T13501] vhci_hcd vhci_hcd.0: Device attached
[  393.925245][T13501] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(14)
[  393.927136][T13501] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  393.932483][T13501] vhci_hcd vhci_hcd.0: Device attached
[  393.944740][T13501] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  393.949648][T13501] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(18)
[  393.951516][T13501] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  393.953652][T13501] vhci_hcd vhci_hcd.0: Device attached
[  393.974160][T13502] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(21)
[  393.976243][T13502] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  393.978467][T13502] vhci_hcd vhci_hcd.0: Device attached
[  393.983570][T13501] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(23)
[  393.986109][T13501] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  393.988957][T13501] vhci_hcd vhci_hcd.0: Device attached
[  393.991081][T13501] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  393.993827][T13502] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  394.007541][T13501] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  394.026619][T13509] vhci_hcd: connection closed
[  394.026894][  T102] vhci_hcd: stop threads
[  394.027257][T13503] vhci_hcd: connection closed
[  394.028401][  T102] vhci_hcd: release socket
[  394.032184][  T102] vhci_hcd: disconnect device
[  394.036374][T13511] vhci_hcd: connection closed
[  394.037240][T13507] vhci_hcd: connection closed
[  394.038814][T13505] vhci_hcd: connection closed
[  394.056358][  T102] vhci_hcd: stop threads
[  394.060023][  T102] vhci_hcd: release socket
[  394.062837][  T102] vhci_hcd: disconnect device
[  394.065112][  T102] vhci_hcd: stop threads
[  394.066383][  T102] vhci_hcd: release socket
[  394.067685][  T102] vhci_hcd: disconnect device
[  394.069106][  T102] vhci_hcd: stop threads
[  394.070834][  T102] vhci_hcd: release socket
[  394.072340][  T102] vhci_hcd: disconnect device
[  394.076124][  T102] vhci_hcd: stop threads
[  394.077329][  T102] vhci_hcd: release socket
[  394.081205][  T102] vhci_hcd: disconnect device
[  394.142728][   T65] vhci_hcd: vhci_device speed not set
[  394.501413][T13518] lo speed is unknown, defaulting to 1000
[  394.740730][T13526] 9pnet_fd: Insufficient options for proto=fd
[  394.799956][T13534] FAULT_INJECTION: forcing a failure.
[  394.799956][T13534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  394.803711][T13534] CPU: 1 UID: 0 PID: 13534 Comm: syz.1.1979 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  394.803735][T13534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  394.803741][T13534] Call Trace:
[  394.803745][T13534]  <TASK>
[  394.803749][T13534]  dump_stack_lvl+0x16c/0x1f0
[  394.803765][T13534]  should_fail_ex+0x512/0x640
[  394.803778][T13534]  _copy_from_user+0x2e/0xd0
[  394.803790][T13534]  drm_ioctl+0x4fb/0xc30
[  394.803805][T13534]  ? __pfx_drm_mode_getresources+0x10/0x10
[  394.803822][T13534]  ? __pfx_drm_ioctl+0x10/0x10
[  394.803844][T13534]  drm_compat_ioctl+0x327/0x460
[  394.803860][T13534]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  394.803876][T13534]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  394.803890][T13534]  __do_fast_syscall_32+0x73/0x120
[  394.803903][T13534]  do_fast_syscall_32+0x32/0x80
[  394.803914][T13534]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  394.803926][T13534] RIP: 0023:0xf739e579
[  394.803935][T13534] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  394.803944][T13534] RSP: 002b:00000000f4fe455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  394.803954][T13534] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000c04064a0
[  394.803960][T13534] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[  394.803966][T13534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  394.803971][T13534] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  394.803976][T13534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  394.803988][T13534]  </TASK>
[  394.851289][    C1] vkms_vblank_simulate: vblank timer overrun
[  395.126710][T13542] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1983'.
[  395.130482][T13542] netlink: zone id is out of range
[  395.131978][T13542] netlink: zone id is out of range
[  395.133407][T13542] netlink: get zone limit has 8 unknown bytes
[  395.493724][T13544] lo speed is unknown, defaulting to 1000
[  396.577898][  T102] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  396.959095][T13572] lo speed is unknown, defaulting to 1000
[  397.154169][T13575] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1991'.
