last executing test programs:

9.20076593s ago: executing program 2 (id=2245):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9, 0x0, 0x31835003, 0xffff, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x20}}, 0x50)
read$FUSE(r0, &(0x7f0000004580)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r2}, 0x10)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup3(r3, r0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1cd042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x6, 0x13, r4, 0x0) (fail_nth: 6)

9.044330529s ago: executing program 2 (id=2246):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r2 = openat$nmem0(0xffffff9c, &(0x7f0000000000), 0x9080, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x24044801}, 0x20010814)
prctl$PR_MCE_KILL(0x35, 0x1, 0x8)
prctl$PR_SET_IO_FLUSHER(0x34, 0x1)
close(r0)
syz_open_dev$sndpcmc(&(0x7f0000000240), 0x6, 0x12b040)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000100)={{{@in6=@initdev, @in=@remote}}, {{@in6=@mcast1}, 0x0, @in6=@mcast2}}, &(0x7f0000000040)=0xe4)

8.853598275s ago: executing program 2 (id=2248):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x40)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file0/file0'}}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500), &(0x7f00000006c0), 0x3}, 0x38)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280))
r3 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x1, 0x288}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000000))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r3, 0x3516, 0x0, 0x4, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r7, {0xffff, 0xfff2}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x20, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x1c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1a6f}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

8.314705987s ago: executing program 1 (id=2249):
syz_open_dev$tty1(0xc, 0x4, 0x4)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x4e20, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}]}, &(0x7f0000000440)=0x10)
r1 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000004c0)='j\x95\'\x8aC\x16\xca\\', &(0x7f0000000c40)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000140)='{:\'@-\x00', &(0x7f0000000180)='%*.\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000003c0)='\x00', &(0x7f0000000400)='(!\xef(.(\\-]\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000200)='^](*\r\\!\x00', &(0x7f0000000500)='{:\'@-\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000b80)='\xe0\"\xef\xb1\xea\xe6\x9c\xe6\xc8M\xdb\x86\xb3\x8b\xbe\xd5\xbdB\x92\xa0\x19-+a\x13qQ\xd5f39hSr\xafbB\xe2\xe8\xcd\x1bf\x18\x7f\xf27E#\"\xab\x99\xec\x88\x8d\xd8C\x0f\x95\xff\xfeG\xf9t\xb1 \xcc\xc5\xbb\x88\xb6\xd2\xf2Jwq\xf8oG<v\xb8\x18\x80\xe1Kf\xf8R\xdd\x06\xe8\xfbl\v\xb0\xdd\x05\x05\xd8\xdb\xfd`\xf9\xf8\x915\b\x8c\xad\xc8\x9d=\xfeN\x8b\x1eR\x1e\xf8\x9dn\x19H\xd2aE\xa0\x06\xb0Yv\xf9^\x8c\x8f\xc3\xa5\x985\x85U\x8cZ/\'\xbd\xe2\xdc\xe3\xb9\x8e$Z\xef\xa8\xe5(Mt\xd3\xd9\xf6X\x1a\x9b\t$N\xd0U\xe2z\xeb\x01\x80!0\xe8\xc3\xce\xf8\x03\xde\x92s\xf9', &(0x7f0000000ac0)='fuseblk\x00M\x13k\x92#\x05z)\xe0c\\35\xdf%\xa3\xac!zoO\xf8\xcex\xb3\f\xad@\x853o\x0f0\x1a\xc0\"\xf7\x11Z\x01\xc1\xd9\x9fbJ7\xd1\xad\xe1\xed\x87\xae\x11-s\xb4\xbd\x1e\x9a\xd7\xc1crt\x88%\x92\x8fL\x8d\xb3-\xb60O \xc5\xd1q\xcc\x97\xe0\xe8\xb0\n\v\xa9V\xfa\xeb\x1e|M\x98W\x81\xa2@{_\xba^\xa2\x82k\x10G\xfc\xd4\x99Pl\xfa\xe8\x7f\xc9 h\xd0\xfd\x04\x95\x8c\xb1\xe7', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000a40)='^,/\x00', &(0x7f0000000a80)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='\x1c@\\\x00', &(0x7f00000002c0)='\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000300)='(\xed\xef(.(\\-]\x00', &(0x7f0000000340)="0f", 0x1)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
splice(r2, 0x0, r3, 0x0, 0x9aa7, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000080)={0x0, 0x0, 0xf, 0x0, 0x7})
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='(\xed\xef(.(\\-]\x00', &(0x7f00000000c0)='f\xf0p\xce\x97\xbb\xd2dH\xdf\xbd\x18\x9baE\xef\x90\x90\x057g\x85\xf4\xf0\xba\xb0\xb1\x06\xa6q\xef\x03H\xda\"`\xd6', 0x0)

