last executing test programs:

7m7.546748153s ago: executing program 0 (id=11):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0500000001000000040000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYBLOB="000000000003000000366ab162edf5116a00f34b0ffb74561b144d4428cc69b7e64f67a759d408cdffa715629627b5794d262895a0a08ba60764d05fda98d9cf5c24bb9c85b8744d68922efafdca0136a75a78854a42a5"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, 0x0, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4014}, 0x8085)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000240)={'syztnl0\x00', 0x0, 0x4, 0x8, 0xfe, 0x9, 0xef2127cba3a209f7, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, 0x40, 0x10, 0x4, 0x3}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r4 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x1489c, &(0x7f0000000280)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x2}}]}})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mounts\x00')
preadv(r5, &(0x7f0000000c80)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x4b6, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r6 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(r6, 0xc0905664, &(0x7f00000002c0)={0x0, 0x0, '\x00', @bt={0x1, 0x5, 0x3, 0x7, 0x4, 0x7, 0xd, 0x5}})
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r7, 0x541c, &(0x7f0000000000))
ioctl$TIOCL_UNBLANKSCREEN(r7, 0x541c, &(0x7f00000000c0))
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r8, &(0x7f0000000080)=[{&(0x7f00000005c0)=""/237, 0xed}], 0x1, 0x9, 0x2)

7m6.163293751s ago: executing program 0 (id=16):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="050000000100000004000000050000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYBLOB="000000000003000000366ab162edf5116a00f34b0ffb74561b144d4428cc69b7e64f67a759d408cdffa715629627b5794d262895a0a08ba60764d05fda98d9cf5c24bb9c85b8744d68922efafdca0136a75a78854a42a5"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, 0x0, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4014}, 0x8085)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000240)={'syztnl0\x00', 0x0, 0x4, 0x8, 0xfe, 0x9, 0xef2127cba3a209f7, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, 0x40, 0x10, 0x4, 0x3}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r4 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x1489c, &(0x7f0000000280)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x2}}]}})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mounts\x00')
preadv(r5, &(0x7f0000000c80)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x4b6, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r6 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(r6, 0xc0905664, &(0x7f00000002c0)={0x0, 0x0, '\x00', @bt={0x1, 0x5, 0x3, 0x7, 0x4, 0x7, 0xd, 0x5}})
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r7, 0x541c, &(0x7f0000000000))
ioctl$TIOCL_UNBLANKSCREEN(r7, 0x541c, &(0x7f00000000c0))
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r8, &(0x7f0000000080)=[{&(0x7f00000005c0)=""/237, 0xed}], 0x1, 0x9, 0x2)

7m5.163155184s ago: executing program 0 (id=20):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SG_BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r3, &(0x7f00000003c0)='./file0\x00', 0x200, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a310000000008004100"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="38008c73d9f4f85a6dc47000fcdbdf250900020073797a32000000000800410073697700140033006c6f0000000000000000000000000000a6bfb239bc03f90e488e94ecc7d89e3d00cfaa2a29e01737984b560cf1292f770275cfac0668beed95b431da7181476f41329d177358e7c09a360e4a77b7c161d6970bed2f36fbb15457873e76019bbc5dd4d7ab284b49338c4d698d2036bd5d5af73c4b4f4eaf2835b1fab16da6d6fc1666c658ef92b5f3f0a4f6645f6271d41b356c6a0f5ff1058db6638447ab2d25d7449f96e4bfb5780bcc093176e148c2d52bb0"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x810)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_ifreq(r6, 0x8923, &(0x7f0000000040)={'lo\x00', @ifru_hwaddr=@multicast})
chdir(&(0x7f00000000c0)='./bus\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r7, &(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000200)='./bus/file0\x00', 0x0)

7m4.253750886s ago: executing program 0 (id=24):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x488})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x3af4701e)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, 0x0, 0x341200, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x90c20}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffe60000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
flock(r5, 0x1)
dup3(r2, r3, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000b0f000/0x3000)=nil)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$alg(0x26, 0x5, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)

7m3.943227371s ago: executing program 0 (id=27):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SG_BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r3, &(0x7f00000003c0)='./file0\x00', 0x200, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x810)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_ifreq(r6, 0x8923, &(0x7f0000000040)={'lo\x00', @ifru_hwaddr=@multicast})
chdir(&(0x7f00000000c0)='./bus\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r7, &(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000200)='./bus/file0\x00', 0x0)

7m3.354119082s ago: executing program 0 (id=29):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SG_BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r3, 0x0, 0x200, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="38008c73d9f4f85a6dc47000fcdbdf250900020073797a32000000000800410073697700140033006c6f0000000000000000000000000000a6bfb239bc03f90e488e94ecc7d89e3d00cfaa2a29e01737984b560cf1292f770275cfac0668beed95b431da7181476f41329d177358e7c09a360e4a77b7c161d6970bed2f36fbb15457873e76019bbc5dd4d7ab284b49338c4d698d2036bd5d5af73c4b4f4eaf2835b1fab16da6d6fc1666c658ef92b5f3f0a4f6645f6271d41b356c6a0f5ff1058db6638447ab2d25d7449f96e4bfb5780bcc093176e148c2d52bb0"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x810)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_ifreq(r6, 0x8923, &(0x7f0000000040)={'lo\x00', @ifru_hwaddr=@multicast})
chdir(&(0x7f00000000c0)='./bus\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r7, &(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000200)='./bus/file0\x00', 0x0)

7m3.314172676s ago: executing program 32 (id=29):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SG_BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r3, 0x0, 0x200, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="38008c73d9f4f85a6dc47000fcdbdf250900020073797a32000000000800410073697700140033006c6f0000000000000000000000000000a6bfb239bc03f90e488e94ecc7d89e3d00cfaa2a29e01737984b560cf1292f770275cfac0668beed95b431da7181476f41329d177358e7c09a360e4a77b7c161d6970bed2f36fbb15457873e76019bbc5dd4d7ab284b49338c4d698d2036bd5d5af73c4b4f4eaf2835b1fab16da6d6fc1666c658ef92b5f3f0a4f6645f6271d41b356c6a0f5ff1058db6638447ab2d25d7449f96e4bfb5780bcc093176e148c2d52bb0"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x810)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_ifreq(r6, 0x8923, &(0x7f0000000040)={'lo\x00', @ifru_hwaddr=@multicast})
chdir(&(0x7f00000000c0)='./bus\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r7, &(0x7f00000001c0)='./file0\x00', r7, &(0x7f0000000200)='./bus/file0\x00', 0x0)

2.937876212s ago: executing program 4 (id=2788):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESDEC=r0], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xd, &(0x7f0000000300)=@raw=[@ldst={0x3, 0x1, 0x2, 0xc84751365d2671b2, 0xa, 0x18, 0x1}, @cb_func={0x18, 0x3, 0x4, 0x0, 0x7}, @generic={0xf1, 0x2, 0x1, 0x10, 0x9}, @call={0x85, 0x0, 0x0, 0x7f}, @initr0={0x18, 0x0, 0x0, 0x0, 0x724, 0x0, 0x0, 0x0, 0xb}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @map_fd={0x18, 0x1, 0x1, 0x0, r1}], &(0x7f0000000400)='GPL\x00', 0x7a5, 0x88, &(0x7f0000000440)=""/136, 0x40f00, 0x2a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x1, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0xa, 0x2, 0x1}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000580)=[r1, r1], &(0x7f00000005c0)=[{0x2, 0x1, 0x1, 0x2}, {0x1, 0x5, 0x10, 0x7}, {0x0, 0x5, 0xf, 0xa}, {0x1, 0x2, 0x2, 0xc}, {0x2, 0x2, 0x9, 0x1}, {0x0, 0x1, 0xa, 0x1}, {0x3, 0x3, 0x4, 0x3}, {0x5, 0x2, 0x4}], 0x10, 0x7, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x6, 0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r3, 0xffffffffffffffff, 0x38, 0x0, @val=@tracing={0x0, 0x2}}, 0x20)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)={0xaa, 0x497})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="0209df2f71485a8f6b25d2fd3a4fd600"], 0x10}}, 0x0)
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000bea000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000aaf000/0x6000)=nil, &(0x7f0000499000/0x14000)=nil, &(0x7f00007ea000/0x4000)=nil, &(0x7f000054b000/0x4000)=nil, &(0x7f00008a5000/0x3000)=nil, &(0x7f0000509000/0x4000)=nil, &(0x7f0000b5c000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)="3fafa9fef6d6504bb663d69d5de516f723554f45bb9cb29e85911639d05ad518e0ff45f7526f408394b35cbcd2c1ce0724d1fa48e31a4e670a4b5bf52e13b44871c23b08ef0285214490090b824478ac7ebe8ee940d1a837584a083bbbf8ab5875f6f41c7a905f83ce", 0x69, r4}, 0x64)

2.931197547s ago: executing program 4 (id=2790):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f00000031c0)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, &(0x7f0000000040)=[{0xc, 0x29, 0x4}], 0xc}, 0x8080)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x5, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000004c0)="cc", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000b80)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c4cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd1e53369a87caf6894fce811a64dad315402678de", 0x38f}, {&(0x7f00000003c0)="439e9c06fc666cabc8569d63a866b31ff3ceda1e28f23f455e96a02001fc3fb089ed9e5234", 0x25}], 0x2}}], 0x2, 0x0)

2.902595359s ago: executing program 4 (id=2791):
syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x10d480)
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="05000000020004000300000001"], 0x48)
bpf$BPF_GET_PROG_INFO(0x4, &(0x7f0000000340)={r1, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32], 0x24}}, 0x0)
connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r0, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f00000001c0), 0x2000000000000112}, 0x3268455f}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)=""/171, 0xab}], 0x1}, 0xfffffff9}], 0x2, 0x2, 0x0)
r2 = fsopen(&(0x7f0000000100)='binfmt_misc\x00', 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xd)
r4 = dup(r3)
write$RDMA_USER_CM_CMD_DESTROY_ID(r4, 0x0, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x300, 0x0, 0x0, 0x0, 0x37a0}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000032680)=""/102392, 0x18ff8)
r8 = fsmount(r2, 0x0, 0x0)
syz_genetlink_get_family_id$smc(0x0, r8)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xa00)
sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)

2.022986632s ago: executing program 2 (id=2792):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000180)=@nullb, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='bfs\x00', 0x30004, 0x0)
r0 = userfaultfd(0x801)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010823010000340200000200000008000100", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40448c0}, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040))
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)=@o_path={0xffffffffffffffff, 0x0, 0x4000}, 0x14)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="140100002d000100000000000000000001010080"], 0x114}], 0x1}, 0x0)
r5 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xffffffff, 0xffdffffe}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
openat$cgroup_root(0xffffff9c, &(0x7f0000000300)='./cgroup/syz1\x00', 0x200002, 0x0)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xcd})
ioctl$UFFDIO_WRITEPROTECT(r8, 0xc018aa06, &(0x7f0000000040)={{&(0x7f0000a17000/0x2000)=nil, 0x2000}, 0x3})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0xc0, &(0x7f0000000340)=0x29, 0x0, 0x4)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r10, 0x4040ae77, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r10, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, 0x1})
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0x0, {0x5006}})
io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.784791849s ago: executing program 3 (id=2793):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000940)=@newqdisc={0x38, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}]}, 0x38}}, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10)
ioctl$SOUND_MIXER_WRITE_RECSRC(r5, 0xc0044dff, &(0x7f00000000c0)=0x6)
listen(0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000800000000000000000850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
creat(&(0x7f0000000140)='./file0\x00', 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r10, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r9, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26)
connect$pppl2tp(r8, &(0x7f0000000380)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0xfffc, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26)
sendmmsg(r7, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
pipe2$9p(&(0x7f0000000cc0), 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5bbf91a1e7f99074, &(0x7f0000000000))
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.73270383s ago: executing program 4 (id=2794):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
unshare(0x62040200)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x70, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x20001300, 0x20001330], 0x0, 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000006d9300000000000000000000000000000000feffffff00000000"]}, 0xe0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000005400)={'broute\x00', 0x0, 0x0, 0x0, [0x0, 0x7, 0x0, 0x0, 0x200, 0x7d], 0x0, 0x0, 0x0}, &(0x7f00000001c0)=0x50)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000080)={'nat\x00', 0x0, 0x0, 0x0, [0x5, 0x1, 0x7fff, 0x7fff, 0x1, 0x10000]}, &(0x7f0000000100)=0x50)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x800, 0x70bd2c, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x9, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x7c45, &(0x7f0000000080)={0x0, 0x20, 0x40, 0x0, 0xfffffffc}, 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
syz_io_uring_setup(0x117, &(0x7f0000000100), &(0x7f0000000280)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r6}, &(0x7f0000000640), &(0x7f0000000200)}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='mm_page_free\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}}, &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x3e, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.732242189s ago: executing program 2 (id=2795):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.731750953s ago: executing program 2 (id=2796):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x3}}, './file0\x00'})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010028bd7000fbdbdf2505000000200001800dfaffffff02000000000000000000000c000280080001"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x100)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000580)={0x0, 0x1, 0x0, &(0x7f0000000100)=""/47, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000005c0)=""/85, 0x0}) (async)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f00000016c0))
ioctl$VHOST_SET_LOG_BASE(r2, 0x4008af00, &(0x7f0000000140)) (async)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x1)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
recvmmsg(r3, &(0x7f0000001e80)=[{{0x0, 0x0, 0x0}, 0xd21}], 0x1, 0x40000023, 0x0) (async)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a0000040502"], 0x528}}, 0xc000)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
shutdown(r1, 0x0)
r5 = fsopen(&(0x7f0000000100)='udf\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000480)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0xff, 0x7fff0010}]})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r6, 0x40082102, &(0x7f0000000080))
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_AUDOUT(r7, 0x80345631, &(0x7f0000000040)) (async)
ioctl$TCXONC(r4, 0x540a, 0x2)

1.662923837s ago: executing program 2 (id=2797):
socket$netlink(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000200)=[@in6={0xa, 0x0, 0x0, @mcast1}]}, &(0x7f0000000240)=0xc)
process_vm_readv(r0, &(0x7f0000008400)=[{0x0}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
dup(r2)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000001380)=0xa0000)
sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0xfffffffffffffffe)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000040)={@hyper, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, 0x0)
sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, 0x0, 0x4020801)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0xd, 0x1, 0x200, &(0x7f0000000cc0)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714b5e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2903d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000600000000000000000000f80000000000000000000000000000000000000000005593e85f00"})

1.572747993s ago: executing program 2 (id=2798):
syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x10d480)
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="05000000020004000300000001"], 0x48)
bpf$BPF_GET_PROG_INFO(0x4, &(0x7f0000000340)={r1, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32], 0x24}}, 0x0)
connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r0, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f00000001c0), 0x2000000000000112}, 0x3268455f}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)=""/171, 0xab}], 0x1}, 0xfffffff9}], 0x2, 0x2, 0x0)
r2 = fsopen(&(0x7f0000000100)='binfmt_misc\x00', 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xd)
r4 = dup(r3)
write$RDMA_USER_CM_CMD_DESTROY_ID(r4, 0x0, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x300, 0x0, 0x0, 0x0, 0x37a0}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000032680)=""/102392, 0x18ff8)
fsmount(r2, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)

1.422069018s ago: executing program 3 (id=2799):
socket$netlink(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{0x0}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
dup(r2)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000001380)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000040)={@hyper, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, 0x0)
sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, 0x0, 0x4020801)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0xd, 0x1, 0x200, &(0x7f0000000cc0)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714b5e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2903d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000600000000000000000000f80000000000000000000000000000000000000000005593e85f00"}) (fail_nth: 2)

1.181690619s ago: executing program 3 (id=2800):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x58, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x40, 0x0, 0x2, 0x5, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x40}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0db2b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec08647566b1bdd75d6a9a1e600aaf0f42ce94b4725d4c2da80150dc34e5975d6904f061ed9a7608959f2d24ee6ec4f2395d16e02f53c746f74b12013f738d76456c3407188eff97f31ca36e5d79e1f1c7c3b688ee21d37ba5ebf4afc2a61f16"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$packet(0x11, 0xa, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
syz_emit_ethernet(0x33, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa000000000000080045000025000000000011907800000000ffffe5c2dda84e2000119078010000009d0078eeace824dfd3440f936bbf06968027b50b62308a67289f01452a1710c3103c27a245d820c59ddc6a5cbe417ca20d9b469e8e8055c0f1574899f5f1672be5dc9330aab01f47481c06d23c002e85db7cf51cf7c92f1e874f0bf48a3242fd6764251766ef5f3bf7e18e021651905d6db25d6066a7a8cded220e8c1be5350eee56cc499eb41050b2ec7bed4e83beeeda68e9b4e280a1f287869ccb9dad459da93436a7e07e2b9b11eb72840792e7531547"], 0x0)

1.103704831s ago: executing program 1 (id=2801):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x101)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$inet(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000100)='_', 0x1}], 0x1}, 0x880)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x8010}, 0x84)

1.09913608s ago: executing program 1 (id=2802):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x0, 0x0, 0xfffffffd}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000940)=@newqdisc={0x38, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}]}, 0x38}}, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000800000000000000000850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
creat(&(0x7f0000000140)='./file0\x00', 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r8 = syz_open_dev$video4linux(&(0x7f0000000000), 0x7, 0x802)
ioctl$VIDIOC_SUBDEV_S_CROP(r8, 0xc038563c, &(0x7f0000000240)={0x0, 0x0, {0x88, 0x80000003, 0x7fffffff, 0x7ffffffc}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1f, 0x11, &(0x7f0000000580)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r9}, 0xc)
r10 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg(r10, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
r11 = syz_open_dev$usbmon(&(0x7f0000000c80), 0x0, 0x800)
ioctl$MON_IOCX_MFETCH(r11, 0xc00c9207, &(0x7f0000000d00)={0x0})
pipe2$9p(&(0x7f0000000cc0), 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5bbf91a1e7f99074, &(0x7f0000000000))
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "3000bb", 0x10, 0x2b, 0x0, @private2, @local, {[@hopopts={0x87}], {0x0, 0x0, 0x8}}}}}}, 0x0)

826.013023ms ago: executing program 4 (id=2803):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x0, 0x0, 0xfffffffd}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, @private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000940)=@newqdisc={0x38, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}]}, 0x38}}, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000800000000000000000850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
creat(&(0x7f0000000140)='./file0\x00', 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r8 = syz_open_dev$video4linux(&(0x7f0000000000), 0x7, 0x802)
ioctl$VIDIOC_SUBDEV_S_CROP(r8, 0xc038563c, &(0x7f0000000240)={0x0, 0x0, {0x88, 0x80000003, 0x7fffffff, 0x7ffffffc}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1f, 0x11, &(0x7f0000000580)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r9}, 0xc)
r10 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg(r10, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
r11 = syz_open_dev$usbmon(&(0x7f0000000c80), 0x0, 0x800)
ioctl$MON_IOCX_MFETCH(r11, 0xc00c9207, &(0x7f0000000d00)={0x0})
pipe2$9p(&(0x7f0000000cc0), 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5bbf91a1e7f99074, &(0x7f0000000000))
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "3000bb", 0x10, 0x2b, 0x0, @private2, @local, {[@hopopts={0x87}], {0x0, 0x0, 0x8}}}}}}, 0x0)

653.087497ms ago: executing program 2 (id=2804):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r1 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r1}, &(0x7f0000000080))
read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)

256.922148ms ago: executing program 3 (id=2805):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x101)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$inet(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000100)='_', 0x1}], 0x1}, 0x880)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x8010}, 0x84) (fail_nth: 2)