[  397.516167][ T6011] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  397.537366][T13587] 9pnet_fd: Insufficient options for proto=fd
[  397.686175][ T6011] usb 7-1: Using ep0 maxpacket: 32
[  397.690038][ T6011] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  397.692781][ T6011] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  397.695196][ T6011] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  397.697842][ T6011] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  397.701217][ T6011] usb 7-1: config 0 descriptor??
[  397.861623][T13591] tmpfs: Bad value for 'uid'
[  397.863035][T13591] tmpfs: Bad value for 'uid'
[  398.206147][T13593] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  398.213471][T13593] kvm: pic: non byte read
[  398.215596][T13593] kvm: pic: level sensitive irq not supported
[  398.215843][T13593] kvm: pic: non byte read
[  398.222577][T13593] kvm: pic: level sensitive irq not supported
[  398.222821][T13593] kvm: pic: non byte read
[  398.227159][T13593] kvm: pic: level sensitive irq not supported
[  398.227407][T13593] kvm: pic: non byte read
[  398.231603][T13593] kvm: pic: level sensitive irq not supported
[  398.231858][T13593] kvm: pic: non byte read
[  398.235996][T13593] kvm: pic: level sensitive irq not supported
[  398.236298][T13593] kvm: pic: non byte read
[  398.240224][T13593] kvm: pic: level sensitive irq not supported
[  398.240483][T13593] kvm: pic: non byte read
[  398.244818][T13593] kvm: pic: level sensitive irq not supported
[  398.245073][T13593] kvm: pic: non byte read
[  398.249162][T13593] kvm: pic: level sensitive irq not supported
[  398.249406][T13593] kvm: pic: non byte read
[  398.253382][T13593] kvm: pic: level sensitive irq not supported
[  398.253627][T13593] kvm: pic: non byte read
[  398.257573][T13593] kvm: pic: level sensitive irq not supported
[  398.678356][T13601] block nbd0: not configured, cannot reconfigure
[  398.684930][T13603] netlink: 'syz.2.1992': attribute type 10 has an invalid length.
[  398.703052][T13603] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  399.156195][T13607] block nbd1: not configured, cannot reconfigure
[  399.956026][T13614] lo speed is unknown, defaulting to 1000
[  400.221358][   T65] usb 7-1: USB disconnect, device number 25
[  400.664069][T13630] lo speed is unknown, defaulting to 1000
[  401.014209][T13633] lo speed is unknown, defaulting to 1000
[  401.513789][T13638] 9pnet_fd: Insufficient options for proto=fd
[  401.522623][T13641] can: request_module (can-proto-0) failed.
[  401.606435][ T1143] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  402.121661][T13652] tmpfs: Bad value for 'uid'
[  402.124694][T13652] tmpfs: Bad value for 'uid'
[  402.899634][T13665] Cannot find add_set index 0 as target
[  403.130003][T13666] lo speed is unknown, defaulting to 1000
[  403.700947][T13680] 9pnet_fd: Insufficient options for proto=fd
[  403.991660][T13689] FAULT_INJECTION: forcing a failure.
[  403.991660][T13689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  403.995698][T13689] CPU: 3 UID: 0 PID: 13689 Comm: syz.1.2019 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  403.995713][T13689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  403.995719][T13689] Call Trace:
[  403.995723][T13689]  <TASK>
[  403.995727][T13689]  dump_stack_lvl+0x16c/0x1f0
[  403.995742][T13689]  should_fail_ex+0x512/0x640
[  403.995755][T13689]  _copy_to_user+0x32/0xd0
[  403.995768][T13689]  simple_read_from_buffer+0xcb/0x170
[  403.995783][T13689]  proc_fail_nth_read+0x197/0x270
[  403.995797][T13689]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  403.995812][T13689]  ? rw_verify_area+0xcf/0x680
[  403.995823][T13689]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  403.995837][T13689]  vfs_read+0x1de/0xc70
[  403.995852][T13689]  ? __pfx___mutex_lock+0x10/0x10
[  403.995863][T13689]  ? __pfx_vfs_read+0x10/0x10
[  403.995880][T13689]  ? __fget_files+0x20e/0x3c0