8.314510024s ago: executing program 1 (id=2250):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d00000000000057"], 0x0, 0x34}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1a, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x1, 0x288}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000000)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r5, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
process_vm_writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000000300)=""/189, 0xbd}, {&(0x7f00000000c0)=""/15, 0xf}], 0x3, &(0x7f0000000480)=[{&(0x7f0000001900)=""/4096, 0x1000}, {&(0x7f0000000580)=""/149, 0x95}, {&(0x7f0000002900)=""/4096, 0x1000}], 0x3, 0x0)
io_uring_enter(r6, 0x3516, 0x0, 0x4, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
shutdown(r4, 0x0)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000000906010200000000000000000500000205000100070000002c0007800c00148008000140e00000020c0001800800014064010100060004404e20000005000700880000000900020073797a31"], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4800)

6.647660441s ago: executing program 1 (id=2255):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x10, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x4}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0xc, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x15)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0x5, 0x3, 0x5cc7, 0x8}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0xb, @loopback={0x400000004000300}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc6010f201000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r3, 0x0)
pipe2(&(0x7f0000000040), 0x0)
sendfile(r3, r3, 0x0, 0x40008)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

5.083074737s ago: executing program 1 (id=2264):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file0/file0'}}]})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000380)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500), &(0x7f00000006c0), 0x3}, 0x38)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x1, 0x288}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000000)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r3, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r4, 0x3516, 0x0, 0x4, 0x0, 0x0)