187.425078ms ago: executing program 1 (id=2806):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000080)='./file0\x00', 0x8)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
pipe2$watch_queue(&(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
prlimit64(0x0, 0x7, &(0x7f0000000440), 0x0)
r4 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r5 = add_key(&(0x7f0000000140)='cifs.spnego\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, r4)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r3, 0x0)
r6 = socket(0x21, 0x2, 0x2)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, 0x0, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r2, 0xffffffff)
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r7=>0x0}, 0x2020)
openat$fb0(0xffffff9c, &(0x7f0000000200), 0x8080, 0x0)
syz_fuse_handle_req(r1, &(0x7f0000004300)="f6c5cdd50b89338e6f0228b937225c21a87072407fe83d5fecd7bcca9b3fb6c714baa7d905bd76d4f38eba0ffafc067da9e5b2a863dbea1f11e32b455862ad205d1de267dbf9edb296fda48092e372fd3166c91d636b627f4ce223d2fff7db30abd245c174812a8ebfce720483d74f6658daaba3ea9e453d789d9d1d8b63c91f02b1282f122d5847241f305a5d791a7188c946ed5d5e5343c04968e62b064aeadeafd55ddb6a1b724a9adf29b15c4c55c9afd709d19cf29df117c69d1f855b647f2d6dc3ad9cc2e413cda65ca8d3fd777fdf88827428723d37b89a7330dddd234f39187db8e54905b8eb0dc851f51ff37b5deb69b64bbd27b72881267f94a88974a56b1d3178d49c209d6f4e974c00f25a87255c3804b1150f98d46437f5333b200651dfd1ae939125483cec1690ecb4d449ae4f2bdf88d50382440dbe1699017f21c0f1e0c85cd339a9f87046af063b54b923d4eaa04fc8dabb3bb3e3bc83f0657b5a3c4cdfce3c325abe45a39b794d13057e3a036ec20c4eb1c18a7501a8bf3899626fe01b2b9c18ab08eaa972ab9f8a786888162c7f77db751c1ab88db854ad8a99c7307a52571fd4d0a8ca5a6f4f5e46396bab29e4a5bb6f7c40404be7357b47028a1cd2b780abbba9e37d182866a9171ddea543a5684ff6445d4c3ba61b4300a1556e85518301862b398e43f61d461054469f693c42f995a000dc9b950b277bbc5a9bec872462a0938ef0e0ba4f4d2bff4d81804996a9f97893c02b2deff1abf1a6cb7987f446132f55a10aaf537d93422ed22fa659ceda5939cf18398f8632a257abbf68d4854e452ceb5acc02c7b65d67b582e159fb5039ecfe636dfd00218f2e5d1e2ebeca027472d63fdd2b61d7bbd9258a3fbb14ee2559845a638e07bbde84f87a42b59a09c1bc877b7e51a4ea42c64bcb3b3c8043f1604c569308bd6ddf438204df167580f5aefe2a8beabb77a8fd3392f99e3a43a7cfa0a68b1b21a307aeecd5b7a3742d74ff1790b13f1026ebec296210301d48d9354646382a18d247300bfd8aca878051a2d667ad2ee489edfeb3c1c912cc6a6c573fd92dd4cd1b6d2fb1bbdc86ddd8bf515c28f15ebafe858df78e8a783b293db3144c44397cbaeeadea44655c6350562166bda3accf7a2e65cf3eb7beace08760337e2dff8c9611fb131b345f44dba2aa2eee0bb4ec719c59a269e71ffc0775c5c193e341a833d38edf8a1f01f66b9fd039ff55c884257ec7330f333e579e66ac67097bfe31b2b78d88b81b640351da3bea710e38d8b50b0a63814f4638df1680d2217dfe7364dc228ea79f74e678b338105391e8c1e041cae3d2ccb9d1b034d96b811bf06515b3f4dd02cf2cf9f9884a6a1af39f219fde0b1caee2065536b8e900bf4fe9d87396cb0854ff28db253382a8f1e6c2a2805b5d5c8b756640a49a092f8fbc5ab87e511d790519e9e79c1336b2af288b1b07871858966197f65919009c435e6ca5bc89a15fae0e3534e50cbacb3cb2ee519a9894f08facb453a7ada35c0cd8e6ac71cf9ceb21c1b944d81a16a3299c730fe1ddb164505e2df5e4dc7f46c3fa3230a9cc3845298d4abf909565a67be3316ca881540f2920c8fb6ffe5ffc66ef477476cc4941ba03795287f408b6175df89274e189bc2e12e93f5d8aaa532400946a7a0cb6cacb55d4947d0c02da9e2345b4d0cc92a570019ac51f64b29b7e509109500f9fe8129196bc46230a1848ad7dc721efd97f1cbee41a1e520da4cda9fa5a0024d7865e637d0f17f240647f11f4d41a39e29643917f6ccd8680d83cfaa33081c3dd613ba2ebe736539834ba7977d2617b85b073a4532c8e6cb3dc3ecb492f23b573ee103ad6c56a5930904e836e9390a8b20470de2c7e0d1b52000366cbc198caa4917b593334a449840a093bbd709a6f835eb4338e23b12f59efd0fe6a8f7d108e6c40d63b06b43639a73822b431b636c3c6cfa2c973fd43aab1ebb560eb5b556b98758583195190651d9f12bec2a2db9c87f879af59d9e72786e416ea8fa36ff4a4f08d56c5e208b9995fd9ed0607d3af20b1eb51dc0943cd96bee0cc78875fac1dc471f80664ef9eb1f146d5b6871842ae1c51e83523f28a149346df307eae77929a81c235f5593d7eb30581b0650a8759d5a59b5c2697c461e17d8458b13dc88935b878f71f0597d46924bc84714ca7af2df5749b1b0fbe1950aade8d85555887809f9d4cb5d8d6cdd0ddede90e2fd122d1168f0c7e535aefe0385ce12a5cb1060498ba51b28fc344e6c6094b1cf6263007e299d7ceae7814c664f43bc2b8e989779e1a2a36e7e209175c197117966925ced8cd941fb4d37d05a5c771ba579671d505d6af7fb70fe764d906fa84f046fb4429d82bc7f4ed72f686bf2f923ec7bd48b1be8773ef8a51235825cb6c54d444021e823ba2614e7d93920a96d23f19d9adfcabe1716fea4979ef4d74fadc6fd53e8d6c6704c4eb04a039ba4c83d15afdb195a36f292ba9a2728cd85311076aa6a484c01fbf9fad617f4870fcbd1cd453aeaa391968287263852732552443e3388bd07d975cd2a11624fa2d0d931034b940c4b2babe262706c6cd72007c5fd5744564babc9fc37da476cb38ed0de6b530864e26a6febeb8d901d40c771a0cf2f498830487d83368ff3f8af68a0ffa5762d3f2c9cf2a66e2338d3e3655b647685c2dcacba997eac420d5618c3d268b85795fa49e37ee504521017439581a6c5c064f0184e4cad2b8134e2f9b9ec42981c155775d7d744bfff7adb3f7599f159c7cf1d7d56fb7cddf5b4f8ee8a3dcfbc1151b3d253771db09879f48c3c0cc9506e97c776fa8251c21d5fed9dba8ca6674e45ac2a6bef86ae18b175ffb5d281f58527661ef7d5651b28db85c1b7cc305ab5b34fb49a32778390d3b6d4e78d06d3d863eff86435d36be3043529fb9b4d061a7a983d6e287fa83925dfab1b526d6bf510a29f9d6ad493bbb4da5fdf0aef4f16ff50799b016dc4230aaf87b9ef8953f8ad522ab4c3ec3209a57852cbdb5e39628ad107b248d6f07d123fb0e68d7b7aa8558478de5dee88032de6ccbbcab0ecfe8fccb1681816db894fdc24a9b6cf8ad5690efb01c8b4840255a5d5563b4cb73609f0a5337738e179fd9577bb795eb5a89a4ee4e2b2bed5fc65ba1efb911889e131a0b010c5699d7f6b869ffff3945208feee8d245eb45590f2c67b97d186307dbee5327ef60340386ae04d45f981061b80d33ed6db2e5dcd711d68f8d9befdca10334e9636de1a2d6e6de2888d0984aae79b636eb0576f6cc9f450320b7e946eb82e9e1f8b3477f382090c79a9524a69f3416eadba673ff24cb1846358680d370e6ae98230256ebad4826f90ef8189b95f3b6275950c33ec2781bf438bbcce8ee350f3c1475b026a6c189db5101981b21f82ba8d8f62e852ccc5109a2780c70eb4a0b014c0c06ef46ff506c481b8082154db687b644ff122e5f35af5882212834a5b696afda432241f966d5706fa7c00be4a4912b6adb8e5629d0e18bb2ed4e2d7b6dbe79920d21ed0491f7a5017ae5ccdee5b498f61bb9ad5845a6268abebf80338c20c09530675a8366bfd4ea746957dd7337f1c1184751b649a399891ad2b6306bb062b9b2dc8a8b09302ea3386ccd78d9a3a0314c3df264ce81048391ae66ec9eeda8c70efe95146205d0b6bed2c362f2920615d41c7d12fc3991000a080061dad4e34587ff1684c6756f55dfd249d2d62bef74b5e4a40a63a2bc14a473cf913d5a4fd289d1792fc693c4a5f85326eebc52994a34e16af861438f22633fc5a4ce0d30d37ac0e2277e072f78375d7b1443e1af9647c23decfc411a3d0def781ce6679d92872fbc27dbd4a7edc2acfe565103d472fbde7ac626248a5305cf6e1c5fc81e9b71adb2523839b9425c72a67409539d611240ff5ad04ea2b3d063e197f5663606aeb0b76fa2e1121e3815506fe4a9ac09d555c1b8d8c9749f5dd5096130aaab80d9b721a831013885e3a376a57f97db4f1878372c7ac241b7424b86d97ae5fa3a0943f55c64cdbb4aa3209c4fbee3d9ed201e2bfccee01d33bd99c01689e1f23b185acb82e75cd2a161c316334f4887c8225f11ec1354105e3180d67ebb3a98d1178cca8332eb73555f53ed86c7285fc6c85570be32e74baeece3d610cfb505e1ca6c02fabffbd9b4c80274db8faab4a4d29f8bfa6db38daf4ca8442aad66e40581f40a63e50b3a33d9a3e32f4440b761d149a8d71c138f74d5b0e10d9266788499a19f03a17726226e27c899c538bf4c219d7a035bdab2c5b347bcb176555fa451594050c6196a2236e5b0981eabab3519dd10ed1ffb6334476cbb06059384f02c164f278d49391c6069b9adf25c14870e2fe1f28abdb325d3101fe464f829e971067dc9231fc3bc9d0e2a6c8e13db15f4b69b3b028a587a092453296f7f790a547ba191bca2ca929d1477344d7ba30b826a10152580e5ed7418f481e4b10139a4acea1a1c42f748cafff8b0215c6be50e0af09905366f0403c53f8c746ff06ec45d69d3c4039d0980af45c8a2d6cadafe477ffe3451fce3bdc9644faf73ef3ca3e823526fdc086d82967b1a569cdb99ea26fe6d06a21fdfa7a8342089931240324b786f6be1b987c8fc9e9e602cb0ad66039a0147319a896134cc97a7f50b3a0c04c4f80b8a53ea222f5c009325eca6668e453d92e1577712af0297ffbc3e3365d504ebc1c7e825e045c30c0ad9067fcea6dd754c179c3febce85187611f78634c081192b430010987a852837015a3c2a70604e18c5d394207fa61fd3c51a8ac5ab263d1c15a9918f599338d21b894e6016337a5a31422867a775a7def8fb7cc3a41342175e05c891ebbd7318bf011ab2dcd865dc5efa3a9451d973951c96752803665567c08013259f14fd704d5d108cef5a38b4e2375aa241c5cfa99511e334cac9665a06f25da7d3fdb497363b119bb4d536a6803b3aed59143655ef6df225b5a9305979f77e32942ffb48e859da96a309ab57b68fa56a9e0d6e53650e7b1968fe5afc21e5638cd50f5c415c9addd998fe32ac983a9f9266590967782b6d9b70f22a48cc14301af5de46d7b71d0f7c0ead21ff503cbed5c2535672835ea0216eaa7fed72390b66b4684b51365d1923aec4dcf4dd08b357552cfb7e96a5ab956ac1276882e80a79d018c5ca7ffb3367d59846387f4af1fd4b6098cb560bb565af3ec0c3934da29120546804f3800aaba4969e00cb83d9d9b0cf216c42a8722030a6fc85a01b9748bebe688671318a2cc33f69e0bf3a8a3779c8847de958b28b2e8017da7f74d56f1a75134a4da0944e45dfefe63ff367759b55e1659870e0be86cef2789ec9063ae6093693c1d47cfc164eae67c97efa447120a36b39561d380077ceaff4bf0f55b066af441e400cc3996633abf905a32cf025becf31983dc6fceb6e0fb506bd350d81afa6421115939adef8cd68abbbd94f1567d9e9f7505af57e1802b8d704bb7460b3822330c4a4bb6ff2b187fb9a3f324b0f415c706a1de8a7cf6747c72be3b356c0206a3c0c39daa85309bff9faba7b68178108b261086cc15a0e21a52a37c1576a72d2d5da5c43248ad760d239711739cb79fc79b4ca2dbec2e100db1c535ed90623c67ed2e3817ebec259343b17efdd912ea0fbf73653015b7f8a51cae3cab19ba00638b8c8bfa8db481ca7dc7ce5c2540c46c963386188f74dec088552330e6ea067b222bd97ecab5073d95d5814599f522a36fc80636bb66ee8dca399586f90f1c849e30d92382bb0e64f62511a7f1044560175d68dffc03a9e56ac7629a4bcf50a4334f29b3391ef4bf0f3174a44d69e143437cb3dcb3871c4e7de50084b5e5033c48df364a1d5cf925d42a3c8e2b419909e4a2ca2156c1397eb87704e8f8d6cdb3a4a031c1b5468a1e75a923cbdbd384cd8d87c2c05f11f1df014ef98c13fcf9f182f6fb68dc0aa4adf7bec8a17caedd172f64806c311fc106b39edd9628a01d7159d638e09b39feab432718059589dc971143da4a8e640aa63ae0c2fb4a71129d362cdcf993adbc97b4f1543637cf1acbc9e67067f6c6f95be39fdd14dc6478c507507ceff88c2d1c5e13522547ab149dad2526393714c6c0a221c167ddf1084b563c0bfcc4c75a972131c62ddec7a497bd5118eaa12ab25bbbf7cc62eca5de5ea50bab67ce6ff2e05cc47cc0b0a5465eb01bbc08dac30b8522bd92180d8987390314e19eb3201f0be2b4f71abb697a751fd8d6a3251ca8ea1b2f20a7827d2599d62e392d6c065183a1778950d5ebe04180047ee8a2a096e5f1d6813ec63ff4a626c725b24d259cbd9ca6305009b29c6ef7225eecf9078824f9aef4d3e9aee1e9616b2b7f87499f8abab6c38e9a3e7714132850b5e71fa671697e6c8407ac3dad5abeee5f7b2a63aa51d29744736b0c38adccf8e29a85b81f3b3106daed64fc78618e18c9056cc41ce2f50379cc6c2c1411ba2c690e1899dee193f0f2877412f1cbd54d12255ca81a72211f9a8ab7f0b7bebb6c11b4bd6c77455decdfd7df2b2014395ba69f22e520138a43e1b3a11264822b143adcad307b35800563bab720687a898a76cde1f0a15aa3f32c0d302ce6f1094bacf5a1add935884be029c7fe18a5e90c696e3371af0f3cd721abd7dd4ce74efe353105ebcc4b1411d52026901380a9c7a807a76fa617667adea8b7734822da93d93969641a92ad2af6350ceee54e3d7c7c39e22d6c5f363d201572b8d68c2b9c7230b0b85801cfafbc5557f21bc444ea05fc612e2c2a8d4a38578c69bb252d8f4d617d0974f95b6ebb416d5c8f3fa925d4ed4f23bfce03e28389ca8c11e871fa49e8d66387bbb09b3c29d9ed75ea5a9ac7930cb3ed05f999867c640b3435962fdb763002e2fb451c5a1b9d4536e49ba50fcf61451168a994249ef29af51694a1426d987ed8cfe09f10462c7629c4ff1b1cc709b99e9e87a54d1ecf54cd9da0c2c19b84b2a2c32c0bd12d158b73230cf610645048cf1afbb62aa7ce6fab79bec3ad84108f3d96cb9fb3d78a26724892a6bca533e64880c7d4c28a6685502f4cb2a27b132c8253b97e88583fe0766d04795709486556df99b7e65fbf71febe24e0a188e2dc489b8fddbf9d4b1c9ef4b558f888824469df9b2085a845998220332d9cb693472ff2abcc10784c2280825adfcc630e3a961b39ab786deddc53b18e862edc75742d6eb2d7cc227ba3ed770851718388612e4e7f4f257a90fdf09e3b0081d7498e2d5b628d9132aa0165f323f59af5e9ea54c582999fb527d5f2f3dd7e4f85877080526f8481899b6afc732f5da6af31b561ddc36a6b8c723087d3f168292550d89b228f7a3cc131c110a2dab2f81e339f24d3d2b696892dcd4a3e8f2eaaddc0d78e2d07cb9df9d2fe73e4c55562c0794092c7dabd4364f9fea89d6cdd8369d5bf1bc8863b8f89aacf0fd9b9b380947bb4872656e58bc87526e18fa8b17ef8a7219adf1b79d1be5dd827e7ba8e4ed50a81eb7562b179876a8803dde2ea99fe744e8f7df17040ac38592a3be7eb353416496e867d8a74c7eb94556b16241935d718dd43462fe0855cc31a812e0ac01109d1d3539bd2fd4eeb422009138a92324bd072edee2ba47d6cacc24588410ce30565a8aaa5aad52d9c55368372715717ff5ed3a0243ddafd11a7059c29a26b9ea9374e8434f31e4c15a747ee6d69368d12b96122690f843569e82ad27eb8fb25e94dde94cc15e690dc65f6a6c2a6393821168a79e03cd223ce54a1d5e38eee1c12e23027b12c6a8094c805088617c2fb4f52008366faf37fdb13b3a7a879949d13644da36dd35a4ede785ca0ac7b4f15472e77a33228129143f849ee75c915df31764c96954621a01e0941d6bb58125f544818b7152698f3addcd0a684af8fcdd4bcdf5752b3faa731988866ee8a664850989d280505d2a4b861f159d47d2d61ab3de866fb2c8f90075b713f61cf83a2ed426d53214b70385b7a46e5620c032486a5a00e0e73d3ea16eeccf5731507903a25685466b61311502ce781634ee46542957a0d5bacabb8d965689422588ee102d6a6016bf11589fff32e503feefccefe4107d0619e7a15336a8655e2f09034b4069941126d48909232592aac6d9c231285dc1d038ff1fa09c1588f543304659ca334afbc42b5f5fb813b34663cc6f4b0a12fc3edc28765b062e7a50fd19ef575be96cd1d9aa48c1fef1b2763949982a47bf25a69c8b1306e8e36c91d2096e6a6cf934452233ff49e91ee173c1e288b9ff70ff364689b82e2467a3d741809657ce0856582d24da5663162422a6f1ed1fce7cef40d90ce57cb99e19a0b4365d483361d03d0cceadd682f333bcdb0a49e24d8c7d004aad2dac06f4839cffc0a77730623917e5f101c33411ab4e0a8491de9a8bbd5dedb8dfeb5a5880da57c74bb8e1fd8b02d3c22087be3f686aee26988b2d62a41d4593ff0dc100c31dad221489f612ef60c160bd6c1f5a00ea6efd3a5aa5ca14efbf78ae4e5d8c5db9c03758b81e636005ade8d03a11f5d8231cfc1bdacdb276992ca8ecbad337fa89dacc9e9be11d398d37207e15ddb45566e0af78833545352d3043b70e20695ddddaccccaa93ee5e2874bfc7f9510541a57fb3cb9c8d6e75460cca3c4cca39a642eff1967dda07a66fe67d87696a5fe22a718a52cd9ba83e348ed211c1dc2e21ebd797455f0648af12c10321240058857632112a75adfdca249f26cf8d6ba05ee83d00ff8d64d8fed069dae70b79105ccd95fc9df34426d765578f651a4cba8094f46e0a9b676c0c0ebb1803660a70f5c7ad2de1ff96676c3ecacdc2953fd235856228556db20395b8d54819b7b12f56e4dddf6a7fe4f7f3d69dff022c59efb2313ae801dcb02b117f50f18eb11dd5a291a7068c820fbe381bd0697566909a38fdab0a0c48442dc935ab8447ebecb93af879a6bb82ab5f245274d873b5be4312856fe4fab8edc9575c02ba4cdb34b31323b69cfef40755bf96279460640ed9fb84d5c60d95cfd76a39726c29f5607d80090e5e3da18fd74682975dd98d98e4afdf4460e1aeb7087a18ded69310b28fa45b356fc28d1f2bef4c9dd50909076de9587fa07b966ee143ec589f70b8ac4d1320cac5bafefe640e445922090c721ce79e4e2c546cfb9b7f058932e6c83170dd2785e28ed81757ade61aa094bd042411aafe0b75156067a5790c78a44589728f1190ac0ba2f93004e06602f51fab34cc56a485569be11e0fd8c89ec3363e053dbdb6cbc69b686e89ff3730dce9099daff958f3be6e7f9ac00bddf0f133a6f904262443963aabe84b0ec9ab9209ebb0d6e81b8d30b2959bbfe5b332459310be2d8183a93ea08301b816d5b009a967916dd45b0f541c57685a6c7ef8cf715ae7fd1780f0a0da48467196e25e26fd2d5a075ad5acfa1ebec9647da21672b642ee4a908fbce416f4ed36ab5b96e5b47a0f6c7f280119567b7d54640c65ce5a0f4912690c4a3d0805e4284fb695eb3af2528f031261439506a4d3f4c2e18b736c55475828a0faf0153acf0dd89bf3c2f6525cb4bfcb419421c7696ee93bc595158a9a43bb288022122a8c45a0db060fe5e85bcc128f396f7af7006eba4e0d6e2f0802625342799bc1b98366682db90ff1be99322bc0672e07757c44173b96e659ff645d263af255d6ecd88bd9a0863006db7f674e79b0493d41a12057e36243394294b4c7850d14a988715de4b55e9f83c2f0676a8486efcc948109076361267f092315dae79164da8f832ad6f35f600b92e4a8228d39e507117c1c1b2a4a12b667538000912ea67de21bd85616cb30f95573ba748a75d2e04b493865a8711a688e33221b26f621ab3a137cf86cc9dd340bcee72f19e00de06f1e9abbe08b4cb8725c9e624f02d36c4c276a529b6e23581c348bb90a4fb1f89053aee36caca5529bad9124825860c011140744f245cd02ffe219e436bfef045517e4e41094b25cf9082692cd8e37d3893c5a90c35b808a17a6508fa7ae743740be0d984ef5ea80cee51e14b9997f86b45b97e5acf89a0a6aa962689c4f53bc7b65e5037de60fa395ed1013591caa79412108224c020d77069939391e20ee32b86139fca7eb9ca5c07fa733311fef5d5594b83ae34c6bc32f037b09995511ff9b9b611bc727055a10b808ebb8c8e5ce532046c7ad3336c38d506e0e3043c4413dc8ce0a9caadbef27d6f663b22bf8d399621ee86e52d9abd5628e3270424d8a06a79174c7de23c431224fd8d0f42853510600f9e2deb8a7bfcd324a5c6ec19cd0c9ca81c552b111a2acc4479e20439e2e3caf44c92026b5be1ad6933ed8d4de1575216c134d55171568ee64213fc4d32ca5cd7ad04b8705ecfd1b88d56294dca67efe3b1b37c7d5d170cef18997c4af074e97a98c11ec3cdc83a4ea564ebb47f02344d3ab410e25a4ad658be9bf627d49c106c1098dccf7ff62ff9f4dc997a279afdc5630ba32167a68ed7bb3bae2a8b61fca67b5b7dc5b3ef3ab679b602764da9aabf3d0caa56b278c2ab6fbee2cfdd7277402a1f82de1d97807829c0105277073772929f16d79584118f31b45ec4db29aad83693b2d9de08f417beaa2f78d55a36a824a94d1e3cfeb3d75c3d41ddd0e317e85d327e9b5a9da44dc12b6fc3acf6d222a44f59520fa3fcdc37903eca4b7a91fe14cf54b06855d204ebd71018fe767a158b5e389b5e8e136fc8960840ef1916d8e36f08260e5fc9808442e2034f2c761ae051d03fa618a5f6b8ba8cee00411d09aaa3f8fe30a5d29d9403a905403b5310355326387ea6ea72643b70fcc5bf767371878440d07be919c4ad8c4b8951655bbeac50025f4cc2e859c20dfd440a0b1b14549bccaf7952a27f12266c3b7185d9f37ab405d0765011ae6dbc0717f58ec6bd4101589f5c6054faba863bd2af1e8b19cc2cee98c619e477a47497896c42c37697313917b37140a77a5afec97556f06e0ee1d87c3739bd9ff4c210ddd4eceb65701e64bf4d6cbd5d4b9786f4d45acd881fa6eb1c6fda5f8844f5a1635d05e7bb82270694efe063d44296d86b4bb8b28e573dd7cc0d379b5449af1064f10ab8e8f5f177713a63fd7ea8bb68305356c59b5b48334d568fc6d81713bf2c1438dbec4c2c793d5bcd94c459eaace9295ec5b51328fcea5c8f984d8bf90b2f9fb247ce722a1c001e6ff179524417d647b856d905976f623b2db0facf05d62a87662ddc0d6c31cadca2ec262439fdd0f5cd7788617b98bbb802ceed7f971fe6d432a49dc132fe5475db3bc61d6ff04442a9afa9078be7a15de8668cdf469697e337eb4a99b24cd89da2a36eaf4f725cfc77f5e4de3dc010c2ef1f6b22dc479544c0c4c611fe1c8ef5ed3c23ddae7cd01ae1874217f8d1001f0c5f8d2ace0ec72ef3ed9b95b72753462feaa1ff5c2d23f5ec1ccf41064895d6944f38bf7c41a091df7b8c5c5021ff7ab7571439a3d5c889aa57c715e4a55ecd77b5cb4f8bc3408d95d560f5e8ec711e81ef8a751df5d1d053822debf0295574ebfc5f1fc47caafdf8b3862d68fb01d6239fa13c026320aafdead31d003d8bd8b46842687b600", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x90, 0x0, 0x0, {0x3, 0x0, 0x2, 0x0, 0x1, 0x7fd, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xffffffff, 0x9, 0x0, 0xc000, 0x3, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x130, 0x0, 0x0, {0x0, 0x0, 0x0, '\x00', {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, {}, {}, {0x2000000000000000}}}}})
write$FUSE_INIT(r1, &(0x7f0000000e00)={0x50, 0x0, r7}, 0x50)
unlink(&(0x7f0000000100)='./file0/file0\x00')
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000000000080007006e6174003c000000060a01040000000000000000010000001400048010000180090001006d6173710000000008000b40000000000900010073797a300000000014000000110001"], 0xcc}}, 0x0)