[  403.995898][T13689]  ksys_read+0x12a/0x240
[  403.995911][T13689]  ? __pfx_ksys_read+0x10/0x10
[  403.995925][T13689]  ? rcu_is_watching+0x12/0xc0
[  403.995940][T13689]  __do_fast_syscall_32+0x73/0x120
[  403.995953][T13689]  do_fast_syscall_32+0x32/0x80
[  403.995964][T13689]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  403.995977][T13689] RIP: 0023:0xf739e579
[  403.995984][T13689] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  403.995994][T13689] RSP: 002b:00000000f5026590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  403.996003][T13689] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5026620
[  403.996009][T13689] RDX: 000000000000000f RSI: 00000000f738cff4 RDI: 0000000000000000
[  403.996014][T13689] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  403.996020][T13689] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  403.996025][T13689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  403.996037][T13689]  </TASK>
[  404.142506][T13691] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  404.144353][T13691] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  404.146536][T13691] vhci_hcd vhci_hcd.0: Device attached
[  404.326377][  T835] vhci_hcd: vhci_device speed not set
[  404.356761][T13702] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  404.569401][  T835] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[  404.888207][T13706] tmpfs: Bad value for 'uid'
[  404.889664][T13706] tmpfs: Bad value for 'uid'
[  404.968345][T13692] vhci_hcd: connection reset by peer
[  404.971231][   T84] vhci_hcd: stop threads
[  404.973459][   T84] vhci_hcd: release socket
[  404.976575][   T84] vhci_hcd: disconnect device
[  405.394027][T13717] Cannot find add_set index 0 as target
[  405.514461][T13715] lo speed is unknown, defaulting to 1000
[  405.794760][T13725] veth0_to_team: entered promiscuous mode
[  405.863754][T13730] tmpfs: Bad value for 'mode'
[  405.898461][T13734] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2031'.
[  405.968504][T13736] 9pnet_fd: Insufficient options for proto=fd
[  406.407208][T13746] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  406.409620][T13746] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  406.412387][T13746] vhci_hcd vhci_hcd.0: Device attached
[  406.497157][T13749] mkiss: ax0: crc mode is auto.
[  406.517046][T13749] ksmbd: Unknown IPC event: 3, ignore.
[  406.631272][T13747] vhci_hcd: connection closed
[  406.632046][ T1143] vhci_hcd: stop threads
[  406.636238][ T1143] vhci_hcd: release socket
[  406.638525][ T1143] vhci_hcd: disconnect device
[  406.656500][   T34] usb 39-1: new low-speed USB device number 3 using vhci_hcd
[  406.658584][   T34] usb 39-1: enqueue for inactive port 0
[  406.738922][   T34] vhci_hcd: vhci_device speed not set
[  406.806345][ T1139] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  409.622733][T13786] block nbd3: not configured, cannot reconfigure
[  409.699465][  T835] vhci_hcd: vhci_device speed not set
[  410.254373][T13806] block nbd3: not configured, cannot reconfigure
[  410.395714][T13809] 9pnet_fd: Insufficient options for proto=fd
[  410.860000][T13807] ------------[ cut here ]------------
[  410.861653][T13807] WARNING: CPU: 1 PID: 13807 at mm/shmem.c:1388 shmem_evict_inode+0x8f0/0xbe0
[  410.864254][T13807] Modules linked in:
[  410.865591][T13807] CPU: 1 UID: 0 PID: 13807 Comm: iou-sqp-13806 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  410.870645][T13807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  410.873624][T13807] RIP: 0010:shmem_evict_inode+0x8f0/0xbe0
[  410.875199][T13807] Code: fe e8 64 37 be ff 45 85 ff 75 ac e8 1a 3c be ff 48 8b 74 24 28 48 8b 7c 24 30 e8 db 5e 97 ff e9 e3 fd ff ff e8 01 3c be ff 90 <0f> 0b 90 e9 4f f9 ff ff e8 f3 3b be ff 4c 89 e2 48 b8 00 00 00 00
[  410.880840][T13807] RSP: 0018:ffffc9000ed2f768 EFLAGS: 00010293
[  410.882551][T13807] RAX: 0000000000000000 RBX: ffff888025768808 RCX: ffffffff81fcfd1e