181.10081ms ago: executing program 4 (id=2807):
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
keyctl$update(0x2, 0x0, &(0x7f0000000380)="16", 0x1)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_PIM(r1, 0x0, 0x12, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000100)="cd4cf401203e0852092fdbbc79467a01f8d9d742d83018edd2cc93ec77d6457a51c6ca17218eb825ec858763c78fe67eb2fbb7f7beee925b0b00aeebafa5205a8c3aaeb356ac1d1a7942a7a4b6ab7ae8f66a6619b84a89d23b1fd688b62f0518f60b2af3c4f611f549dc8f08c8b976251876a808b2c953d80a02f09088d950829e53aa47c60ad7c5420cfad327a75a7a43dfe10a38fdf6d7e3ca94b6fd7dccfffee20e15f7d86c9bf04fa491515141590448aca7fc70703543e2e4b340bccdee01456a86a4b1865cb0b7b9cc37b8887a8b37243e6570d404a3e27e17916e525976a34ccee599ba7188", 0xe9, 0xfffffffffffffffc)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000000)='encrypted\x00', &(0x7f0000000200)=@chain={'key_or_keyring:', r2})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat(r4, &(0x7f0000000340)='./file0/../file0\x00', 0x1f2)
syz_open_dev$video(0x0, 0x7ff, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r7, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
sendmsg$inet_sctp(r7, 0x0, 0xc0)
r8 = msgget$private(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r9 = syz_open_dev$I2C(&(0x7f00000002c0), 0x1, 0x0)
ioctl$I2C_RDWR(r9, 0x707, &(0x7f0000002740)={&(0x7f00000003c0)=[{0x8, 0xf401, 0x10a, &(0x7f0000000f00)="eab46e7915adbf37b970e99bfd63a3eeaa9719283adadca444a588d649714253b54ca1d429cfc5ef6e3dedba6ceaf6fdd1c43f72eae884e5a3502e895160b51fcea39fc9adcc5c89158bb5a6ffa6affa3669226e8538c8da35adf4ae88a7cdae41f52ef64a800a0bce79fe4e11d7b96dbd4b8c173b52461f2d89697a3aa424afbab8415a74e7ce26a0b7c0c09a349389c98600099e4f46da3ebe88cbc65cd3b15c3ef77d231b494725d068ac4fca6a9677874571835da95dc52c49eb798f2d5d9a97de41145739c1bcd97c86a43e8f8daaff267ab893a9e2b37f7f9365e39a2ed0c79ad6149b5e0b2152c452f4a5f66bb4cd5016c89d0abc101be0071c601b7d4b94d47a088a47f32b0a"}], 0x1})
msgrcv(r8, 0x0, 0x0, 0x1, 0x1000)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r10, 0x4b4e, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)

114.391797ms ago: executing program 1 (id=2808):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x28, r3, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1d}]}]}, 0x28}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80410040}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r5, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

55.961979ms ago: executing program 1 (id=2809):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000b00000000040000", @ANYBLOB="00f7ffffffffffff3f"], 0x48)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) (async)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) (async)
recvmmsg(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, 0x0}, 0xc}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)=""/10, 0xa}], 0x1}, 0x80000000}], 0x2, 0x10100, 0x0) (async)
r1 = socket(0x2000000015, 0x80005, 0x0) (async)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000002740)=ANY=[@ANYBLOB="140000001300015b993dde440113e90005"], 0x14}], 0x1}, 0x0) (async)
getsockname$inet(r1, 0x0, &(0x7f0000000300))
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x1, @vbi={0x0, 0x4, 0x6, 0x20303159, [0x1, 0x9a], [0x4, 0x3eb], 0x1}}) (async)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141301)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) (async)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$IPT_SO_GET_INFO(r5, 0x0, 0x40, &(0x7f0000000080)={'mangle\x00', 0x0, [0x80000000, 0x1, 0x7, 0xfff, 0x5]}, &(0x7f0000000240)=0x54) (async)
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xed, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x7, 0x30, 0x8, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x3, 0x1, 0x3, 0x9f, {0x9, 0x21, 0x8001, 0x2, 0x1, {0x22, 0x3f2}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x4, 0x1, 0x2}}}}}]}}]}}, &(0x7f0000000440)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x300, 0x7, 0x4, 0x40, 0x40, 0xc}, 0x5, &(0x7f0000000340)={0x5, 0xf, 0x5}, 0x2, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x42b}}, {0x7b, &(0x7f00000003c0)=@string={0x7b, 0x3, "03114ebc75c2b7dabea9a27841d28f0985501f6d22f9a962ba36068a9c148359cd2c1960ee1b382b7df019897921da57e9c43381e63b20aa82222c61b5520755069bf59bfd827420f1e7eee6b6d23856e7e79bcd96f568351d18988234e6b6af2b56ea9182f88f620d5c623264229bc1f850d6c7ff83cfda1b"}}]}) (async)
ioctl$VIDIOC_ENUMAUDIO(r4, 0xc0345641, &(0x7f0000000040)={0x1, "4a3f5cacae8b5c9e9f8eb3c9424ba2162234a44b2a654e7402414539f1120393", 0x2})

826.234µs ago: executing program 3 (id=2810):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r0, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)

610.638µs ago: executing program 1 (id=2811):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r0, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80) (fail_nth: 2)

0s ago: executing program 3 (id=2812):
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_clone(0xc285a00, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000200), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000000)={&(0x7f0000000240)="79a8", 0x2, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000180)={r1})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
prlimit64(0x0, 0x6, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='hfsplus\x00', 0x8002, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='bcache_invalidate\x00', r6}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$tipc(r7, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c", 0xd4d}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