[  410.884973][T13807] RDX: ffff8880226a0000 RSI: ffffffff81fd03cf RDI: 0000000000000007
[  410.887213][T13807] RBP: ffffc9000ed2f890 R08: 0000000000000007 R09: 0000000000000000
[  410.889387][T13807] R10: 0000000000000008 R11: 0000000000000000 R12: 0000000000000008
[  410.891594][T13807] R13: 0000000000000000 R14: ffffed1004aed0fd R15: 1ffff11004aed0df
[  410.893764][T13807] FS:  0000000000000000(0000) GS:ffff8880978c1000(0000) knlGS:0000000000000000
[  410.896371][T13807] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  410.898257][T13807] CR2: 00000000f5044bac CR3: 000000000e182000 CR4: 0000000000352ef0
[  410.900537][T13807] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  410.902738][T13807] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  410.905200][T13807] Call Trace:
[  410.906192][T13807]  <TASK>
[  410.907046][T13807]  ? __pfx_shmem_evict_inode+0x10/0x10
[  410.908851][T13807]  ? __pfx_inode_wait_for_writeback+0x10/0x10
SYZFAIL: failed to recv rpc
[  410.910789][T13807]  ? find_held_lock+0x2b/0x80
[  410.912359][T13807]  ? evict+0x3a2/0x920
[  410.913641][T13807]  ? __pfx_shmem_evict_inode+0x10/0x10
[  410.915202][T13807]  evict+0x3e3/0x920
[  410.916386][T13807]  ? __pfx_evict+0x10/0x10
[  410.917643][T13807]  ? iput+0x519/0x880
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  410.918853][T13807]  iput+0x521/0x880
[  410.919968][T13807]  ? __pfx_generic_delete_inode+0x10/0x10
[  410.921580][T13807]  dentry_unlink_inode+0x29c/0x480
[  410.923005][T13807]  __dentry_kill+0x1d0/0x600
[  410.924335][T13807]  dput.part.0+0x4b1/0x9b0
[  410.925588][T13807]  dput+0x1f/0x30
[  410.926714][T13807]  __fput+0x51c/0xb70
[  410.927844][T13807]  ? _raw_spin_unlock_irq+0x23/0x50
[  410.929295][T13807]  task_work_run+0x14d/0x240
[  410.930676][T13807]  ? __pfx_task_work_run+0x10/0x10
[  410.932132][T13807]  ? do_raw_spin_unlock+0x172/0x230
[  410.933577][T13807]  do_exit+0xafb/0x2d10
[  410.934735][T13807]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  410.936261][T13807]  ? __pfx_do_exit+0x10/0x10
[  410.937549][T13807]  ? rcu_is_watching+0x12/0xc0
[  410.938953][T13807]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  410.940680][T13807]  io_sq_thread+0x101f/0x1c40
[  410.942006][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  410.943418][T13807]  ? __pfx_autoremove_wake_function+0x10/0x10
[  410.945342][T13807]  ? __lock_acquire+0xaa4/0x1ba0
[  410.946773][T13807]  ? do_raw_spin_lock+0x12c/0x2b0
[  410.948223][T13807]  ? find_held_lock+0x2b/0x80
[  410.949537][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  410.950952][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  410.952540][T13807]  ? rcu_is_watching+0x12/0xc0
[  410.953907][T13807]  ? _raw_spin_unlock_irq+0x23/0x50
[  410.955360][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  410.956811][T13807]  ret_from_fork+0x45/0x80
[  410.958066][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  410.959486][T13807]  ret_from_fork_asm+0x1a/0x30
[  410.960838][T13807]  </TASK>
[  410.961733][T13807] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  410.963762][T13807] CPU: 1 UID: 0 PID: 13807 Comm: iou-sqp-13806 Not tainted 6.14.0-syzkaller-12245-g91e5bfe317d8 #0 PREEMPT(full) 
[  410.967034][T13807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  410.970093][T13807] Call Trace:
[  410.971047][T13807]  <TASK>
[  410.971894][T13807]  dump_stack_lvl+0x3d/0x1f0
[  410.973183][T13807]  panic+0x71c/0x800
[  410.974278][T13807]  ? __pfx_panic+0x10/0x10
[  410.975533][T13807]  ? show_trace_log_lvl+0x29b/0x3e0
[  410.976983][T13807]  ? check_panic_on_warn+0x1f/0xb0
[  410.978412][T13807]  ? shmem_evict_inode+0x8f0/0xbe0
[  410.979863][T13807]  check_panic_on_warn+0xab/0xb0
[  410.981257][T13807]  __warn+0xf6/0x3c0
[  410.982351][T13807]  ? shmem_evict_inode+0x8f0/0xbe0
[  410.983776][T13807]  report_bug+0x3c3/0x580
[  410.985004][T13807]  ? shmem_evict_inode+0x8f0/0xbe0
[  410.986426][T13807]  handle_bug+0x184/0x210
[  410.987655][T13807]  exc_invalid_op+0x17/0x50
[  410.988919][T13807]  asm_exc_invalid_op+0x1a/0x20
[  410.990302][T13807] RIP: 0010:shmem_evict_inode+0x8f0/0xbe0
[  410.991901][T13807] Code: fe e8 64 37 be ff 45 85 ff 75 ac e8 1a 3c be ff 48 8b 74 24 28 48 8b 7c 24 30 e8 db 5e 97 ff e9 e3 fd ff ff e8 01 3c be ff 90 <0f> 0b 90 e9 4f f9 ff ff e8 f3 3b be ff 4c 89 e2 48 b8 00 00 00 00
[  410.997146][T13807] RSP: 0018:ffffc9000ed2f768 EFLAGS: 00010293
[  410.998818][T13807] RAX: 0000000000000000 RBX: ffff888025768808 RCX: ffffffff81fcfd1e
[  411.001035][T13807] RDX: ffff8880226a0000 RSI: ffffffff81fd03cf RDI: 0000000000000007
[  411.003230][T13807] RBP: ffffc9000ed2f890 R08: 0000000000000007 R09: 0000000000000000
[  411.005421][T13807] R10: 0000000000000008 R11: 0000000000000000 R12: 0000000000000008
[  411.007601][T13807] R13: 0000000000000000 R14: ffffed1004aed0fd R15: 1ffff11004aed0df
[  411.009513][T13807]  ? shmem_evict_inode+0x23e/0xbe0
[  411.010756][T13807]  ? shmem_evict_inode+0x8ef/0xbe0
[  411.012126][T13807]  ? shmem_evict_inode+0x8ef/0xbe0
[  411.013514][T13807]  ? __pfx_shmem_evict_inode+0x10/0x10
[  411.014973][T13807]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  411.016607][T13807]  ? find_held_lock+0x2b/0x80
[  411.017900][T13807]  ? evict+0x3a2/0x920
[  411.019013][T13807]  ? __pfx_shmem_evict_inode+0x10/0x10
[  411.020526][T13807]  evict+0x3e3/0x920
[  411.021632][T13807]  ? __pfx_evict+0x10/0x10
[  411.022863][T13807]  ? iput+0x519/0x880
[  411.024020][T13807]  iput+0x521/0x880
[  411.025103][T13807]  ? __pfx_generic_delete_inode+0x10/0x10
[  411.026695][T13807]  dentry_unlink_inode+0x29c/0x480
[  411.028110][T13807]  __dentry_kill+0x1d0/0x600
[  411.029349][T13807]  dput.part.0+0x4b1/0x9b0
[  411.030560][T13807]  dput+0x1f/0x30
[  411.031567][T13807]  __fput+0x51c/0xb70
[  411.032643][T13807]  ? _raw_spin_unlock_irq+0x23/0x50
[  411.034076][T13807]  task_work_run+0x14d/0x240
[  411.035367][T13807]  ? __pfx_task_work_run+0x10/0x10
[  411.036786][T13807]  ? do_raw_spin_unlock+0x172/0x230
[  411.038185][T13807]  do_exit+0xafb/0x2d10
[  411.039319][T13807]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  411.040825][T13807]  ? __pfx_do_exit+0x10/0x10
[  411.042133][T13807]  ? rcu_is_watching+0x12/0xc0
[  411.043475][T13807]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  411.045125][T13807]  io_sq_thread+0x101f/0x1c40
[  411.046402][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  411.047773][T13807]  ? __pfx_autoremove_wake_function+0x10/0x10
[  411.049390][T13807]  ? __lock_acquire+0xaa4/0x1ba0
[  411.050725][T13807]  ? do_raw_spin_lock+0x12c/0x2b0
[  411.052146][T13807]  ? find_held_lock+0x2b/0x80
[  411.053455][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  411.054778][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  411.056174][T13807]  ? rcu_is_watching+0x12/0xc0
[  411.057480][T13807]  ? _raw_spin_unlock_irq+0x23/0x50
[  411.058878][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  411.060227][T13807]  ret_from_fork+0x45/0x80
[  411.061440][T13807]  ? __pfx_io_sq_thread+0x10/0x10
[  411.062837][T13807]  ret_from_fork_asm+0x1a/0x30
[  411.064206][T13807]  </TASK>
[  411.065594][T13807] Kernel Offset: disabled
[  411.066780][T13807] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:07:24  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000b60b63 RBX=0000000000000000 RCX=ffffffff8b6ef169 RDX=0000000000000000
RSI=ffffffff8dbe5cdf RDI=ffffffff8bf44460 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e18
R8 =0000000000000001 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90864010 R15=0000000000000000
RIP=ffffffff8b6f056f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055c7a608f280 CR3=000000004981a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008220202 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb220dbc0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4154414600544549 55510029646c253d 646970282064253a 29287338342e253a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4154414600544549 5551000c41490018 414c550d0541001f 0c0d561d110b001f