14199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.315228][T14199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.318188][T14199] batman_adv: batadv0: Interface activated: batadv_slave_0
[  399.322844][T14199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.325443][T14199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.329261][T14199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.331888][T14199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.334887][T14199] batman_adv: batadv0: Interface activated: batadv_slave_1
[  399.338350][T14199] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  399.340639][T14199] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  399.343453][T14199] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  399.345672][T14199] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  399.389811][ T1131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  399.392421][ T1131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.396134][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  399.399900][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.404400][   T25] usb 6-1: USB disconnect, device number 23
[  399.475434][T14259] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2340'.
[  399.477680][T14259] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2340'.
[  399.552609][ T5950] Bluetooth: hci2: command tx timeout
[  400.390720][T14267] 9pnet_virtio: no channels available for device syz
[  400.550624][T14271] FAULT_INJECTION: forcing a failure.
[  400.550624][T14271] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  400.555210][T14271] CPU: 2 UID: 0 PID: 14271 Comm: syz.3.2335 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  400.558331][T14271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  400.561209][T14271] Call Trace:
[  400.562126][T14271]  <TASK>
[  400.562902][T14271]  dump_stack_lvl+0x16c/0x1f0
[  400.564160][T14271]  should_fail_ex+0x497/0x5b0
[  400.565413][T14271]  _copy_from_user+0x2e/0xd0
[  400.566724][T14271]  get_compat_msghdr+0xa8/0x170
[  400.567952][T14271]  ? __pfx_get_compat_msghdr+0x10/0x10
[  400.569363][T14271]  ___sys_sendmsg+0x1b0/0x1e0
[  400.570614][T14271]  ? __pfx____sys_sendmsg+0x10/0x10
[  400.571972][T14271]  ? __pfx_lock_release+0x10/0x10
[  400.573256][T14271]  ? trace_lock_acquire+0x14e/0x1f0
[  400.574591][T14271]  ? __fget_files+0x206/0x3a0
[  400.575789][T14271]  __sys_sendmsg+0x16e/0x220
[  400.577120][T14271]  ? __pfx___sys_sendmsg+0x10/0x10
[  400.578877][T14271]  __do_fast_syscall_32+0x73/0x120
[  400.580167][T14271]  do_fast_syscall_32+0x32/0x80
[  400.581409][T14271]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  400.583320][T14271] RIP: 0023:0xf7f12579
[  400.584703][T14271] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  400.589480][T14271] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  400.591557][T14271] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000200
[  400.593528][T14271] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  400.595505][T14271] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  400.597719][T14271] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  400.599877][T14271] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  400.602420][T14271]  </TASK>
[  400.664243][T14273] netlink: 'syz.3.2336': attribute type 1 has an invalid length.
[  400.666273][T14273] netlink: 'syz.3.2336': attribute type 3 has an invalid length.
[  401.450328][ T5956] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  401.460066][ T5956] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  401.462510][ T5956] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  401.465040][ T5956] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  401.470074][ T5956] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  401.472488][ T5956] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  401.506309][T14290] gretap0 speed is unknown, defaulting to 1000
[  401.632559][ T5956] Bluetooth: hci2: command tx timeout
[  401.635674][T14290] chnl_net:caif_netlink_parms(): no params data found
[  401.688459][T14290] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.690389][T14290] bridge0: port 1(bridge_slave_0) entered disabled state
[  401.692264][T14290] bridge_slave_0: entered allmulticast mode
[  401.696008][T14290] bridge_slave_0: entered promiscuous mode
[  401.698363][T14290] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.700175][T14290] bridge0: port 2(bridge_slave_1) entered disabled state
[  401.702032][T14290] bridge_slave_1: entered allmulticast mode
[  401.704041][T14290] bridge_slave_1: entered promiscuous mode
[  401.723971][T14290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  401.729063][T14290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  401.749523][T14290] team0: Port device team_slave_0 added
[  401.753450][T14290] team0: Port device team_slave_1 added
[  401.780638][T14290] batman_adv: batadv0: Adding interface: batadv_slave_0
[  401.782408][T14290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  401.791164][T14290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  401.795927][T14290] batman_adv: batadv0: Adding interface: batadv_slave_1
[  401.797678][T14290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  401.804009][T14290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  401.843220][T14290] hsr_slave_0: entered promiscuous mode
[  401.845451][T14290] hsr_slave_1: entered promiscuous mode
[  401.847192][T14290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  401.849032][T14290] Cannot create hsr debugfs directory
[  401.960397][T14290] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.033255][T14290] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.077162][T14308] netlink: 'syz.1.2345': attribute type 10 has an invalid length.
[  402.079464][T14308] __nla_validate_parse: 9 callbacks suppressed
[  402.079472][T14308] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.2345'.
[  402.086461][T14308] openvswitch: netlink: Message has 44053 unknown bytes.
[  402.090060][T14308] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  402.114241][T14290] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.175536][T14290] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.242821][T14310] FAULT_INJECTION: forcing a failure.
[  402.242821][T14310] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.246102][T14310] CPU: 1 UID: 0 PID: 14310 Comm: syz.3.2346 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  402.248738][T14310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  402.251317][T14310] Call Trace:
[  402.252136][T14310]  <TASK>
[  402.252874][T14310]  dump_stack_lvl+0x16c/0x1f0
[  402.254062][T14310]  should_fail_ex+0x497/0x5b0
[  402.255209][T14310]  _copy_from_user+0x2e/0xd0
[  402.256359][T14310]  get_compat_msghdr+0xa8/0x170
[  402.257615][T14310]  ? __pfx_get_compat_msghdr+0x10/0x10
[  402.258970][T14310]  ___sys_sendmsg+0x1b0/0x1e0
[  402.260118][T14310]  ? __pfx____sys_sendmsg+0x10/0x10
[  402.261403][T14310]  ? __pfx_lock_release+0x10/0x10
[  402.262674][T14310]  ? trace_lock_acquire+0x14e/0x1f0
[  402.263994][T14310]  ? __fget_files+0x206/0x3a0
[  402.265193][T14310]  __sys_sendmsg+0x16e/0x220
[  402.266372][T14310]  ? __pfx___sys_sendmsg+0x10/0x10
[  402.267662][T14310]  __do_fast_syscall_32+0x73/0x120
[  402.268945][T14310]  do_fast_syscall_32+0x32/0x80
[  402.270199][T14310]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  402.271809][T14310] RIP: 0023:0xf7f12579
[  402.272806][T14310] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  402.277423][T14290] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  402.277611][T14310] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  402.281709][T14310] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  402.283696][T14310] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  402.285633][T14310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  402.287562][T14310] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  402.289484][T14310] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  402.291521][T14310]  </TASK>
[  402.294592][T14290] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  402.298591][T14290] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  402.301432][T14290] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  402.310127][T14290] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.311902][T14290] bridge0: port 2(bridge_slave_1) entered forwarding state
[  402.313789][T14290] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.315491][T14290] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.346804][T14290] 8021q: adding VLAN 0 to HW filter on device bond0
[  402.356957][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[  402.360189][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.373399][T14290] 8021q: adding VLAN 0 to HW filter on device team0
[  402.381791][ T1131] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.383970][ T1131] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.389888][ T1131] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.392359][ T1131] bridge0: port 2(bridge_slave_1) entered forwarding state
[  402.484192][T14290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  402.593320][T14290] veth0_vlan: entered promiscuous mode
[  402.598138][T14290] veth1_vlan: entered promiscuous mode
[  402.611736][T14290] veth0_macvtap: entered promiscuous mode
[  402.617781][T14290] veth1_macvtap: entered promiscuous mode
[  402.624505][T14290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  402.627260][T14290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.633321][T14290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  402.635964][T14290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.638637][T14290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  402.641348][T14290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.663992][T14290] batman_adv: batadv0: Interface activated: batadv_slave_0
[  402.670081][T14290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  402.673385][T14290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.675858][T14290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  402.678618][T14290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.681157][T14290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  402.683964][T14290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.686928][T14290] batman_adv: batadv0: Interface activated: batadv_slave_1
[  402.689842][T14290] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  402.692106][T14290] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  402.694815][T14290] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  402.696987][T14290] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  402.757433][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.759506][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  402.785606][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.787931][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  403.552584][ T5956] Bluetooth: hci3: command tx timeout
[  403.725845][ T5956] Bluetooth: hci2: command tx timeout
[  403.974587][T14349] binder: 14347:14349 ioctl c0306201 20000180 returned -14
[  404.064916][T14353] FAULT_INJECTION: forcing a failure.
[  404.064916][T14353] name failslab, interval 1, probability 0, space 0, times 0
[  404.069441][T14353] CPU: 3 UID: 0 PID: 14353 Comm: syz.3.2356 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  404.072153][T14353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.074831][T14353] Call Trace:
[  404.075690][T14353]  <TASK>
[  404.076432][T14353]  dump_stack_lvl+0x16c/0x1f0
[  404.077642][T14353]  should_fail_ex+0x497/0x5b0
[  404.078844][T14353]  ? fs_reclaim_acquire+0xae/0x150
[  404.080129][T14353]  should_failslab+0xc2/0x120
[  404.081318][T14353]  __kmalloc_noprof+0xce/0x4f0
[  404.082551][T14353]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  404.083981][T14353]  ? tomoyo_realpath_from_path+0xbf/0x710
[  404.085408][T14353]  tomoyo_realpath_from_path+0xbf/0x710
[  404.086819][T14353]  ? tomoyo_path_number_perm+0x235/0x5b0
[  404.088251][T14353]  tomoyo_path_number_perm+0x248/0x5b0
[  404.089628][T14353]  ? tomoyo_path_number_perm+0x235/0x5b0
[  404.091045][T14353]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  404.092638][T14353]  ? __pfx_lock_release+0x10/0x10
[  404.093871][T14353]  ? trace_lock_acquire+0x14e/0x1f0
[  404.095186][T14353]  ? lock_acquire+0x2f/0xb0
[  404.096327][T14353]  ? __fget_files+0x40/0x3a0
[  404.097517][T14353]  ? __fget_files+0x206/0x3a0
[  404.098722][T14353]  security_file_ioctl_compat+0x9b/0x240
[  404.100140][T14353]  __do_compat_sys_ioctl+0x4e/0x2c0
[  404.101460][T14353]  __do_fast_syscall_32+0x73/0x120
[  404.102760][T14353]  do_fast_syscall_32+0x32/0x80
[  404.104014][T14353]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  404.105633][T14353] RIP: 0023:0xf7f12579
[  404.106661][T14353] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  404.111423][T14353] RSP: 002b:00000000f504555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  404.113664][T14353] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0306201
[  404.115705][T14353] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000
[  404.117679][T14353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  404.119638][T14353] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  404.121674][T14353] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  404.123734][T14353]  </TASK>
[  404.125218][T14353] ERROR: Out of memory at tomoyo_realpath_from_path.
[  404.127394][T14353] binder: 14351:14353 ioctl c0306201 20000180 returned -14
[  404.588658][T14365] netlink: 7520 bytes leftover after parsing attributes in process `syz.4.2360'.
[  404.821244][T14368] FAULT_INJECTION: forcing a failure.
[  404.821244][T14368] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.825049][T14368] CPU: 2 UID: 0 PID: 14368 Comm: syz.2.2361 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  404.827865][T14368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.830628][T14368] Call Trace:
[  404.831531][T14368]  <TASK>
[  404.832308][T14368]  dump_stack_lvl+0x16c/0x1f0
[  404.833558][T14368]  should_fail_ex+0x497/0x5b0
[  404.834818][T14368]  _copy_from_user+0x2e/0xd0
[  404.836036][T14368]  ucma_write+0x129/0x330
[  404.837187][T14368]  ? __pfx_ucma_write+0x10/0x10
[  404.838472][T14368]  ? bpf_lsm_file_permission+0x9/0x10
[  404.839866][T14368]  ? security_file_permission+0x71/0x210
[  404.841331][T14368]  ? __pfx_ucma_write+0x10/0x10
[  404.842618][T14368]  vfs_write+0x24c/0x1150
[  404.843759][T14368]  ? __fget_files+0x1fc/0x3a0
[  404.845004][T14368]  ? __pfx_lock_release+0x10/0x10
[  404.846331][T14368]  ? __pfx_vfs_write+0x10/0x10
[  404.847624][T14368]  ? lock_acquire+0x2f/0xb0
[  404.848817][T14368]  ? __fget_files+0x40/0x3a0
[  404.850036][T14368]  ? __fget_files+0x206/0x3a0
[  404.851273][T14368]  ksys_write+0x207/0x250
[  404.852425][T14368]  ? __pfx_ksys_write+0x10/0x10
[  404.853732][T14368]  __do_fast_syscall_32+0x73/0x120
[  404.855071][T14368]  do_fast_syscall_32+0x32/0x80
[  404.856349][T14368]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  404.857998][T14368] RIP: 0023:0xf7fb1579
[  404.859054][T14368] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  404.864007][T14368] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  404.866182][T14368] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[  404.868275][T14368] RDX: 0000000000000118 RSI: 0000000000000000 RDI: 0000000000000000
[  404.870327][T14368] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  404.872379][T14368] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  404.874410][T14368] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  404.876372][T14368]  </TASK>
[  404.927718][T14370] input: syz1 as /devices/virtual/input/input10
[  405.180997][T14383] overlayfs: failed to resolve './file1': -2
[  405.213021][T14388] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2366'.
[  405.249095][T14391] binder: 14385:14391 ioctl c0306201 20000180 returned -14
[  405.447255][T14401] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2371'.
[  405.450267][T14401] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2371'.
[  405.453607][T14401] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2371'.
[  405.456516][T14401] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2371'.
[  405.632917][ T5956] Bluetooth: hci3: command tx timeout
[  405.802514][ T5956] Bluetooth: hci2: command tx timeout
[  405.983992][T14413] FAULT_INJECTION: forcing a failure.
[  405.983992][T14413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.987467][T14413] CPU: 2 UID: 0 PID: 14413 Comm: syz.1.2374 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  405.990256][T14413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  405.993501][T14413] Call Trace:
[  405.994386][T14413]  <TASK>
[  405.995163][T14413]  dump_stack_lvl+0x16c/0x1f0
[  405.996398][T14413]  should_fail_ex+0x497/0x5b0
[  405.997633][T14413]  _copy_from_user+0x2e/0xd0
[  405.998848][T14413]  get_compat_msghdr+0xa8/0x170
[  406.000131][T14413]  ? __pfx_get_compat_msghdr+0x10/0x10
[  406.001821][T14413]  ___sys_sendmsg+0x1b0/0x1e0
[  406.003271][T14413]  ? __pfx____sys_sendmsg+0x10/0x10
[  406.004652][T14413]  ? __pfx_lock_release+0x10/0x10
[  406.005985][T14413]  ? trace_lock_acquire+0x14e/0x1f0
[  406.007350][T14413]  ? __fget_files+0x206/0x3a0
[  406.008599][T14413]  __sys_sendmsg+0x16e/0x220
[  406.009823][T14413]  ? __pfx___sys_sendmsg+0x10/0x10
[  406.011230][T14413]  __do_fast_syscall_32+0x73/0x120
[  406.012626][T14413]  do_fast_syscall_32+0x32/0x80
[  406.013922][T14413]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  406.015566][T14413] RIP: 0023:0xf7f72579
[  406.016634][T14413] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  406.021840][T14413] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  406.024560][T14413] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200
[  406.026855][T14413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  406.028904][T14413] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  406.031002][T14413] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  406.033112][T14413] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  406.035172][T14413]  </TASK>
[  406.491697][ T5950] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  406.496865][ T5950] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  406.500278][ T5950] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  406.502986][ T5950] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  406.505104][ T5950] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  406.507475][ T5950] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  406.548251][T14429] gretap0 speed is unknown, defaulting to 1000
[  406.643246][T14429] chnl_net:caif_netlink_parms(): no params data found
[  406.706306][T14429] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.708323][T14429] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.710253][T14429] bridge_slave_0: entered allmulticast mode
[  406.712372][T14429] bridge_slave_0: entered promiscuous mode
[  406.714988][T14429] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.716893][T14429] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.718783][T14429] bridge_slave_1: entered allmulticast mode
[  406.720804][T14429] bridge_slave_1: entered promiscuous mode
[  406.742486][T14429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  406.745947][T14429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  406.770676][T14429] team0: Port device team_slave_0 added
[  406.773948][T14429] team0: Port device team_slave_1 added
[  406.792309][T14429] batman_adv: batadv0: Adding interface: batadv_slave_0
[  406.794748][T14429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.802132][T14429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  406.807804][T14429] batman_adv: batadv0: Adding interface: batadv_slave_1
[  406.809651][T14429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.817735][T14429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  406.843741][T14429] hsr_slave_0: entered promiscuous mode
[  406.845965][T14429] hsr_slave_1: entered promiscuous mode
[  406.847803][T14429] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  406.850390][T14429] Cannot create hsr debugfs directory
[  406.920439][T14429] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.995818][T14429] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.037986][T14440] binder: 14439:14440 ioctl 89f1 20000340 returned -22
[  407.044322][T14440] binder: 14439:14440 ioctl c0306201 20000300 returned -14
[  407.049865][T14440] binder: 14439:14440 ioctl c0306201 20000180 returned -14
[  407.066334][T14429] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.160337][T14429] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.266469][ T6086] bridge_slave_1: left promiscuous mode
[  407.268012][ T6086] bridge0: port 2(bridge_slave_1) entered disabled state
[  407.270974][ T6086] bridge_slave_0: left allmulticast mode
[  407.272516][ T6086] bridge_slave_0: left promiscuous mode
[  407.274017][ T6086] bridge0: port 1(bridge_slave_0) entered disabled state
[  407.655233][ T6086] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  407.660975][ T6086] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  407.666385][ T6086] bond0 (unregistering): Released all slaves
[  407.670525][ T6086] bond1 (unregistering): Released all slaves
[  407.697872][T14429] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  407.701290][T14429] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  407.706695][T14429] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  407.710503][T14429] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  407.712769][ T5956] Bluetooth: hci3: command tx timeout
[  407.777852][T14429] 8021q: adding VLAN 0 to HW filter on device bond0
[  407.785368][T14429] 8021q: adding VLAN 0 to HW filter on device team0
[  407.789725][ T1133] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.792233][ T1133] bridge0: port 1(bridge_slave_0) entered forwarding state
[  407.807727][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.810128][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  407.921219][ T6086] hsr_slave_0: left promiscuous mode
[  407.924469][ T6086] hsr_slave_1: left promiscuous mode
[  407.927635][ T6086] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  407.929639][ T6086] batman_adv: batadv0: Removing interface: batadv_slave_0
[  407.932950][ T6086] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  407.934986][ T6086] batman_adv: batadv0: Removing interface: batadv_slave_1
[  407.980169][ T6086] veth1_macvtap: left promiscuous mode
[  407.982244][ T6086] veth0_macvtap: left promiscuous mode
[  407.984221][ T6086] veth1_vlan: left promiscuous mode
[  407.985825][ T6086] veth0_vlan: left promiscuous mode
[  408.191143][ T6086] team0 (unregistering): Port device vlan0 removed
[  408.594314][ T5956] Bluetooth: hci4: command tx timeout
[  408.970286][ T6086] team0 (unregistering): Port device team_slave_1 removed
[  409.197258][ T6086] team0 (unregistering): Port device team_slave_0 removed
[  409.802543][ T5956] Bluetooth: hci3: command tx timeout
[  409.841724][T14429] 8021q: adding VLAN 0 to HW filter on device batadv0
[  409.860666][T14429] veth0_vlan: entered promiscuous mode
[  409.864441][T14429] veth1_vlan: entered promiscuous mode
[  409.875145][T14429] veth0_macvtap: entered promiscuous mode
[  409.879384][T14429] veth1_macvtap: entered promiscuous mode
[  409.899195][T14429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  409.902682][T14429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  409.905411][T14429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  409.908045][T14429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  409.910522][T14429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  409.913609][T14429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  409.917658][T14429] batman_adv: batadv0: Interface activated: batadv_slave_0
[  409.921405][T14429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  409.925031][T14429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  409.928491][T14429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  409.932295][T14429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  409.935915][T14429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  409.938836][T14429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  409.941848][T14429] batman_adv: batadv0: Interface activated: batadv_slave_1
[  409.947003][T14429] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  409.949496][T14429] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  409.952164][T14429] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  409.956436][T14429] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  409.998641][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  410.001738][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  410.028740][ T1131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  410.031714][ T1131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  410.114352][ T6086] IPVS: stop unused estimator thread 0...
[  410.259177][T14483] input: syz1 as /devices/virtual/input/input11
[  410.660856][T14509] FAULT_INJECTION: forcing a failure.
[  410.660856][T14509] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  410.671684][T14509] CPU: 0 UID: 0 PID: 14509 Comm: syz.3.2398 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  410.674416][T14509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  410.677101][T14509] Call Trace:
[  410.678034][T14509]  <TASK>
[  410.678817][T14509]  dump_stack_lvl+0x16c/0x1f0
[  410.680067][T14509]  should_fail_ex+0x497/0x5b0
[  410.681313][T14509]  _copy_from_user+0x2e/0xd0
[  410.682586][T14509]  get_compat_msghdr+0xa8/0x170
[  410.682653][ T5956] Bluetooth: hci4: command tx timeout
[  410.683866][T14509]  ? __pfx_get_compat_msghdr+0x10/0x10
[  410.686744][T14509]  ___sys_sendmsg+0x1b0/0x1e0
[  410.687990][T14509]  ? __pfx____sys_sendmsg+0x10/0x10
[  410.689367][T14509]  ? trace_lock_acquire+0x14e/0x1f0
[  410.690750][T14509]  __sys_sendmmsg+0x2fa/0x420
[  410.692015][T14509]  ? __pfx___sys_sendmmsg+0x10/0x10
[  410.693391][T14509]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  410.694984][T14509]  ? fput+0x67/0x440
[  410.696032][T14509]  ? ksys_write+0x1ba/0x250
[  410.697232][T14509]  ? __pfx_ksys_write+0x10/0x10
[  410.698529][T14509]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  410.700004][T14509]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  410.701748][T14509]  __do_fast_syscall_32+0x73/0x120
[  410.703108][T14509]  do_fast_syscall_32+0x32/0x80
[  410.704405][T14509]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  410.706074][T14509] RIP: 0023:0xf7f12579
[  410.707112][T14509] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  410.712038][T14509] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  410.714134][T14509] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200019c0
[  410.716191][T14509] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  410.718260][T14509] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  410.720301][T14509] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  410.722385][T14509] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  410.724477][T14509]  </TASK>
[  411.338461][ T5956] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  411.338968][T14520] netlink: 'syz.3.2402': attribute type 1 has an invalid length.
[  411.364695][T14520] fuse: Bad value for 'fd'
[  411.371370][T14523] input: syz1 as /devices/virtual/input/input13
[  411.545361][T14533] input: syz1 as /devices/virtual/input/input14
[  412.633743][T14552] FAULT_INJECTION: forcing a failure.
[  412.633743][T14552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  412.638289][T14552] CPU: 2 UID: 0 PID: 14552 Comm: syz.1.2411 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  412.641932][T14552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  412.645688][T14552] Call Trace:
[  412.646862][T14552]  <TASK>
[  412.647898][T14552]  dump_stack_lvl+0x16c/0x1f0
[  412.649557][T14552]  should_fail_ex+0x497/0x5b0
[  412.651207][T14552]  _copy_from_user+0x2e/0xd0
[  412.652853][T14552]  get_compat_msghdr+0xa8/0x170
[  412.654569][T14552]  ? __pfx_get_compat_msghdr+0x10/0x10
[  412.656470][T14552]  ___sys_sendmsg+0x1b0/0x1e0
[  412.658126][T14552]  ? __pfx____sys_sendmsg+0x10/0x10
[  412.659943][T14552]  ? trace_lock_acquire+0x14e/0x1f0
[  412.661770][T14552]  __sys_sendmmsg+0x2fa/0x420
[  412.663467][T14552]  ? __pfx___sys_sendmmsg+0x10/0x10
[  412.665387][T14552]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  412.667506][T14552]  ? fput+0x67/0x440
[  412.668899][T14552]  ? ksys_write+0x1ba/0x250
[  412.670544][T14552]  ? __pfx_ksys_write+0x10/0x10
[  412.672261][T14552]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  412.674287][T14552]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  412.676539][T14552]  __do_fast_syscall_32+0x73/0x120
[  412.678367][T14552]  do_fast_syscall_32+0x32/0x80
[  412.680050][T14552]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  412.682248][T14552] RIP: 0023:0xf7f88579
[  412.683735][T14552] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  412.690367][T14552] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  412.693221][T14552] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000b00
[  412.695878][T14552] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  412.698285][T14552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  412.700791][T14552] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  412.703246][T14552] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  412.705695][T14552]  </TASK>