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=486fe7d3486fe7d3 486fe7d3486fe7d3 486fe7d3486fe7d3 486fe7d3486fe7d3 486fe7d3486fe7d3 486fe7d3486fe7d3 486fe7d3486fe7d3 486fe7d3486fe7d3
ZMM22=41ddcf4c41ddcf4c 41ddcf4c41ddcf4c 41ddcf4c41ddcf4c 41ddcf4c41ddcf4c 41ddcf4c41ddcf4c 41ddcf4c41ddcf4c 41ddcf4c41ddcf4c 41ddcf4c41ddcf4c
ZMM23=f51456c8f51456c8 f51456c8f51456c8 f51456c8f51456c8 f51456c8f51456c8 f51456c8f51456c8 f51456c8f51456c8 f51456c8f51456c8 f51456c8f51456c8
ZMM24=dd4c5debdd4c5deb dd4c5debdd4c5deb dd4c5debdd4c5deb dd4c5debdd4c5deb dd4c5debdd4c5deb dd4c5debdd4c5deb dd4c5debdd4c5deb dd4c5debdd4c5deb
ZMM25=85ff71ed85ff71ed 85ff71ed85ff71ed 85ff71ed85ff71ed 85ff71ed85ff71ed 85ff71ed85ff71ed 85ff71ed85ff71ed 85ff71ed85ff71ed 85ff71ed85ff71ed
ZMM26=2f24a09b2f24a09b 2f24a09b2f24a09b 2f24a09b2f24a09b 2f24a09b2f24a09b 2f24a09b2f24a09b 2f24a09b2f24a09b 2f24a09b2f24a09b 2f24a09b2f24a09b
ZMM27=cb50917ccb50917c cb50917ccb50917c cb50917ccb50917c cb50917ccb50917c cb50917ccb50917c cb50917ccb50917c cb50917ccb50917c cb50917ccb50917c
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=8410000084100000 8410000084100000 8410000084100000 8410000084100000 8410000084100000 8410000084100000 8410000084100000 8410000084100000
info registers vcpu 1

CPU#1
RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854b7415 RDI=ffffffff9ae0aa80 RBP=ffffffff9ae0aa40 RSP=ffffc9000ed2f0d0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000003a R14=ffffffff9ae0aa40 R15=ffffffff854b73b0
RIP=ffffffff854b743f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978c1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5044bac CR3=000000000e182000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000006145ef RBX=0000000000000002 RCX=ffffffff8b6ef169 RDX=0000000000000000
RSI=ffffffff8dbe5cdf RDI=ffffffff8bf44460 RBP=ffffed1003b55910 RSP=ffffc9000047fe00
R8 =0000000000000001 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000000000
R12=0000000000000002 R13=ffff88801daac880 R14=ffffffff90864010 R15=0000000000000000
RIP=ffffffff8b6f056f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979c1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5085da4 CR3=00000000660f8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000471900000000 0000017300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffffffff8ef5cb34 RCX=ffffffff84d34a89 RDX=ffff888043ec8000
RSI=ffffffff84d34a92 RDI=0000000000000005 RBP=0000000000000004 RSP=ffffc90002196b08
R8 =0000000000000005 R9 =0000000000000000 R10=00000000ffffffff R11=ffff88802acc0030
R12=0000000000000000 R13=dffffc0000000000 R14=0000000000000002 R15=ffff88802acc0000
RIP=ffffffff81bb4036 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ac1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000057667570 CR3=000000005d2c4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c2227daff4973b3b c7dab91cd38819d2
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 52aa1c5ee51348c1 02fb8601cf854967
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cc78e936a0fec624 0f92123dda37f428
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e46affc3f3b8c4aa 275e47d02b512dac
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000006800
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f9d8a1dff9e371f2 00000000f9e38a89
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0600800114008001 cc008001f9e39d80
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000016008001 f9e2f89500000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8000800100000000 0000000010008001
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5b26790ce2382b9d 2d702d9dc8991948
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e5ff5b493156098d f1a5cee0f1fdbf41
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000