[  412.706780][    C2] vkms_vblank_simulate: vblank timer overrun
[  412.764311][ T5956] Bluetooth: hci4: command tx timeout
[  412.899475][T14559] netlink: 7520 bytes leftover after parsing attributes in process `syz.1.2414'.
[  413.270540][T14565] netlink: 'syz.4.2415': attribute type 1 has an invalid length.
[  413.271965][T14562] input: syz1 as /devices/virtual/input/input15
[  413.281657][T14565] fuse: Bad value for 'fd'
[  413.683893][T14582] input: syz1 as /devices/virtual/input/input16
[  414.003940][ T5956] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  414.003961][ T5956] Bluetooth: hci3: Malformed Event: 0x2f
[  414.007353][T14589] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2422'.
[  414.011779][T14587] input: syz1 as /devices/virtual/input/input17
[  414.845721][ T5956] Bluetooth: hci4: command tx timeout
[  415.008922][T14603] FAULT_INJECTION: forcing a failure.
[  415.008922][T14603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  415.012354][T14603] CPU: 3 UID: 0 PID: 14603 Comm: syz.2.2425 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  415.015123][T14603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  415.017858][T14603] Call Trace:
[  415.018720][T14603]  <TASK>
[  415.019495][T14603]  dump_stack_lvl+0x16c/0x1f0
[  415.020723][T14603]  should_fail_ex+0x497/0x5b0
[  415.021984][T14603]  _copy_from_user+0x2e/0xd0
[  415.023167][T14603]  get_compat_msghdr+0xa8/0x170
[  415.024464][T14603]  ? __pfx_get_compat_msghdr+0x10/0x10
[  415.025896][T14603]  ? find_held_lock+0x2d/0x110
[  415.027129][T14603]  ___sys_recvmsg+0x193/0x1a0
[  415.028343][T14603]  ? __pfx____sys_recvmsg+0x10/0x10
[  415.029795][T14603]  ? __fget_files+0x1fc/0x3a0
[  415.031047][T14603]  ? trace_lock_acquire+0x14e/0x1f0
[  415.032524][T14603]  ? __fget_files+0x206/0x3a0
[  415.033860][T14603]  __sys_recvmsg+0x16b/0x220
[  415.035050][T14603]  ? __pfx___sys_recvmsg+0x10/0x10
[  415.036374][T14603]  __do_fast_syscall_32+0x73/0x120
[  415.037644][T14603]  do_fast_syscall_32+0x32/0x80
[  415.038908][T14603]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  415.040523][T14603] RIP: 0023:0xf7fb1579
[  415.041592][T14603] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  415.046468][T14603] RSP: 002b:00000000f50e555c EFLAGS: 00000296 ORIG_RAX: 0000000000000174
[  415.048467][T14603] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000980
[  415.050386][T14603] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  415.052254][T14603] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  415.054213][T14603] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  415.056139][T14603] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  415.058103][T14603]  </TASK>
[  415.269055][T14605] input: syz1 as /devices/virtual/input/input18
[  415.278828][T14607] netlink: 'syz.2.2426': attribute type 1 has an invalid length.
[  415.286041][T14607] fuse: Bad value for 'fd'
[  415.707400][T14629] netlink: 7520 bytes leftover after parsing attributes in process `syz.4.2434'.
[  416.092707][ T1012] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  416.245422][ T1012] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[  416.248151][ T1012] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  416.253655][ T1012] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  416.256192][ T1012] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  416.258511][ T1012] usb 8-1: Manufacturer: syz
[  416.264767][ T1012] usb 8-1: config 0 descriptor??
[  416.382532][ T1012] rc_core: IR keymap rc-hauppauge not found
[  416.384118][ T1012] Registered IR keymap rc-empty
[  416.391743][ T1012] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0
[  416.395936][ T1012] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input20
[  416.498341][ T5978] usb 8-1: USB disconnect, device number 33
[  416.499730][T14639] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2436'.
[  416.506327][T14639] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2436'.
[  416.509115][T14639] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2436'.
[  416.613679][T14644] input: syz1 as /devices/virtual/input/input21
[  416.734458][T14647] netlink: 'syz.1.2439': attribute type 1 has an invalid length.
[  416.740944][T14647] fuse: Bad value for 'fd'
[  418.152545][ T5978] usb 9-1: new high-speed USB device number 30 using dummy_hcd
[  418.206541][T14672] netlink: 7520 bytes leftover after parsing attributes in process `syz.1.2446'.
[  418.302532][ T5978] usb 9-1: Using ep0 maxpacket: 8
[  418.305588][T14674] input: syz1 as /devices/virtual/input/input22
[  418.313988][ T5978] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  418.316187][ T5978] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  418.318803][ T5978] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  418.321935][ T5978] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  418.324738][ T5978] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  418.328120][ T5978] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  418.330715][ T5978] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.346273][T14676] =======================================================
[  418.346273][T14676] WARNING: The mand mount option has been deprecated and
[  418.346273][T14676]          and is ignored by this kernel. Remove the mand
[  418.346273][T14676]          option from the mount to silence this warning.
[  418.346273][T14676] =======================================================
[  418.553369][ T5978] usb 9-1: usb_control_msg returned -32
[  418.554951][ T5978] usbtmc 9-1:16.0: can't read capabilities
[  419.360766][T14698] input: syz1 as /devices/virtual/input/input23
[  420.618334][T14723] input: syz1 as /devices/virtual/input/input24
[  420.914957][ T5978] usb 9-1: USB disconnect, device number 30
[  421.093078][T14744] netlink: 7520 bytes leftover after parsing attributes in process `syz.4.2459'.
[  423.366896][T14781] netlink: 7520 bytes leftover after parsing attributes in process `syz.1.2477'.
[  423.500716][T14787] FAULT_INJECTION: forcing a failure.
[  423.500716][T14787] name failslab, interval 1, probability 0, space 0, times 0
[  423.504742][T14787] CPU: 3 UID: 0 PID: 14787 Comm: syz.4.2470 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  423.507932][T14787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  423.510965][T14787] Call Trace:
[  423.512216][T14787]  <TASK>
[  423.513193][T14787]  dump_stack_lvl+0x16c/0x1f0
[  423.514450][T14787]  should_fail_ex+0x497/0x5b0
[  423.515662][T14787]  ? fs_reclaim_acquire+0xae/0x150
[  423.516951][T14787]  should_failslab+0xc2/0x120
[  423.518417][T14787]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  423.519960][T14787]  ? vm_area_dup+0x21/0x300
[  423.521298][T14787]  vm_area_dup+0x21/0x300
[  423.522457][T14787]  __split_vma+0x181/0x1210
[  423.523629][T14787]  ? __pfx___split_vma+0x10/0x10
[  423.524907][T14787]  vms_gather_munmap_vmas+0x38b/0x1730
[  423.526372][T14787]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  423.527870][T14787]  ? mas_walk+0x6a6/0x910
[  423.529043][T14787]  __mmap_region+0x31d/0x2670
[  423.530321][T14787]  ? __pfx_mark_lock+0x10/0x10
[  423.531944][T14787]  ? __pfx___mmap_region+0x10/0x10
[  423.533709][T14787]  ? hlock_class+0x4e/0x130
[  423.535309][T14787]  ? mark_lock+0xb5/0xc60
[  423.536424][T14787]  ? hlock_class+0x4e/0x130
[  423.537695][T14787]  ? __lock_acquire+0x15a9/0x3c40
[  423.539044][T14787]  ? mm_get_unmapped_area+0x95/0xe0
[  423.540529][T14787]  ? shmem_get_unmapped_area+0x183/0xa20
[  423.542625][T14787]  ? cap_mmap_addr+0x53/0x320
[  423.544019][T14787]  mmap_region+0x127/0x320
[  423.545161][T14787]  do_mmap+0xc00/0xfc0
[  423.546224][T14787]  vm_mmap_pgoff+0x1ba/0x360
[  423.547404][T14787]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  423.548742][T14787]  ? ksys_write+0x1ba/0x250
[  423.549922][T14787]  ksys_mmap_pgoff+0x7d/0x5c0
[  423.551162][T14787]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  423.552519][T14787]  __do_fast_syscall_32+0x73/0x120
[  423.553868][T14787]  do_fast_syscall_32+0x32/0x80
[  423.555127][T14787]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  423.556725][T14787] RIP: 0023:0xf7fa1579
[  423.557774][T14787] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  423.563838][T14787] RSP: 002b:00000000f50d555c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  423.565986][T14787] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000fbe000
[  423.568002][T14787] RDX: 0000000003000003 RSI: 0000000000004031 RDI: 00000000ffffffff
[  423.570104][T14787] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  423.572169][T14787] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  423.574251][T14787] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  423.576248][T14787]  </TASK>
[  423.749202][T14791] netlink: 7520 bytes leftover after parsing attributes in process `syz.3.2471'.
[  424.676943][T14804] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2475'.
[  424.687984][T14804] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2475'.
[  424.691287][T14804] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2475'.
[  424.776236][T14808] FAULT_INJECTION: forcing a failure.
[  424.776236][T14808] name failslab, interval 1, probability 0, space 0, times 0
[  424.779420][T14808] CPU: 2 UID: 0 PID: 14808 Comm: syz.4.2476 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  424.782108][T14808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  424.784757][T14808] Call Trace:
[  424.785599][T14808]  <TASK>
[  424.786338][T14808]  dump_stack_lvl+0x16c/0x1f0
[  424.787521][T14808]  should_fail_ex+0x497/0x5b0
[  424.788764][T14808]  ? fs_reclaim_acquire+0xae/0x150
[  424.790097][T14808]  should_failslab+0xc2/0x120
[  424.791272][T14808]  __kmalloc_noprof+0xce/0x4f0
[  424.792478][T14808]  ? d_absolute_path+0x137/0x1b0
[  424.793753][T14808]  ? tomoyo_encode2+0x100/0x3e0
[  424.794995][T14808]  tomoyo_encode2+0x100/0x3e0
[  424.796211][T14808]  tomoyo_realpath_from_path+0x1a7/0x710
[  424.797660][T14808]  tomoyo_path_number_perm+0x248/0x5b0
[  424.799064][T14808]  ? tomoyo_path_number_perm+0x235/0x5b0
[  424.800506][T14808]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  424.801982][T14808]  ? __pfx_lock_release+0x10/0x10
[  424.803213][T14808]  ? trace_lock_acquire+0x14e/0x1f0
[  424.804546][T14808]  ? lock_acquire+0x2f/0xb0
[  424.805676][T14808]  ? __fget_files+0x40/0x3a0
[  424.806840][T14808]  ? __fget_files+0x206/0x3a0
[  424.808024][T14808]  security_file_ioctl_compat+0x9b/0x240
[  424.809409][T14808]  __do_compat_sys_ioctl+0x4e/0x2c0
[  424.810690][T14808]  __do_fast_syscall_32+0x73/0x120
[  424.811990][T14808]  do_fast_syscall_32+0x32/0x80
[  424.813194][T14808]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  424.814742][T14808] RIP: 0023:0xf7fa1579
[  424.815750][T14808] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  424.820477][T14808] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  424.822536][T14808] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c05c6104
[  424.824479][T14808] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  424.826429][T14808] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  424.828359][T14808] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  424.830364][T14808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  424.832331][T14808]  </TASK>
[  424.837922][T14808] ERROR: Out of memory at tomoyo_realpath_from_path.
[  425.389539][ T5956] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  425.450873][T14818] input: syz1 as /devices/virtual/input/input25
[  425.739767][T14832] input: syz1 as /devices/virtual/input/input26
[  427.343989][T14849] input: syz1 as /devices/virtual/input/input27
[  427.648925][T14861] netlink: 'syz.3.2488': attribute type 1 has an invalid length.
[  427.710261][T14864] FAULT_INJECTION: forcing a failure.
[  427.710261][T14864] name failslab, interval 1, probability 0, space 0, times 0
[  427.715488][T14864] CPU: 3 UID: 0 PID: 14864 Comm: syz.2.2490 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  427.718845][T14864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  427.722055][T14864] Call Trace:
[  427.723269][T14864]  <TASK>
[  427.724342][T14864]  dump_stack_lvl+0x16c/0x1f0
[  427.726019][T14864]  should_fail_ex+0x497/0x5b0
[  427.727676][T14864]  ? fs_reclaim_acquire+0xae/0x150
[  427.729552][T14864]  should_failslab+0xc2/0x120
[  427.731263][T14864]  __kmalloc_cache_noprof+0x68/0x420
[  427.733102][T14864]  resv_map_alloc+0x7e/0x400
[  427.734647][T14864]  hugetlbfs_get_inode+0x343/0x740
[  427.735977][T14864]  hugetlb_file_setup+0x15b/0x620
[  427.737272][T14864]  ksys_mmap_pgoff+0x189/0x5c0
[  427.738510][T14864]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  427.739960][T14864]  __do_fast_syscall_32+0x73/0x120
[  427.741667][T14864]  do_fast_syscall_32+0x32/0x80
[  427.743362][T14864]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  427.745460][T14864] RIP: 0023:0xf7fb1579
[  427.746816][T14864] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  427.753033][T14864] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  427.755869][T14864] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000400000
[  427.758662][T14864] RDX: 0000000003000003 RSI: 000000000006c832 RDI: 00000000ffffffff
[  427.761392][T14864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  427.764050][T14864] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  427.766707][T14864] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  427.769226][T14864]  </TASK>
[  428.079630][T14872] netlink: 'syz.3.2492': attribute type 9 has an invalid length.
[  428.082415][T14872] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2492'.
[  428.499806][T14889] input: syz1 as /devices/virtual/input/input28
[  428.937142][T14905] FAULT_INJECTION: forcing a failure.
[  428.937142][T14905] name failslab, interval 1, probability 0, space 0, times 0
[  428.940456][T14905] CPU: 0 UID: 0 PID: 14905 Comm: syz.4.2501 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  428.943585][T14905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  428.946700][T14905] Call Trace:
[  428.947568][T14905]  <TASK>
[  428.948355][T14905]  dump_stack_lvl+0x16c/0x1f0
[  428.949598][T14905]  should_fail_ex+0x497/0x5b0
[  428.950782][T14905]  ? fs_reclaim_acquire+0xae/0x150
[  428.952698][T14905]  should_failslab+0xc2/0x120
[  428.953942][T14905]  __kmalloc_cache_noprof+0x68/0x420
[  428.955273][T14905]  keyctl_watch_key+0x151/0x500
[  428.956499][T14905]  __do_compat_sys_keyctl+0x122/0x440
[  428.957870][T14905]  __do_fast_syscall_32+0x73/0x120
[  428.959164][T14905]  do_fast_syscall_32+0x32/0x80
[  428.960390][T14905]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  428.962054][T14905] RIP: 0023:0xf7fa1579
[  428.963106][T14905] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  428.967862][T14905] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[  428.969931][T14905] RAX: ffffffffffffffda RBX: 0000000000000020 RCX: 00000000168056a6
[  428.971965][T14905] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  428.973990][T14905] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  428.976013][T14905] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  428.978055][T14905] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  428.980123][T14905]  </TASK>
[  428.980988][    C0] vkms_vblank_simulate: vblank timer overrun
[  429.011066][T14907] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  429.105072][T14914] input: syz1 as /devices/virtual/input/input29
[  429.238423][T14930] FAULT_INJECTION: forcing a failure.
[  429.238423][T14930] name failslab, interval 1, probability 0, space 0, times 0
[  429.241686][T14930] CPU: 0 UID: 0 PID: 14930 Comm: syz.2.2507 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  429.244476][T14930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  429.247265][T14930] Call Trace:
[  429.248230][T14930]  <TASK>
[  429.249043][T14930]  dump_stack_lvl+0x16c/0x1f0
[  429.250286][T14930]  should_fail_ex+0x497/0x5b0
[  429.251540][T14930]  ? fs_reclaim_acquire+0xae/0x150
[  429.252915][T14930]  should_failslab+0xc2/0x120
[  429.254289][T14930]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  429.255798][T14930]  ? __alloc_skb+0x2b3/0x380
[  429.257020][T14930]  __alloc_skb+0x2b3/0x380
[  429.258194][T14930]  ? __pfx___alloc_skb+0x10/0x10
[  429.259481][T14930]  ? lock_acquire+0x2f/0xb0
[  429.260662][T14930]  netlink_alloc_large_skb+0x69/0x130
[  429.262085][T14930]  netlink_sendmsg+0x689/0xd70
[  429.263326][T14930]  ? __pfx_netlink_sendmsg+0x10/0x10
[  429.264735][T14930]  ____sys_sendmsg+0x9ae/0xb40
[  429.266004][T14930]  ? __pfx_____sys_sendmsg+0x10/0x10
[  429.267398][T14930]  ? get_compat_msghdr+0x11b/0x170
[  429.268772][T14930]  ___sys_sendmsg+0x135/0x1e0
[  429.270012][T14930]  ? __pfx____sys_sendmsg+0x10/0x10
[  429.271428][T14930]  ? __pfx_lock_release+0x10/0x10
[  429.272731][T14930]  ? trace_lock_acquire+0x14e/0x1f0
[  429.274102][T14930]  ? __fget_files+0x206/0x3a0
[  429.275328][T14930]  __sys_sendmsg+0x16e/0x220
[  429.276527][T14930]  ? __pfx___sys_sendmsg+0x10/0x10
[  429.277879][T14930]  __do_fast_syscall_32+0x73/0x120
[  429.279205][T14930]  do_fast_syscall_32+0x32/0x80
[  429.280463][T14930]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  429.282094][T14930] RIP: 0023:0xf7fb1579
[  429.283245][T14930] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  429.288357][T14930] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  429.290514][T14930] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  429.292638][T14930] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  429.294724][T14930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  429.296759][T14930] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  429.298754][T14930] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  429.300783][T14930]  </TASK>
[  429.301661][    C0] vkms_vblank_simulate: vblank timer overrun
[  429.377326][T14933] netlink: 'syz.2.2509': attribute type 13 has an invalid length.
[  429.379431][T14933] macvtap0: entered promiscuous mode
[  429.381647][T14933] macvtap0: refused to change device tx_queue_len
[  429.433804][T14935] input: syz1 as /devices/virtual/input/input30
[  429.667503][T14952] netlink: 7520 bytes leftover after parsing attributes in process `syz.2.2512'.
[  430.042952][T14957] FAULT_INJECTION: forcing a failure.
[  430.042952][T14957] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  430.046618][T14957] CPU: 0 UID: 0 PID: 14957 Comm: syz.1.2514 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  430.049395][T14957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.052027][T14957] Call Trace:
[  430.052925][T14957]  <TASK>
[  430.053704][T14957]  dump_stack_lvl+0x16c/0x1f0
[  430.054905][T14957]  should_fail_ex+0x497/0x5b0
[  430.056041][T14957]  _copy_from_user+0x2e/0xd0
[  430.057248][T14957]  alg_setsockopt+0x46d/0xf50
[  430.058484][T14957]  ? __pfx_alg_setsockopt+0x10/0x10
[  430.059845][T14957]  ? __pfx_alg_setsockopt+0x10/0x10
[  430.061192][T14957]  do_sock_setsockopt+0x222/0x480
[  430.062506][T14957]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  430.063952][T14957]  ? lock_acquire+0x2f/0xb0
[  430.065116][T14957]  __sys_setsockopt+0x1a0/0x230
[  430.066394][T14957]  __ia32_sys_setsockopt+0xbc/0x160
[  430.067736][T14957]  ? lockdep_hardirqs_on+0x7c/0x110
[  430.069088][T14957]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  430.070807][T14957]  __do_fast_syscall_32+0x73/0x120
[  430.072139][T14957]  do_fast_syscall_32+0x32/0x80
[  430.073411][T14957]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  430.075039][T14957] RIP: 0023:0xf7f88579
[  430.076100][T14957] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  430.078429][T14964] input: syz1 as /devices/virtual/input/input31
[  430.081041][T14957] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  430.085418][T14957] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000117
[  430.087431][T14957] RDX: 0000000000000001 RSI: 0000000020c18000 RDI: 0000000000000010
[  430.089488][T14957] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  430.091555][T14957] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  430.093603][T14957] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  430.095654][T14957]  </TASK>
[  430.096578][    C0] vkms_vblank_simulate: vblank timer overrun
[  430.194949][T14983] FAULT_INJECTION: forcing a failure.
[  430.194949][T14983] name failslab, interval 1, probability 0, space 0, times 0
[  430.199000][T14983] CPU: 0 UID: 0 PID: 14983 Comm: syz.1.2519 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  430.202502][T14983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.205258][T14983] Call Trace:
[  430.206151][T14983]  <TASK>
[  430.206926][T14983]  dump_stack_lvl+0x16c/0x1f0
[  430.208181][T14983]  should_fail_ex+0x497/0x5b0
[  430.209440][T14983]  ? fs_reclaim_acquire+0xae/0x150
[  430.210778][T14983]  should_failslab+0xc2/0x120
[  430.212092][T14983]  __kmalloc_cache_noprof+0x68/0x420
[  430.213500][T14983]  ? lock_acquire+0x2f/0xb0
[  430.214691][T14983]  ? sctp_has_association+0x44/0x270
[  430.216071][T14983]  sctp_association_new+0x97/0x28b0
[  430.217442][T14983]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  430.218992][T14983]  sctp_connect_new_asoc+0x1b7/0x790
[  430.220371][T14983]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  430.221939][T14983]  ? lock_acquire+0x2f/0xb0
[  430.223135][T14983]  ? sctp_endpoint_lookup_assoc+0xac/0x2a0
[  430.224870][T14983]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  430.226367][T14983]  sctp_sendmsg+0x162a/0x1f10
[  430.227598][T14983]  ? __pfx___lock_acquire+0x10/0x10
[  430.228971][T14983]  ? __pfx_sctp_sendmsg+0x10/0x10
[  430.230324][T14983]  ? __pfx_aa_sk_perm+0x10/0x10
[  430.231664][T14983]  ? __pfx_sctp_sendmsg+0x10/0x10
[  430.232961][T14983]  inet_sendmsg+0x119/0x140
[  430.234165][T14983]  __sys_sendto+0x42a/0x4f0
[  430.235354][T14983]  ? __pfx___sys_sendto+0x10/0x10
[  430.236710][T14983]  ? ksys_write+0x1ba/0x250
[  430.237980][T14983]  ? __pfx_ksys_write+0x10/0x10
[  430.239321][T14983]  __ia32_sys_sendto+0xdd/0x1b0
[  430.240707][T14983]  ? lockdep_hardirqs_on+0x7c/0x110
[  430.242142][T14983]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  430.243842][T14983]  __do_fast_syscall_32+0x73/0x120
[  430.245167][T14983]  do_fast_syscall_32+0x32/0x80
[  430.246447][T14983]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  430.248085][T14983] RIP: 0023:0xf7f88579
[  430.249167][T14983] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  430.254039][T14983] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  430.256177][T14983] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  430.258089][T14983] RDX: 0000000000000001 RSI: 00000000040408c4 RDI: 0000000020000100
[  430.260092][T14983] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  430.262320][T14983] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  430.264414][T14983] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  430.266451][T14983]  </TASK>
[  430.267377][    C0] vkms_vblank_simulate: vblank timer overrun
[  430.327560][T14992] FAULT_INJECTION: forcing a failure.
[  430.327560][T14992] name failslab, interval 1, probability 0, space 0, times 0
[  430.331757][T14992] CPU: 3 UID: 0 PID: 14992 Comm: syz.1.2522 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  430.334787][T14992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.337590][T14992] Call Trace:
[  430.338524][T14992]  <TASK>
[  430.339305][T14992]  dump_stack_lvl+0x16c/0x1f0
[  430.340465][T14992]  should_fail_ex+0x497/0x5b0
[  430.341688][T14992]  ? rcu_is_watching+0x12/0xc0
[  430.342934][T14992]  should_failslab+0xc2/0x120
[  430.344639][T14992]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  430.346551][T14992]  ? lock_acquire+0x2f/0xb0
[  430.347989][T14992]  ? sctp_get_port_local+0x57a/0x1650
[  430.349955][T14992]  ? sctp_get_port_local+0xba4/0x1650
[  430.351889][T14992]  sctp_get_port_local+0xba4/0x1650
[  430.353278][T14992]  ? __pfx_sctp_get_port_local+0x10/0x10
[  430.354731][T14992]  ? lock_acquire+0x2f/0xb0
[  430.355907][T14992]  ? sctp_bind_addr_match+0x43/0x300
[  430.357279][T14992]  ? sctp_bind_addr_match+0x19d/0x300
[  430.358749][T14992]  sctp_do_bind+0x223/0x700
[  430.359928][T14992]  ? __pfx_sctp_bind+0x10/0x10
[  430.361167][T14992]  sctp_bind+0xa4/0x110
[  430.362258][T14992]  inet6_bind_sk+0xdb/0x230
[  430.363424][T14992]  ? __pfx_inet6_bind_sk+0x10/0x10
[  430.364738][T14992]  __sys_bind+0x213/0x260
[  430.365872][T14992]  ? __pfx___sys_bind+0x10/0x10
[  430.367143][T14992]  ? __fget_files+0x206/0x3a0
[  430.368552][T14992]  ? __pfx_ksys_write+0x10/0x10
[  430.370306][T14992]  __ia32_sys_bind+0x71/0xb0
[  430.371994][T14992]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  430.374075][T14992]  __do_fast_syscall_32+0x73/0x120
[  430.375410][T14992]  do_fast_syscall_32+0x32/0x80
[  430.376684][T14992]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  430.378418][T14992] RIP: 0023:0xf7f88579
[  430.379475][T14992] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  430.384475][T14992] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000169
[  430.386634][T14992] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000140
[  430.388726][T14992] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  430.390860][T14992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  430.392927][T14992] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  430.394958][T14992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  430.396986][T14992]  </TASK>
[  431.254868][T15014] support for the xor transformation has been removed.
[  431.408380][T15027] input: syz1 as /devices/virtual/input/input32
[  431.915987][T15049] support for the xor transformation has been removed.
[  432.332571][ T5988] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[  432.504211][ T5988] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  432.507797][ T5988] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  432.511151][ T5988] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  432.520996][ T5988] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  432.524316][ T5988] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.529862][ T5988] usb 9-1: config 0 descriptor??
[  432.942107][ T5988] plantronics 0003:047F:FFFF.001E: No inputs registered, leaving
[  432.946594][ T5988] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  433.202870][T15053] FAULT_INJECTION: forcing a failure.
[  433.202870][T15053] name failslab, interval 1, probability 0, space 0, times 0
[  433.207110][T15053] CPU: 3 UID: 0 PID: 15053 Comm: syz.4.2534 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  433.210857][T15053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.214504][T15053] Call Trace:
[  433.215648][T15053]  <TASK>
[  433.216655][T15053]  dump_stack_lvl+0x16c/0x1f0
[  433.218180][T15053]  should_fail_ex+0x497/0x5b0
[  433.219383][T15053]  ? fs_reclaim_acquire+0xae/0x150
[  433.220831][T15053]  should_failslab+0xc2/0x120
[  433.222151][T15053]  __kmalloc_noprof+0xce/0x4f0
[  433.223434][T15053]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  433.224888][T15053]  ? tomoyo_realpath_from_path+0xbf/0x710
[  433.226374][T15053]  tomoyo_realpath_from_path+0xbf/0x710
[  433.227797][T15053]  ? tomoyo_path_number_perm+0x235/0x5b0
[  433.229262][T15053]  tomoyo_path_number_perm+0x248/0x5b0
[  433.230688][T15053]  ? tomoyo_path_number_perm+0x235/0x5b0
[  433.232149][T15053]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  433.233719][T15053]  ? __pfx_lock_release+0x10/0x10
[  433.235015][T15053]  ? trace_lock_acquire+0x14e/0x1f0
[  433.236373][T15053]  ? lock_acquire+0x2f/0xb0
[  433.237562][T15053]  ? __fget_files+0x40/0x3a0
[  433.238778][T15053]  ? __fget_files+0x206/0x3a0
[  433.239995][T15053]  security_file_ioctl_compat+0x9b/0x240
[  433.241454][T15053]  __do_compat_sys_ioctl+0x4e/0x2c0
[  433.242832][T15053]  __do_fast_syscall_32+0x73/0x120
[  433.244181][T15053]  do_fast_syscall_32+0x32/0x80
[  433.245458][T15053]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  433.247089][T15053] RIP: 0023:0xf7fa1579
[  433.248168][T15053] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  433.253112][T15053] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  433.255207][T15053] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080044801
[  433.257228][T15053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  433.259202][T15053] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  433.261230][T15053] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  433.263277][T15053] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.265334][T15053]  </TASK>
[  433.269958][T15053] ERROR: Out of memory at tomoyo_realpath_from_path.
[  433.272327][ T5978] usb 9-1: USB disconnect, device number 31
[  433.722700][    T8] usb 7-1: new high-speed USB device number 60 using dummy_hcd
[  433.875065][    T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  433.881384][    T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  433.885594][    T8] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  433.892115][    T8] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  433.893184][T15072] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  433.895639][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.905716][    T8] usb 7-1: config 0 descriptor??
[  434.111252][   T39] audit: type=1326 audit(1734222875.468:41224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.118449][   T39] audit: type=1326 audit(1734222875.468:41225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.127555][   T39] audit: type=1326 audit(1734222875.478:41226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.133221][   T39] audit: type=1326 audit(1734222875.478:41227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.138680][   T39] audit: type=1326 audit(1734222875.478:41228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.139077][T15079] netlink: 'syz.3.2543': attribute type 1 has an invalid length.
[  434.146382][   T39] audit: type=1326 audit(1734222875.478:41229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=279 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.151907][   T39] audit: type=1326 audit(1734222875.478:41230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.157615][   T39] audit: type=1326 audit(1734222875.478:41231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.163162][   T39] audit: type=1326 audit(1734222875.478:41232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=280 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.168650][   T39] audit: type=1326 audit(1734222875.478:41233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.2.2539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  434.237100][T15082] input: syz1 as /devices/virtual/input/input33
[  434.415226][    T8] plantronics 0003:047F:FFFF.001F: No inputs registered, leaving
[  434.423605][    T8] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  434.716172][ T5978] usb 7-1: USB disconnect, device number 60
[  435.188934][T15115] netlink: 7520 bytes leftover after parsing attributes in process `syz.3.2547'.
[  435.309380][T15117] input: syz1 as /devices/virtual/input/input34
[  435.480905][T15139] input: syz1 as /devices/virtual/input/input35
[  435.565309][T15149] netlink: 7520 bytes leftover after parsing attributes in process `syz.4.2561'.
[  435.623563][   T25] usb 7-1: new high-speed USB device number 61 using dummy_hcd
[  435.734193][T15155] input: syz1 as /devices/virtual/input/input36
[  435.793799][   T25] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  435.797930][   T25] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  435.802715][   T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  435.804757][   T25] usb 7-1: SerialNumber: syz
[  436.224772][T15174] FAULT_INJECTION: forcing a failure.
[  436.224772][T15174] name failslab, interval 1, probability 0, space 0, times 0
[  436.228358][T15174] CPU: 3 UID: 0 PID: 15174 Comm: syz.4.2559 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  436.231688][T15174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  436.234372][T15174] Call Trace:
[  436.235224][T15174]  <TASK>
[  436.235976][T15174]  dump_stack_lvl+0x16c/0x1f0
[  436.237171][T15174]  should_fail_ex+0x497/0x5b0
[  436.238357][T15174]  ? fs_reclaim_acquire+0xae/0x150
[  436.239890][T15174]  should_failslab+0xc2/0x120
[  436.241473][T15174]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  436.243357][T15174]  ? __alloc_skb+0x2b3/0x380
[  436.244656][T15174]  __alloc_skb+0x2b3/0x380
[  436.246158][T15174]  ? __pfx___alloc_skb+0x10/0x10
[  436.247811][T15174]  ? lock_acquire+0x2f/0xb0
[  436.249264][T15174]  netlink_alloc_large_skb+0x69/0x130
[  436.250686][T15174]  netlink_sendmsg+0x689/0xd70
[  436.251900][T15174]  ? __pfx_netlink_sendmsg+0x10/0x10
[  436.253210][T15174]  ____sys_sendmsg+0x9ae/0xb40
[  436.254760][T15174]  ? __pfx_____sys_sendmsg+0x10/0x10
[  436.256447][T15174]  ? get_compat_msghdr+0x11b/0x170
[  436.258016][T15174]  ___sys_sendmsg+0x135/0x1e0
[  436.259513][T15174]  ? __pfx____sys_sendmsg+0x10/0x10
[  436.260882][T15174]  ? __pfx_lock_release+0x10/0x10
[  436.262222][T15174]  ? trace_lock_acquire+0x14e/0x1f0
[  436.263662][T15174]  ? __fget_files+0x206/0x3a0
[  436.264952][T15174]  __sys_sendmsg+0x16e/0x220
[  436.266221][T15174]  ? __pfx___sys_sendmsg+0x10/0x10
[  436.267599][T15174]  __do_fast_syscall_32+0x73/0x120
[  436.268994][T15174]  do_fast_syscall_32+0x32/0x80
[  436.270271][T15174]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  436.271973][T15174] RIP: 0023:0xf7fa1579
[  436.273081][T15174] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  436.279765][T15174] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  436.282598][T15174] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0
[  436.285259][T15174] RDX: 00000000040c0080 RSI: 0000000000000000 RDI: 0000000000000000
[  436.287926][T15174] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  436.290001][T15174] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  436.292052][T15174] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  436.294109][T15174]  </TASK>
[  436.294987][    C3] vkms_vblank_simulate: vblank timer overrun
[  436.422779][   T25] cdc_ether 7-1:1.0 eth6: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42
[  436.675233][T15194] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2565'.
[  436.818143][T14251] usb 7-1: USB disconnect, device number 61
[  436.822853][T14251] cdc_ether 7-1:1.0 eth6: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device
[  437.230209][T15213] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2567'.
[  437.264967][T15213] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2567'.
[  437.325637][T15219] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2567'.
[  437.343730][T15221] fuse: Unknown parameter 'rootmo†e'
[  437.582269][T15225] netlink: 'syz.2.2568': attribute type 10 has an invalid length.
[  437.590605][T15225] team0: Device ipvlan1 failed to register rx_handler
[  437.595452][T15188] Set syz1 is full, maxelem 65536 reached
[  437.640671][T15249] loop7: detected capacity change from 0 to 16384
[  437.832606][T15250] loop7: detected capacity change from 16384 to 16383
[  437.844185][T15248] blk_print_req_error: 7 callbacks suppressed
[  437.844196][T15248] I/O error, dev loop7, sector 10752 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  437.848048][T15248] buffer_io_error: 7 callbacks suppressed
[  437.848055][T15248] Buffer I/O error on dev loop7, logical block 1344, lost async page write
[  437.851674][T15248] Buffer I/O error on dev loop7, logical block 1345, lost async page write
[  437.853924][T15248] Buffer I/O error on dev loop7, logical block 1346, lost async page write
[  437.856009][T15248] Buffer I/O error on dev loop7, logical block 1347, lost async page write
[  437.858052][T15248] Buffer I/O error on dev loop7, logical block 1348, lost async page write
[  437.860346][T15248] Buffer I/O error on dev loop7, logical block 1349, lost async page write
[  437.862812][T15248] Buffer I/O error on dev loop7, logical block 1350, lost async page write
[  437.864948][T15248] Buffer I/O error on dev loop7, logical block 1351, lost async page write
[  437.867161][T15248] Buffer I/O error on dev loop7, logical block 1352, lost async page write
[  437.869320][T15248] Buffer I/O error on dev loop7, logical block 1353, lost async page write
[  437.874996][T15248] I/O error, dev loop7, sector 11776 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  437.880900][T15248] I/O error, dev loop7, sector 12800 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  437.887072][T15248] I/O error, dev loop7, sector 13824 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  437.893581][T15248] I/O error, dev loop7, sector 14848 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  437.898877][T15248] I/O error, dev loop7, sector 15872 op 0x1:(WRITE) flags 0x800 phys_seg 64 prio class 0
[  438.193537][T15259] input: syz1 as /devices/virtual/input/input37
[  438.322999][ T5956] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  439.256351][T15287] netlink: 'syz.4.2579': attribute type 1 has an invalid length.
[  439.313662][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[  440.338767][T15314] loop7: detected capacity change from 0 to 16384
[  440.592858][T15317] loop7: detected capacity change from 16384 to 16383
[  440.596740][T15314] I/O error, dev loop7, sector 14720 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0
[  440.600656][T15314] I/O error, dev loop7, sector 14976 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0
[  440.604958][T15314] I/O error, dev loop7, sector 14720 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.728735][T15313] I/O error, dev loop7, sector 7680 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  440.885277][T15322] input: syz1 as /devices/virtual/input/input38
[  440.938911][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2591'.
[  440.938963][T15328] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2591'.
[  440.941739][T15329] bridge_slave_1: left allmulticast mode
[  440.947802][T15329] bridge_slave_1: left promiscuous mode
[  440.953138][T15329] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.957742][T15329] bridge_slave_0: left allmulticast mode
[  440.959241][T15329] bridge_slave_0: left promiscuous mode
[  440.960767][T15329] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.167793][T15342] FAULT_INJECTION: forcing a failure.
[  441.167793][T15342] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  441.172046][T15342] CPU: 2 UID: 0 PID: 15342 Comm: syz.4.2593 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  441.175901][T15342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  441.179389][T15342] Call Trace:
[  441.180293][T15342]  <TASK>
[  441.181172][T15342]  dump_stack_lvl+0x16c/0x1f0
[  441.182904][T15342]  should_fail_ex+0x497/0x5b0
[  441.184647][T15342]  _copy_from_iter+0x29b/0x1400
[  441.186101][T15342]  ? __pfx__copy_from_iter+0x10/0x10
[  441.187472][T15342]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  441.189040][T15342]  ? tun_build_skb.constprop.0+0x1b8/0x1120
[  441.190611][T15342]  ? __pfx_lock_release+0x10/0x10
[  441.192122][T15342]  ? trace_lock_acquire+0x14e/0x1f0
[  441.193488][T15342]  copy_page_from_iter+0xa5/0x120
[  441.194793][T15342]  tun_build_skb.constprop.0+0x294/0x1120
[  441.196212][T15342]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  441.197740][T15342]  ? __pfx___lock_acquire+0x10/0x10
[  441.199085][T15342]  ? __lock_acquire+0xcc5/0x3c40
[  441.200393][T15342]  tun_get_user+0x870/0x3e30
[  441.201924][T15342]  ? find_held_lock+0x2d/0x110
[  441.203701][T15342]  ? __pfx_tun_get_user+0x10/0x10
[  441.205516][T15342]  ? find_held_lock+0x2d/0x110
[  441.206757][T15342]  ? __pfx_lock_release+0x10/0x10
[  441.208066][T15342]  tun_chr_write_iter+0xdc/0x210
[  441.209370][T15342]  vfs_write+0x5ae/0x1150
[  441.210558][T15342]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  441.212030][T15342]  ? __pfx_vfs_write+0x10/0x10
[  441.213342][T15342]  ? __fget_files+0x40/0x3a0
[  441.214550][T15342]  ksys_write+0x12b/0x250
[  441.215680][T15342]  ? __pfx_ksys_write+0x10/0x10
[  441.216950][T15342]  __do_fast_syscall_32+0x73/0x120
[  441.218290][T15342]  do_fast_syscall_32+0x32/0x80
[  441.219573][T15342]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  441.221434][T15342] RIP: 0023:0xf7fa1579
[  441.222913][T15342] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  441.228878][T15342] RSP: 002b:00000000f50d5520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  441.231106][T15342] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000000
[  441.233150][T15342] RDX: 0000000000000046 RSI: 00000000f7433ff4 RDI: 0000000000000000
[  441.235271][T15342] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  441.237302][T15342] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  441.239323][T15342] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  441.241636][T15342]  </TASK>
[  441.607480][T15354] usb usb8: usbfs: process 15354 (syz.4.2596) did not claim interface 1 before use
[  441.654255][T15356] support for the xor transformation has been removed.
[  441.802467][ T5956] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  442.627244][T15365] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2600'.
[  443.564533][T15385] input: syz1 as /devices/virtual/input/input39
[  445.062596][ T1459] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  445.352631][ T1459] usb 6-1: Using ep0 maxpacket: 8
[  445.356212][ T1459] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  445.359454][ T1459] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  445.362258][ T1459] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  445.365457][ T1459] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  445.368220][ T1459] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  445.371701][ T1459] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  445.374642][ T1459] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.380222][ T1459] usbtmc 6-1:16.0: probe with driver usbtmc failed with error -22
[  445.987315][T15414] binder: 15400:15414 ioctl ae01 0 returned -22
[  446.215794][T15420] netlink: 'syz.4.2617': attribute type 1 has an invalid length.
[  446.689163][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  446.702743][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  446.705955][ T5950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  446.708462][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  446.711549][ T5950] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  446.713682][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  446.729669][T15429] gretap0 speed is unknown, defaulting to 1000
[  446.762172][ T6080] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.766430][ T6080] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  446.816671][ T6080] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.819199][ T6080] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  446.824625][T15429] chnl_net:caif_netlink_parms(): no params data found
[  446.893779][ T6080] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.896324][ T6080] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  446.900539][T15429] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.902545][T15429] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.904433][T15429] bridge_slave_0: entered allmulticast mode
[  446.906484][T15429] bridge_slave_0: entered promiscuous mode
[  446.909529][T15429] bridge0: port 2(bridge_slave_1) entered blocking state
[  446.911456][T15429] bridge0: port 2(bridge_slave_1) entered disabled state
[  446.913574][T15429] bridge_slave_1: entered allmulticast mode
[  446.916114][T15429] bridge_slave_1: entered promiscuous mode
[  446.939146][ T6080] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.941870][ T6080] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  446.948483][T15429] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  446.952958][T15429] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.972946][T15429] team0: Port device team_slave_0 added
[  446.975643][T15429] team0: Port device team_slave_1 added
[  446.995336][T15429] batman_adv: batadv0: Adding interface: batadv_slave_0
[  446.997172][T15429] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  447.006683][T15429] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  447.016742][T15429] batman_adv: batadv0: Adding interface: batadv_slave_1
[  447.018627][T15429] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  447.025698][T15429] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  447.081281][T15429] hsr_slave_0: entered promiscuous mode
[  447.083732][T15429] hsr_slave_1: entered promiscuous mode
[  447.085606][T15429] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  447.087588][T15429] Cannot create hsr debugfs directory
[  447.089865][ T6080] bridge_slave_1: left allmulticast mode
[  447.091840][ T6080] bridge_slave_1: left promiscuous mode
[  447.093936][ T6080] bridge0: port 2(bridge_slave_1) entered disabled state
[  447.097342][ T6080] bridge_slave_0: left allmulticast mode
[  447.098942][ T6080] bridge0: port 1(bridge_slave_0) entered disabled state
[  447.515175][ T6080] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  447.519282][ T6080] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  447.524096][ T6080] bond0 (unregistering): Released all slaves
[  447.531665][ T6080] bond1 (unregistering): Released all slaves
[  447.634645][ T6080] : left promiscuous mode
[  447.824520][   T57] usb 6-1: USB disconnect, device number 24
[  447.856581][T15459] netlink: 'syz.1.2624': attribute type 32 has an invalid length.
[  447.858745][T15459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2624'.
[  447.861029][T15459] netlink: 'syz.1.2624': attribute type 32 has an invalid length.
[  447.880926][T15459] input: syz1 as /devices/virtual/input/input40
[  448.058901][ T6080] hsr_slave_0: left promiscuous mode
[  448.060872][ T6080] hsr_slave_1: left promiscuous mode
[  448.063063][ T6080] batman_adv: batadv0: Removing interface: team0
[  448.065293][ T6080] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  448.067408][ T6080] batman_adv: batadv0: Removing interface: batadv_slave_0
[  448.222082][ T6080] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  448.225161][ T6080] batman_adv: batadv0: Removing interface: batadv_slave_1
[  448.276473][ T6080] veth1_macvtap: left promiscuous mode
[  448.278471][ T6080] veth0_macvtap: left promiscuous mode
[  448.280185][ T6080] veth1_vlan: left promiscuous mode
[  448.283955][ T6080] veth0_vlan: left promiscuous mode
[  448.752840][ T5950] Bluetooth: hci0: command tx timeout
[  449.074435][ T6080] team0 (unregistering): Port device team_slave_1 removed
[  449.169830][ T6080] team0 (unregistering): Port device team_slave_0 removed
[  450.019566][T15429] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  450.025656][T15429] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  450.033596][T15429] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  450.039303][T15429] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  450.080473][T15429] 8021q: adding VLAN 0 to HW filter on device bond0
[  450.090686][T15429] 8021q: adding VLAN 0 to HW filter on device team0
[  450.095315][ T6086] bridge0: port 1(bridge_slave_0) entered blocking state
[  450.097276][ T6086] bridge0: port 1(bridge_slave_0) entered forwarding state
[  450.131525][ T1135] bridge0: port 2(bridge_slave_1) entered blocking state
[  450.133484][ T1135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  450.161847][T15429] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  450.276083][T15429] 8021q: adding VLAN 0 to HW filter on device batadv0
[  450.307371][T15429] veth0_vlan: entered promiscuous mode
[  450.313394][T15429] veth1_vlan: entered promiscuous mode
[  450.328983][T15429] veth0_macvtap: entered promiscuous mode
[  450.333589][T15429] veth1_macvtap: entered promiscuous mode
[  450.339223][T15429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.342850][T15429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.345353][T15429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.347941][T15429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.350393][T15429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.355262][T15429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.358222][T15429] batman_adv: batadv0: Interface activated: batadv_slave_0
[  450.362770][T15429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.365571][T15429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.368096][T15429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.371272][T15429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.376523][T15429] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.380284][T15429] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.384440][T15429] batman_adv: batadv0: Interface activated: batadv_slave_1
[  450.390042][T15429] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.394475][T15429] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.397763][T15429] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  450.400861][T15429] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  450.497865][ T6086] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.500669][ T6086] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.522245][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.525145][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.842603][ T5950] Bluetooth: hci0: command tx timeout
[  451.925341][T15556] input: syz1 as /devices/virtual/input/input41
[  452.912587][ T5950] Bluetooth: hci0: command tx timeout
[  453.191269][T15571] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[  453.198123][T15571] PKCS7: Only support pkcs7_signedData type
[  453.808211][T15606] FAULT_INJECTION: forcing a failure.
[  453.808211][T15606] name failslab, interval 1, probability 0, space 0, times 0
[  453.813553][T15606] CPU: 0 UID: 0 PID: 15606 Comm: syz.3.2642 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  453.816580][T15606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  453.819346][T15606] Call Trace:
[  453.820205][T15606]  <TASK>
[  453.820970][T15606]  dump_stack_lvl+0x16c/0x1f0
[  453.822206][T15606]  should_fail_ex+0x497/0x5b0
[  453.824161][T15606]  ? fs_reclaim_acquire+0xae/0x150
[  453.826521][T15606]  should_failslab+0xc2/0x120
[  453.827680][T15606]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  453.829087][T15606]  ? vm_area_dup+0x53/0x300
[  453.830520][T15606]  vm_area_dup+0x53/0x300
[  453.832110][T15606]  __split_vma+0x181/0x1210
[  453.833515][T15606]  ? __pfx___split_vma+0x10/0x10
[  453.834797][T15606]  ? hlock_class+0x4e/0x130
[  453.836013][T15606]  vms_gather_munmap_vmas+0x38b/0x1730
[  453.837428][T15606]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  453.838940][T15606]  ? mas_walk+0x6a6/0x910
[  453.840114][T15606]  __mmap_region+0x31d/0x2670
[  453.841335][T15606]  ? __pfx___mmap_region+0x10/0x10
[  453.842649][T15606]  ? hlock_class+0x4e/0x130
[  453.843830][T15606]  ? mark_lock+0xb5/0xc60
[  453.844954][T15606]  ? process_measurement+0x1e8/0x2370
[  453.846371][T15606]  ? __pfx___lock_acquire+0x10/0x10
[  453.847728][T15606]  ? __pfx_process_measurement+0x10/0x10
[  453.849192][T15606]  ? cap_mmap_addr+0x53/0x320
[  453.850641][T15606]  mmap_region+0x127/0x320
[  453.852295][T15606]  do_mmap+0xc00/0xfc0
[  453.853604][T15606]  vm_mmap_pgoff+0x1ba/0x360
[  453.854802][T15606]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  453.856172][T15606]  ? __fget_files+0x206/0x3a0
[  453.857403][T15606]  ksys_mmap_pgoff+0x32c/0x5c0
[  453.858636][T15606]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  453.860057][T15606]  __do_fast_syscall_32+0x73/0x120
[  453.861410][T15606]  do_fast_syscall_32+0x32/0x80
[  453.862665][T15606]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  453.864307][T15606] RIP: 0023:0xf7f12579
[  453.865376][T15606] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  453.870429][T15606] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  453.873335][T15606] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000
[  453.875357][T15606] RDX: 0000000000000006 RSI: 0000000000000012 RDI: 0000000000000004
[  453.877408][T15606] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  453.879423][T15606] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  453.881611][T15606] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  453.883669][T15606]  </TASK>
[  453.884511][    C0] vkms_vblank_simulate: vblank timer overrun
[  454.992538][ T5950] Bluetooth: hci0: command tx timeout
[  455.003860][T15625] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2644'.
[  455.680644][T15644] block nbd2: shutting down sockets
[  455.877924][T15649] input: syz1 as /devices/virtual/input/input42
[  455.986157][T15669] FAULT_INJECTION: forcing a failure.
[  455.986157][T15669] name failslab, interval 1, probability 0, space 0, times 0
[  455.990126][T15669] CPU: 3 UID: 0 PID: 15669 Comm: syz.3.2654 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  455.992981][T15669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  455.995776][T15669] Call Trace:
[  455.996659][T15669]  <TASK>
[  455.997446][T15669]  dump_stack_lvl+0x16c/0x1f0
[  455.998688][T15669]  should_fail_ex+0x497/0x5b0
[  455.999924][T15669]  ? fs_reclaim_acquire+0xae/0x150
[  456.001268][T15669]  should_failslab+0xc2/0x120
[  456.002505][T15669]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  456.004042][T15669]  ? __alloc_skb+0x2b3/0x380
[  456.005268][T15669]  __alloc_skb+0x2b3/0x380
[  456.006439][T15669]  ? __pfx___alloc_skb+0x10/0x10
[  456.007736][T15669]  ? lock_acquire+0x2f/0xb0
[  456.008975][T15669]  netlink_alloc_large_skb+0x69/0x130
[  456.010393][T15669]  netlink_sendmsg+0x689/0xd70
[  456.011694][T15669]  ? __pfx_netlink_sendmsg+0x10/0x10
[  456.013129][T15669]  ____sys_sendmsg+0x9ae/0xb40
[  456.014394][T15669]  ? __pfx_____sys_sendmsg+0x10/0x10
[  456.015769][T15669]  ? get_compat_msghdr+0x11b/0x170
[  456.017126][T15669]  ___sys_sendmsg+0x135/0x1e0
[  456.018362][T15669]  ? __pfx____sys_sendmsg+0x10/0x10
[  456.019723][T15669]  ? __pfx_lock_release+0x10/0x10
[  456.021072][T15669]  ? trace_lock_acquire+0x14e/0x1f0
[  456.022458][T15669]  ? __fget_files+0x206/0x3a0
[  456.023710][T15669]  __sys_sendmsg+0x16e/0x220
[  456.024923][T15669]  ? __pfx___sys_sendmsg+0x10/0x10
[  456.026288][T15669]  __do_fast_syscall_32+0x73/0x120
[  456.027646][T15669]  do_fast_syscall_32+0x32/0x80
[  456.029040][T15669]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  456.030717][T15669] RIP: 0023:0xf7f12579
[  456.031783][T15669] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  456.036859][T15669] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  456.039019][T15669] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  456.041067][T15669] RDX: 000000003aa711f2 RSI: 0000000000000000 RDI: 0000000000000000
[  456.043230][T15669] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  456.045429][T15669] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  456.047475][T15669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  456.049526][T15669]  </TASK>
[  456.320161][T15677] netlink: 'syz.1.2657': attribute type 10 has an invalid length.
[  456.322853][T15677] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.324820][T15677] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.329973][T15677] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.331868][T15677] bridge0: port 2(bridge_slave_1) entered forwarding state
[  456.333852][T15677] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.335620][T15677] bridge0: port 1(bridge_slave_0) entered forwarding state
[  456.341478][T15677] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  456.359232][T15677] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2657'.
[  456.361640][T15677] bridge_slave_1: left allmulticast mode
[  456.366428][T15677] bridge_slave_1: left promiscuous mode
[  456.368138][T15677] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.371880][T15677] bridge_slave_0: left allmulticast mode
[  456.384815][T15677] bridge_slave_0: left promiscuous mode
[  456.388409][T15677] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.406567][T15677] bond0: (slave bridge0): Releasing backup interface
[  456.903581][T15686] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2659'.
[  456.906417][T15684] netlink: 'syz.4.2658': attribute type 10 has an invalid length.
[  456.938415][T15684] team0: Device ipvlan1 failed to register rx_handler
[  457.734211][T15686] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  457.737019][T15686] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  457.740954][T15686] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  457.744103][T15686] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  457.747435][T15686] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  457.751495][T15686] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  457.754509][T15686] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  457.756030][T15686] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  457.758705][T15686] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  457.769558][T15686] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  457.771067][T15686] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  457.773770][T15686] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  457.985503][T15706] delete_channel: no stack
[  458.012100][T15711] FAULT_INJECTION: forcing a failure.
[  458.012100][T15711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  458.018997][T15711] CPU: 2 UID: 0 PID: 15711 Comm: syz.2.2668 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  458.021801][T15711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  458.024445][T15711] Call Trace:
[  458.025340][T15711]  <TASK>
[  458.026120][T15711]  dump_stack_lvl+0x16c/0x1f0
[  458.027359][T15711]  should_fail_ex+0x497/0x5b0
[  458.028599][T15711]  _copy_from_iter+0x29b/0x1400
[  458.029963][T15711]  ? aa_file_perm+0x4d5/0xfe0
[  458.031194][T15711]  ? __pfx__copy_from_iter+0x10/0x10
[  458.032570][T15711]  ? find_held_lock+0x2d/0x110
[  458.033871][T15711]  ? __pfx_aa_file_perm+0x10/0x10
[  458.035189][T15711]  ? hlock_class+0x4e/0x130
[  458.036380][T15711]  ? iov_iter_advance+0x7d/0x6c0
[  458.037666][T15711]  ? __lock_acquire+0xcc5/0x3c40
[  458.038970][T15711]  vhost_chr_write_iter+0x1bc/0x1080
[  458.040342][T15711]  ? __pfx_vhost_chr_write_iter+0x10/0x10
[  458.041889][T15711]  ? bpf_lsm_file_permission+0x9/0x10
[  458.043297][T15711]  ? security_file_permission+0x71/0x210
[  458.044735][T15711]  vfs_write+0x5ae/0x1150
[  458.045802][T15711]  ? __pfx_vhost_net_chr_write_iter+0x10/0x10
[  458.047278][T15711]  ? __pfx_vfs_write+0x10/0x10
[  458.048511][T15711]  ? __fget_files+0x40/0x3a0
[  458.049740][T15711]  ksys_write+0x12b/0x250
[  458.050870][T15711]  ? __pfx_ksys_write+0x10/0x10
[  458.052166][T15711]  __do_fast_syscall_32+0x73/0x120
[  458.053514][T15711]  do_fast_syscall_32+0x32/0x80
[  458.054790][T15711]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  458.056433][T15711] RIP: 0023:0xf7f4f579
[  458.057509][T15711] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  458.062522][T15711] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  458.064706][T15711] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200003c0
[  458.066757][T15711] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  458.068798][T15711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  458.070845][T15711] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  458.072913][T15711] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  458.074967][T15711]  </TASK>
[  458.185749][ T5950] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  459.162621][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  459.292638][    C0] vkms_vblank_simulate: vblank timer overrun
[  459.684128][T15746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2678'.
[  459.795207][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  459.799686][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  459.802955][ T5950] Bluetooth: hci4: command 0x0c1a tx timeout
[  460.102188][T15758] FAULT_INJECTION: forcing a failure.
[  460.102188][T15758] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  460.105673][T15758] CPU: 3 UID: 0 PID: 15758 Comm: syz.3.2685 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  460.108442][T15758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  460.111219][T15758] Call Trace:
[  460.112097][T15758]  <TASK>
[  460.112912][T15758]  dump_stack_lvl+0x16c/0x1f0
[  460.114151][T15758]  should_fail_ex+0x497/0x5b0
[  460.115357][T15758]  _copy_to_user+0x32/0xd0
[  460.116495][T15758]  simple_read_from_buffer+0xd0/0x160
[  460.117901][T15758]  proc_fail_nth_read+0x198/0x270
[  460.119200][T15758]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  460.120546][T15758]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  460.121884][T15758]  vfs_read+0x1df/0xbe0
[  460.122966][T15758]  ? __fget_files+0x1fc/0x3a0
[  460.124204][T15758]  ? __pfx___mutex_lock+0x10/0x10
[  460.125480][T15758]  ? __pfx_vfs_read+0x10/0x10
[  460.126707][T15758]  ? __fget_files+0x206/0x3a0
[  460.127929][T15758]  ksys_read+0x12b/0x250
[  460.129029][T15758]  ? __pfx_ksys_read+0x10/0x10
[  460.130284][T15758]  __do_fast_syscall_32+0x73/0x120
[  460.131618][T15758]  do_fast_syscall_32+0x32/0x80
[  460.132894][T15758]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  460.134528][T15758] RIP: 0023:0xf7f12579
[  460.135585][T15758] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  460.140484][T15758] RSP: 002b:00000000f5066590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  460.142630][T15758] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5066620
[  460.144614][T15758] RDX: 000000000000000f RSI: 00000000f73a3ff4 RDI: 0000000000000000
[  460.146638][T15758] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  460.148726][T15758] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  460.150739][T15758] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  460.152722][T15758]  </TASK>
[  460.434853][T15772] block nbd4: NBD_DISCONNECT
[  460.441129][T15772] block nbd4: Disconnected due to user request.
[  460.444918][T15772] block nbd4: shutting down sockets
[  460.569176][T15793] input: syz1 as /devices/virtual/input/input44
[  460.667185][T15798] FAULT_INJECTION: forcing a failure.
[  460.667185][T15798] name failslab, interval 1, probability 0, space 0, times 0
[  460.670583][T15798] CPU: 3 UID: 0 PID: 15798 Comm: syz.2.2698 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  460.673400][T15798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  460.676249][T15798] Call Trace:
[  460.677249][T15798]  <TASK>
[  460.678058][T15798]  dump_stack_lvl+0x16c/0x1f0
[  460.679233][T15798]  should_fail_ex+0x497/0x5b0
[  460.680356][T15798]  ? fs_reclaim_acquire+0xae/0x150
[  460.681675][T15798]  should_failslab+0xc2/0x120
[  460.682880][T15798]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  460.684375][T15798]  ? __alloc_skb+0x2b3/0x380
[  460.685601][T15798]  __alloc_skb+0x2b3/0x380
[  460.686764][T15798]  ? __pfx___alloc_skb+0x10/0x10
[  460.688043][T15798]  ? lock_acquire+0x2f/0xb0
[  460.689234][T15798]  netlink_alloc_large_skb+0x69/0x130
[  460.690621][T15798]  netlink_sendmsg+0x689/0xd70
[  460.691881][T15798]  ? __pfx_netlink_sendmsg+0x10/0x10
[  460.693266][T15798]  ____sys_sendmsg+0x9ae/0xb40
[  460.694514][T15798]  ? __pfx_____sys_sendmsg+0x10/0x10
[  460.695879][T15798]  ? get_compat_msghdr+0x11b/0x170
[  460.697221][T15798]  ___sys_sendmsg+0x135/0x1e0
[  460.698453][T15798]  ? __pfx____sys_sendmsg+0x10/0x10
[  460.699806][T15798]  ? __pfx_lock_release+0x10/0x10
[  460.701124][T15798]  ? trace_lock_acquire+0x14e/0x1f0
[  460.702490][T15798]  ? __fget_files+0x206/0x3a0
[  460.703971][T15798]  __sys_sendmsg+0x16e/0x220
[  460.705209][T15798]  ? __pfx___sys_sendmsg+0x10/0x10
[  460.706535][T15798]  __do_fast_syscall_32+0x73/0x120
[  460.707865][T15798]  do_fast_syscall_32+0x32/0x80
[  460.709124][T15798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  460.710743][T15798] RIP: 0023:0xf7f4f579
[  460.711816][T15798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  460.716697][T15798] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  460.718841][T15798] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180
[  460.720860][T15798] RDX: 0000000020000004 RSI: 0000000000000000 RDI: 0000000000000000
[  460.722946][T15798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  460.724993][T15798] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  460.727032][T15798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  460.729061][T15798]  </TASK>
[  461.232576][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout
[  461.716112][T15821] input: syz1 as /devices/virtual/input/input46
[  461.885674][ T5956] Bluetooth: hci4: command 0x0c1a tx timeout
[  461.885829][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  461.887388][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout
[  461.905046][T15836] FAULT_INJECTION: forcing a failure.
[  461.905046][T15836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  461.909218][T15836] CPU: 2 UID: 0 PID: 15836 Comm: syz.4.2711 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  461.911952][T15836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  461.914710][T15836] Call Trace:
[  461.915585][T15836]  <TASK>
[  461.916361][T15836]  dump_stack_lvl+0x16c/0x1f0
[  461.917606][T15836]  should_fail_ex+0x497/0x5b0
[  461.918833][T15836]  _copy_to_iter+0x29b/0x1400
[  461.920055][T15836]  ? trace_lock_acquire+0x14e/0x1f0
[  461.921415][T15836]  ? __pfx__copy_to_iter+0x10/0x10
[  461.922747][T15836]  ? __virt_addr_valid+0x1a4/0x590
[  461.924096][T15836]  ? __virt_addr_valid+0x5e/0x590
[  461.925418][T15836]  ? __phys_addr_symbol+0x30/0x80
[  461.926726][T15836]  ? __check_object_size+0x488/0x710
[  461.928091][T15836]  seq_read_iter+0xd00/0x12b0
[  461.929327][T15836]  proc_reg_read_iter+0x21d/0x310
[  461.930635][T15836]  vfs_read+0x87f/0xbe0
[  461.931722][T15836]  ? __pfx_vfs_read+0x10/0x10
[  461.932951][T15836]  ksys_read+0x12b/0x250
[  461.934074][T15836]  ? __pfx_ksys_read+0x10/0x10
[  461.935326][T15836]  __do_fast_syscall_32+0x73/0x120
[  461.936643][T15836]  do_fast_syscall_32+0x32/0x80
[  461.937873][T15836]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  461.939497][T15836] RIP: 0023:0xf7fa1579
[  461.940562][T15836] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  461.945542][T15836] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  461.947659][T15836] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001580
[  461.949705][T15836] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  461.951782][T15836] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  461.953829][T15836] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  461.955896][T15836] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  461.957940][T15836]  </TASK>
[  462.212782][T15842] input: syz1 as /devices/virtual/input/input47
[  462.756094][T15849] input: syz1 as /devices/virtual/input/input48
[  462.878987][T15854] 9pnet_fd: Insufficient options for proto=fd
[  462.883269][T15852] input: syz1 as /devices/virtual/input/input49
[  463.200826][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  463.261454][T15873] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2717'.
[  463.314913][T15431] Bluetooth: hci2: command 0x0c1a tx timeout
[  463.952535][T15431] Bluetooth: hci0: command 0x0c1a tx timeout
[  463.952554][T15835] Bluetooth: hci3: command 0x0c1a tx timeout
[  463.954594][T15431] Bluetooth: hci4: command 0x0c1a tx timeout
[  464.166299][T15885] input: syz1 as /devices/virtual/input/input50
[  464.188312][T15889] syzkaller0: entered promiscuous mode
[  464.189858][T15889] syzkaller0: entered allmulticast mode
[  464.260694][T15889] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2725'.
[  465.720711][T15912] netlink: 'syz.3.2732': attribute type 27 has an invalid length.
[  465.841391][T15912] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  465.945183][T15912] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  466.396047][T15926] netfs: Couldn't get user pages (rc=-14)
[  466.424672][T15926] 9pnet_virtio: no channels available for device syz
[  466.474834][T15912] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  466.477550][T15912] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  466.480652][T15912] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  466.485461][T15912] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  466.610433][T15928] input: syz1 as /devices/virtual/input/input51
[  467.548256][T15962] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  468.113386][T15973] input: syz1 as /devices/virtual/input/input53
[  468.171046][T15980] FAULT_INJECTION: forcing a failure.
[  468.171046][T15980] name failslab, interval 1, probability 0, space 0, times 0
[  468.178833][T15980] CPU: 2 UID: 0 PID: 15980 Comm: syz.1.2749 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  468.181621][T15980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  468.185234][T15980] Call Trace:
[  468.186365][T15980]  <TASK>
[  468.187223][T15980]  dump_stack_lvl+0x16c/0x1f0
[  468.188771][T15980]  should_fail_ex+0x497/0x5b0
[  468.190343][T15980]  ? fs_reclaim_acquire+0xae/0x150
[  468.191992][T15980]  should_failslab+0xc2/0x120
[  468.193567][T15980]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  468.195260][T15980]  ? __alloc_skb+0x2b3/0x380
[  468.196839][T15980]  __alloc_skb+0x2b3/0x380
[  468.198355][T15980]  ? __pfx___alloc_skb+0x10/0x10
[  468.200036][T15980]  ? lock_acquire+0x2f/0xb0
[  468.201609][T15980]  netlink_alloc_large_skb+0x69/0x130
[  468.203431][T15980]  netlink_sendmsg+0x689/0xd70
[  468.205066][T15980]  ? __pfx_netlink_sendmsg+0x10/0x10
[  468.206905][T15980]  ____sys_sendmsg+0x9ae/0xb40
[  468.208522][T15980]  ? __pfx_____sys_sendmsg+0x10/0x10
[  468.210043][T15980]  ? get_compat_msghdr+0x11b/0x170
[  468.211423][T15980]  ___sys_sendmsg+0x135/0x1e0
[  468.212728][T15980]  ? __pfx____sys_sendmsg+0x10/0x10
[  468.214540][T15980]  ? __pfx_lock_release+0x10/0x10
[  468.216266][T15980]  ? trace_lock_acquire+0x14e/0x1f0
[  468.218058][T15980]  ? __fget_files+0x206/0x3a0
[  468.219670][T15980]  __sys_sendmsg+0x16e/0x220
[  468.220900][T15980]  ? __pfx___sys_sendmsg+0x10/0x10
[  468.222676][T15980]  __do_fast_syscall_32+0x73/0x120
[  468.224402][T15980]  do_fast_syscall_32+0x32/0x80
[  468.225828][T15980]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  468.227469][T15980] RIP: 0023:0xf7f88579
[  468.228539][T15980] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  468.233553][T15980] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  468.235712][T15980] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000780
[  468.237770][T15980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  468.239812][T15980] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  468.241858][T15980] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  468.243909][T15980] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  468.245965][T15980]  </TASK>
[  468.293901][T14251] kernel write not supported for file /uhid (pid: 14251 comm: kworker/2:3)
[  468.526792][T15988] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2751'.
[  468.529492][T15988] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2751'.
[  468.534261][T15988] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2751'.
[  468.641738][T15994] input: syz1 as /devices/virtual/input/input55
[  468.925509][T16008] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2759'.
[  469.091695][T16014] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  469.106227][T16014] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  469.881128][T16035] RDS: rds_bind could not find a transport for fe88::5, load rds_tcp or rds_rdma?
[  469.883509][T16029] input: syz1 as /devices/virtual/input/input56
[  469.925141][T16042] input: syz1 as /devices/virtual/input/input57
[  469.928768][T16048] pimreg: entered allmulticast mode
[  469.937632][T16046] pimreg: entered allmulticast mode
[  469.939520][T16048] pimreg: left allmulticast mode
[  469.954874][T16046] pimreg: left allmulticast mode
[  470.749857][T16076] FAULT_INJECTION: forcing a failure.
[  470.749857][T16076] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  470.754283][T16076] CPU: 2 UID: 0 PID: 16076 Comm: syz.3.2773 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  470.757036][T16076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  470.759785][T16076] Call Trace:
[  470.760664][T16076]  <TASK>
[  470.761456][T16076]  dump_stack_lvl+0x16c/0x1f0
[  470.762680][T16076]  should_fail_ex+0x497/0x5b0
[  470.763919][T16076]  _copy_to_user+0x32/0xd0
[  470.765088][T16076]  simple_read_from_buffer+0xd0/0x160
[  470.766475][T16076]  proc_fail_nth_read+0x198/0x270
[  470.767797][T16076]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  470.769244][T16076]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  470.770677][T16076]  vfs_read+0x1df/0xbe0
[  470.771774][T16076]  ? __fget_files+0x1fc/0x3a0
[  470.773002][T16076]  ? __pfx___mutex_lock+0x10/0x10
[  470.774304][T16076]  ? __pfx_vfs_read+0x10/0x10
[  470.775527][T16076]  ? __fget_files+0x206/0x3a0
[  470.776751][T16076]  ksys_read+0x12b/0x250
[  470.777872][T16076]  ? __pfx_ksys_read+0x10/0x10
[  470.779118][T16076]  __do_fast_syscall_32+0x73/0x120
[  470.780439][T16076]  do_fast_syscall_32+0x32/0x80
[  470.781719][T16076]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  470.783346][T16076] RIP: 0023:0xf7f12579
[  470.784424][T16076] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  470.789395][T16076] RSP: 002b:00000000f5066590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  470.791569][T16076] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5066620
[  470.793607][T16076] RDX: 000000000000000f RSI: 00000000f73a3ff4 RDI: 0000000000000000
[  470.795642][T16076] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  470.797689][T16076] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  470.799718][T16076] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  470.801779][T16076]  </TASK>
[  471.492530][T16092] input: syz1 as /devices/virtual/input/input58
[  471.869655][T16111] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2781'.
[  471.893039][T16118] FAULT_INJECTION: forcing a failure.
[  471.893039][T16118] name failslab, interval 1, probability 0, space 0, times 0
[  471.896324][T16118] CPU: 3 UID: 0 PID: 16118 Comm: syz.4.2783 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  471.899115][T16118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  471.902040][T16118] Call Trace:
[  471.902931][T16118]  <TASK>
[  471.903727][T16118]  dump_stack_lvl+0x16c/0x1f0
[  471.904980][T16118]  should_fail_ex+0x497/0x5b0
[  471.906224][T16118]  ? fs_reclaim_acquire+0xae/0x150
[  471.907570][T16118]  should_failslab+0xc2/0x120
[  471.908814][T16118]  __kmalloc_noprof+0xce/0x4f0
[  471.910097][T16118]  ? tomoyo_encode2+0x100/0x3e0
[  471.911389][T16118]  tomoyo_encode2+0x100/0x3e0
[  471.912747][T16118]  tomoyo_realpath_from_path+0x1a7/0x710
[  471.914215][T16118]  ? tomoyo_path_number_perm+0x235/0x5b0
[  471.915736][T16118]  tomoyo_path_number_perm+0x248/0x5b0
[  471.917336][T16118]  ? tomoyo_path_number_perm+0x235/0x5b0
[  471.919332][T16118]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  471.921512][T16118]  ? __pfx_lock_release+0x10/0x10
[  471.923300][T16118]  ? trace_lock_acquire+0x14e/0x1f0
[  471.925217][T16118]  ? lock_acquire+0x2f/0xb0
[  471.926789][T16118]  ? __fget_files+0x40/0x3a0
[  471.928446][T16118]  ? __fget_files+0x206/0x3a0
[  471.930152][T16118]  security_file_ioctl_compat+0x9b/0x240
[  471.932143][T16118]  __do_compat_sys_ioctl+0x4e/0x2c0
[  471.934011][T16118]  __do_fast_syscall_32+0x73/0x120
[  471.935836][T16118]  do_fast_syscall_32+0x32/0x80
[  471.937597][T16118]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  471.939502][T16118] RIP: 0023:0xf7fa1579
[  471.940954][T16118] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  471.947777][T16118] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  471.950723][T16118] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80
[  471.953320][T16118] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  471.956107][T16118] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  471.958941][T16118] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  471.961838][T16118] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  471.964696][T16118]  </TASK>
[  471.976452][T16118] ERROR: Out of memory at tomoyo_realpath_from_path.
[  472.122571][ T5986] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  472.199348][T16128] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  472.282544][ T5986] usb 6-1: Using ep0 maxpacket: 16
[  472.293689][ T5986] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  472.296287][ T5986] usb 6-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  472.298690][ T5986] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.305016][ T5986] usb 6-1: config 0 descriptor??
[  472.313484][ T5986] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  473.234717][T16115] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  473.240441][T16115] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  474.031712][T16155] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2792'.
[  474.210188][T16161] gretap0 speed is unknown, defaulting to 1000
[  474.245760][T16165] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  474.256101][T16168] ebtables: wrong size: *len 80, entries_size 48, replsz 48
[  474.591507][T16178] FAULT_INJECTION: forcing a failure.
[  474.591507][T16178] name failslab, interval 1, probability 0, space 0, times 0
[  474.596098][T16178] CPU: 2 UID: 0 PID: 16178 Comm: syz.3.2799 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  474.599047][T16178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  474.602301][T16178] Call Trace:
[  474.603287][T16178]  <TASK>
[  474.604082][T16178]  dump_stack_lvl+0x16c/0x1f0
[  474.605399][T16178]  should_fail_ex+0x497/0x5b0
[  474.606634][T16178]  ? fs_reclaim_acquire+0xae/0x150
[  474.607972][T16178]  should_failslab+0xc2/0x120
[  474.609216][T16178]  __kmalloc_noprof+0xce/0x4f0
[  474.610469][T16178]  ? d_absolute_path+0x137/0x1b0
[  474.611735][T16178]  ? tomoyo_encode2+0x100/0x3e0
[  474.613069][T16178]  tomoyo_encode2+0x100/0x3e0
[  474.614331][T16178]  tomoyo_realpath_from_path+0x1a7/0x710
[  474.616086][T16178]  tomoyo_path_number_perm+0x248/0x5b0
[  474.617566][T16178]  ? tomoyo_path_number_perm+0x235/0x5b0
[  474.619064][T16178]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  474.620768][T16178]  ? __pfx_lock_release+0x10/0x10
[  474.622127][T16178]  ? trace_lock_acquire+0x14e/0x1f0
[  474.623530][T16178]  ? __pfx___schedule+0x10/0x10
[  474.624802][T16178]  ? lock_acquire+0x2f/0xb0
[  474.626039][T16178]  ? __fget_files+0x40/0x3a0
[  474.627248][T16178]  ? __fget_files+0x206/0x3a0
[  474.628480][T16178]  security_file_ioctl_compat+0x9b/0x240
[  474.629951][T16178]  __do_compat_sys_ioctl+0x4e/0x2c0
[  474.631389][T16178]  __do_fast_syscall_32+0x73/0x120
[  474.632752][T16178]  do_fast_syscall_32+0x32/0x80
[  474.634121][T16178]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  474.635648][T16178] RIP: 0023:0xf7f12579
[  474.636634][T16178] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  474.641619][T16178] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  474.643832][T16178] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000004b72
[  474.645898][T16178] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000
[  474.647956][T16178] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  474.650060][T16178] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  474.652134][T16178] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  474.654225][T16178]  </TASK>
[  474.656026][T16178] ERROR: Out of memory at tomoyo_realpath_from_path.
[  474.799098][ T1459] usb 6-1: USB disconnect, device number 25
[  474.845521][T16182] dccp_close: ABORT with 1 bytes unread
[  475.871353][T16204] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2808'.
[  475.873933][T16204] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2808'.
[  475.876196][T16204] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2808'.
[  475.878487][T16204] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2808'.
[  475.972631][T16217] FAULT_INJECTION: forcing a failure.
[  475.972631][T16217] name failslab, interval 1, probability 0, space 0, times 0
[  475.992270][T16217] CPU: 1 UID: 0 PID: 16217 Comm: syz.1.2811 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  475.996050][T16217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  475.999130][T16217] Call Trace:
[  475.999994][T16217]  <TASK>
[  476.000760][T16217]  dump_stack_lvl+0x16c/0x1f0
[  476.002047][T16217]  should_fail_ex+0x497/0x5b0
[  476.003261][T16217]  ? fs_reclaim_acquire+0xae/0x150
[  476.004982][T16217]  should_failslab+0xc2/0x120
[  476.006233][T16217]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  476.007749][T16217]  ? __alloc_skb+0x2b3/0x380
[  476.008969][T16217]  __alloc_skb+0x2b3/0x380
[  476.010137][T16217]  ? __pfx___alloc_skb+0x10/0x10
[  476.011442][T16217]  ? lock_acquire+0x2f/0xb0
[  476.012635][T16217]  netlink_alloc_large_skb+0x69/0x130
[  476.014106][T16217]  netlink_sendmsg+0x689/0xd70
[  476.015328][T16217]  ? __pfx_netlink_sendmsg+0x10/0x10
[  476.016688][T16217]  ____sys_sendmsg+0x9ae/0xb40
[  476.017943][T16217]  ? __pfx_____sys_sendmsg+0x10/0x10
[  476.019273][T16217]  ? get_compat_msghdr+0x11b/0x170
[  476.020608][T16217]  ___sys_sendmsg+0x135/0x1e0
[  476.022072][T16217]  ? __pfx____sys_sendmsg+0x10/0x10
[  476.023976][T16217]  ? __pfx_lock_release+0x10/0x10
[  476.025818][T16217]  ? trace_lock_acquire+0x14e/0x1f0
[  476.027323][T16217]  ? __fget_files+0x206/0x3a0
[  476.028537][T16217]  __sys_sendmsg+0x16e/0x220
[  476.029741][T16217]  ? __pfx___sys_sendmsg+0x10/0x10
[  476.031084][T16217]  __do_fast_syscall_32+0x73/0x120
[  476.032430][T16217]  do_fast_syscall_32+0x32/0x80
[  476.033737][T16217]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  476.035362][T16217] RIP: 0023:0xf7f88579
[  476.036404][T16217] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  476.041107][T16217] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  476.043240][T16217] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  476.045398][T16217] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  476.047430][T16217] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  476.049616][T16217] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  476.051531][T16217] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  476.053561][T16217]  </TASK>
[  476.094864][    C1] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  476.098985][    C1] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[  476.102853][    C1] CPU: 1 UID: 0 PID: 29 Comm: ksoftirqd/1 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  476.106268][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  476.109042][    C1] RIP: 0010:put_page+0x21/0x280
[  476.110311][    C1] Code: 90 90 90 90 90 90 90 90 90 41 54 55 53 48 89 fb e8 d4 eb a2 f8 48 8d 7b 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 20 02 00 00 4c 8b 63 08 31 ff 4c 89 e5 83 e5 01
[  476.115605][    C1] RSP: 0018:ffffc900005772d8 EFLAGS: 00010202
[  476.117187][    C1] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff88f7d9c8
[  476.119222][    C1] RDX: 0000000000000001 RSI: ffffffff88f6521c RDI: 0000000000000008
[  476.121307][    C1] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  476.123352][    C1] R10: 0000000000000000 R11: 0000000000000003 R12: ffff88807484d180
[  476.125436][    C1] R13: ffff8880251b4740 R14: ffff8880251b4770 R15: 0000000000000007
[  476.127462][    C1] FS:  0000000000000000(0000) GS:ffff88802b500000(0000) knlGS:0000000000000000
[  476.129746][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  476.131466][    C1] CR2: 000000000c381b1b CR3: 000000006c100000 CR4: 0000000000352ef0
[  476.133523][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  476.135592][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  476.137595][    C1] Call Trace:
[  476.138469][    C1]  <TASK>
[  476.139238][    C1]  ? die_addr+0x3b/0xa0
[  476.140317][    C1]  ? exc_general_protection+0x155/0x230
[  476.141767][    C1]  ? asm_exc_general_protection+0x26/0x30
[  476.143231][    C1]  ? skb_release_data+0x4b8/0x730
[  476.144596][    C1]  ? put_page+0xc/0x280
[  476.145690][    C1]  ? put_page+0x21/0x280
[  476.146793][    C1]  ? put_page+0xc/0x280
[  476.147868][    C1]  skb_release_data+0x4d7/0x730
[  476.149140][    C1]  __kfree_skb+0x4f/0x70
[  476.150277][    C1]  tcp_ack+0x1eb7/0x5ba0
[  476.151405][    C1]  ? __pfx_tcp_ack+0x10/0x10
[  476.152600][    C1]  ? tcp_validate_incoming+0x662/0x1d00
[  476.154073][    C1]  ? read_tsc+0x9/0x20
[  476.155135][    C1]  tcp_rcv_state_process+0xdd4/0x4c40
[  476.156502][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  476.157853][    C1]  ? sk_filter_trim_cap+0x50b/0xb90
[  476.159199][    C1]  ? __pfx_lock_release+0x10/0x10
[  476.160498][    C1]  ? __pfx_tcp_rcv_state_process+0x10/0x10
[  476.162032][    C1]  ? lock_acquire.part.0+0x11b/0x380
[  476.163417][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  476.164882][    C1]  ? rcu_is_watching+0x12/0xc0
[  476.166127][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  476.167373][    C1]  ? tcp_v4_do_rcv+0x1ad/0xa90
[  476.168459][    C1]  tcp_v4_do_rcv+0x1ad/0xa90
[  476.169663][    C1]  tcp_v4_rcv+0x33b4/0x43a0
[  476.170862][    C1]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  476.172115][    C1]  ? __pfx_raw_local_deliver+0x10/0x10
[  476.173565][    C1]  ? rcu_is_watching+0x12/0xc0
[  476.174887][    C1]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  476.176136][    C1]  ip_protocol_deliver_rcu+0xba/0x4c0
[  476.177522][    C1]  ip_local_deliver_finish+0x316/0x570
[  476.178922][    C1]  ip_local_deliver+0x18e/0x1f0
[  476.180180][    C1]  ? __pfx_ip_local_deliver+0x10/0x10
[  476.181615][    C1]  ip_rcv+0x2c3/0x5d0
[  476.182654][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  476.183865][    C1]  __netif_receive_skb_one_core+0x199/0x1e0
[  476.185394][    C1]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  476.187035][    C1]  ? rcu_is_watching+0x12/0xc0
[  476.188271][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  476.189652][    C1]  ? process_backlog+0x3f1/0x15f0
[  476.190988][    C1]  ? process_backlog+0x3f1/0x15f0
[  476.192283][    C1]  __netif_receive_skb+0x1d/0x160
[  476.193593][    C1]  process_backlog+0x443/0x15f0
[  476.194910][    C1]  __napi_poll.constprop.0+0xb7/0x550
[  476.196282][    C1]  net_rx_action+0xa94/0x1010
[  476.197509][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  476.198839][    C1]  ? __switch_to+0x749/0x1190
[  476.200058][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  476.201427][    C1]  ? sched_clock+0x38/0x60
[  476.202589][    C1]  ? sched_clock_cpu+0x6d/0x4d0
[  476.203911][    C1]  handle_softirqs+0x213/0x8f0
[  476.205172][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  476.206533][    C1]  ? rcu_is_watching+0x12/0xc0
[  476.207788][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  476.209126][    C1]  ? smpboot_thread_fn+0x59d/0xa30
[  476.210379][    C1]  run_ksoftirqd+0x3a/0x60
[  476.211525][    C1]  smpboot_thread_fn+0x661/0xa30
[  476.212802][    C1]  ? __kthread_parkme+0x148/0x220
[  476.214126][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  476.215493][    C1]  kthread+0x2c1/0x3a0
[  476.216462][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  476.217745][    C1]  ? __pfx_kthread+0x10/0x10
[  476.218891][    C1]  ret_from_fork+0x45/0x80
[  476.220012][    C1]  ? __pfx_kthread+0x10/0x10
[  476.221158][    C1]  ret_from_fork_asm+0x1a/0x30
[  476.222322][    C1]  </TASK>
[  476.223075][    C1] Modules linked in:
[  476.224226][    C1] ---[ end trace 0000000000000000 ]---
[  476.225659][    C1] RIP: 0010:put_page+0x21/0x280
[  476.226882][    C1] Code: 90 90 90 90 90 90 90 90 90 41 54 55 53 48 89 fb e8 d4 eb a2 f8 48 8d 7b 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 20 02 00 00 4c 8b 63 08 31 ff 4c 89 e5 83 e5 01
[  476.231659][    C1] RSP: 0018:ffffc900005772d8 EFLAGS: 00010202
[  476.233223][    C1] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff88f7d9c8
[  476.235256][    C1] RDX: 0000000000000001 RSI: ffffffff88f6521c RDI: 0000000000000008
[  476.237250][    C1] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  476.239221][    C1] R10: 0000000000000000 R11: 0000000000000003 R12: ffff88807484d180
[  476.241178][    C1] R13: ffff8880251b4740 R14: ffff8880251b4770 R15: 0000000000000007
[  476.243182][    C1] FS:  0000000000000000(0000) GS:ffff88802b500000(0000) knlGS:0000000000000000
[  476.245433][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  476.247016][    C1] CR2: 000000000c381b1b CR3: 000000006c100000 CR4: 0000000000352ef0
[  476.248952][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  476.250838][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  476.252755][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  476.255162][    C1] Kernel Offset: disabled
[  476.256255][    C1] Rebooting in 86400 seconds..

VM DIAGNOSIS:
00:35:17  Registers:
info registers vcpu 0

CPU#0
RAX=000000000162d90f RBX=0000000000000000 RCX=ffffffff8b1a17a9 RDX=0000000000000000
RSI=ffffffff8b4cd180 RDI=ffffffff8bb15780 RBP=fffffbfff1b52ef8 RSP=ffffffff8da07e20
R8 =0000000000000001 R9 =ffffed1005686fed R10=ffff88802b437f6b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8da977c0 R14=ffffffff901cc6d0 R15=0000000000000000
RIP=ffffffff8b1a2b8f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f741a5f8 CR3=000000006c100000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85142435 RDI=ffffffff9a665300 RBP=ffffffff9a6652c0 RSP=ffffc90000576cb0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b
R12=0000000000000000 R13=0000000000000030 R14=ffffffff851423d0 R15=0000000000000000
RIP=ffffffff8514245f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c381b1b CR3=000000006c100000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000000 RBX=1ffff92004818f8f RCX=ffffffff815f078d RDX=0000000000000000
RSI=0000000000000035 RDI=ffffffff8b4ba6a0 RBP=0000000000000000 RSP=ffffc900240c7c68
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=000000000007fffc
R12=ffffffff8b4ba6a0 R13=0000000000000035 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff8167b828 RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0003 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000208ed000 CR3=000000005e554000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000b535fc RBX=0000000000000003 RCX=ffffffff8b1a17a9 RDX=ffffed10056e6fee
RSI=ffffffff8bb15700 RDI=ffffffff81701db9 RBP=ffffed10039df488 RSP=ffffc9000049fdd8
R8 =0000000000000000 R9 =ffffed10056e6fed R10=ffff88802b737f6b R11=0000000000000001
R12=0000000000000003 R13=ffff88801cefa440 R14=ffffffff901cc6d0 R15=0000000000000000
RIP=ffffffff8b201550 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020bd4000 CR3=000000004a4dc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000