4.059193591s ago: executing program 3 (id=2266):
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x2000)
ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0xc2f7b)
r1 = syz_open_dev$vcsu(&(0x7f0000000040), 0x830, 0x488800)
readlinkat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/119, 0x77)
writev(0xffffffffffffffff, &(0x7f00000014c0)=[{&(0x7f0000000140)="af3008ee2cd937b6b704d6bbe377a43a7edeaa0348e435815740c19f4f4f6cfc1106f51e36a928ea4c5d209b442aff9231e6cf71a87f954c5811235a2c89c5e18feebd80c715c8b2e1232c56471a2d503e64a69fcbde6fb9bd69fa94cbe6dac8c7251a2c55dbc684708e31c7f76a4a29fd12833d954b33155bfec76365fd64f50c8d3f0f2d3f441d3454656d0b90e33c0dafc7ed4b0b708e27f4a0c77205163308bee3887b59aeb7a93b1c2af48a2b21ea4ebcf9bb5a3dcd80638f362b9cf9d5a76329b3acbd248abd4aba83052627ad0b789bfd2410555c5a76cb9c89066c42e6b8", 0xe2}, {&(0x7f0000000240)="0247e795cf93122b88fd6b76f3e51b914b7e1bdd763bdbafc49b7ee9bb2c3af1308ef1162d234b1da34957eb9c95dca6d50269c234e6e52eca05cd1a3d17f00870aa05f60634fb50b09aadfa8507a0851e367e4f6dd54c70714002a53c331d62a555e13944c4313a0b64b95d607e9bc8fb1a0e422c716fc908e37a5976845a45bbf9ffbd2f0e6b7cd556f059682e83364a506e05c861027121e4a748813ebdcc7a2b7ced76b25828", 0xa8}, {&(0x7f0000000300)="9863831ccec29997c5b8a7a9f16c3a0568b7a791eb55b97715c979e98f81738f398e923fea67c57c3df220f7ccf26f38a78f1967e029282994f83207cdc111dc99df3ecdc31ed5e3c1bed628b85be85b4ea371fae54b4c1dc8c2eb09d05f151d839b50990f5a71540613aec9fa848a3c85c24e61f7e5fc639ccaeb0ba037d7a9011785e69e9d741743462b5ab0134ad5725914a82b1014ed2d1879ff40c91ace74127765e6ffb64c331318b0ed4b5dcf7ee002935bb80a34f117c1bd2524a86b63f6b4b9fdab8984901e1579f9ceee13e9664fab7400b2d21319e754e66e4362580379cc3e7b3d513f7fce5dbae8d268f64e87642c5e349dcc2564a52c71b3168e18f2e73d61c7848d11d0dfe1eec4e41956e44b3296757abbf20feec31ebc796a0f5772705a0e77e0105e44cf6a493bb553bae81bb1eb360b6eb91861171c6c4b2bcdafb2133f84275c5c980432b71e69d8ee6b0c083c0a38272ce1b99b98f60b1690bd0656da731269895e0fe7921edb6623cbf3bd121a90223ea25425a6748a41bc09bb35b27cc72b0017a8990c7f0d2bca31a4c3283162fec93181d8c1554d0e5739b8806c6e63f8b40205ad0b0087a1ab1f672de74c1cc6264338eab6d4c264fc94dedad3e7aa2cf37081c0a391279031a5ea8b9da0b1b36a321c4326d9b07f42f68076697407fafe151eec3b5d9f70f4823de9803357747a1f0e5496cceefdee0d8363dd830aa171d4166c735952c236558c924201c852420aea45a7224598f1ad464da5b8a62c61d8f7a79916efef699c2e695acca7ee7bda1a265aa3a4e3d6f1326b1ff0ff6d702a3a45be65ee89e9992ade902cfadab4847a595d5082edf5bd2ea69f01c3dfd01d4df4a000adb2a77b12c0cdef3d8b5219df8276cbac6ea60d32b83a4f0cb0190a95c45d4d04a3a99d32e45e4775fa32cdd8ba75a65e4cf88e5079a7e9f03827818c6a330ff9bf083d85059e34304e0285611bca8f9bd73bba7ad882ed60ca9020c8c3273b9610c5f379da3d6fb1963793a8596aa4a8ac76d0425ea3e1e6dc0e1b4667189833c4286e069463968d80f93fdf38bbb06f17d6da81f436b4476f24686b6b2415adf09049c58d97ce9bcc5f96f9bfd8d650067b33001616d320ddcb3bd9d9599188944366adf81fb9d18d8047473b09f21a69bca8176bba9a4b754c35c2ec8f51f12b48034f6609eb1563139d9bee5b4d7de17126fbf2621e3ecab995723f3e77a666382753a3205bf4d2ce943b0a6d0b0f042518d62137aeff9bd0228429be2c1f6756c1be1def46bec5c97b22b231a979d1535bb0716886a3d192370090d9df7f4db804968c84df111c1ae01c24603f26897c0f935f79b09ebaad116cf439a6f6bea22e788cf3120f9e6ce5456e38b27d531a81292c57049bb2ade02cb4d877cf72de1b936b8f05dfaf0d8ff307bd66a78afee0ee7202c78f4183feeceb3942511b363e086840527b6db35c53223fe679a9856e24997542fa8e3ce0579c50ff6682ab66be9eb6c7878a10e87fffb20911cb8ac4dd176d27b3d0a39f348298a9630eebf991989f120ec5955b8a59b97d4ee038cc672dea148d87382a090f48ad0fb336fdb83ef32a7080d5a4db1962840f98137e75f95cc78755abc63bd5215dfa79a1538231edde9c7a75ea48dfcc620ff558882dde0eeeb32ef004c0e1171f32626b7d39419e626057560d915de05bcc740ae6ab368e48bee13968d4bd250df1cd058fcf604fb63cf0d48c94e3c0e6149ccbd5e7b3dc00c329a902a9a3bc3c5627f04d658773ccffce80859aa15a37c3c7012e953b55803e07319afa2717b625b0c783e58da7331692c7e41ab67ad41a8cd6b1178b55a01c0c8d7b207a5dd6f73f9dff49610926d83221e53ac141f9acdd52eec4627f9ca495a557509798e5ce3939905841adfaa7ac0f82d8ef3208c039e96cedc84de681322d00c6ae6e676dde2afe59fefb86e0ec1d32e9e1e598b38be73714cf1113083cbcae7d35aaea1853ffc17794b22d54089df20145c73bc7b622b9bf3dcb3854e9b038d6d730be8e58f9a8ef36c92452c6cb8cf31c2e9500a489666f9b5fdc2c1aedc84cd0d487c2059c5e8acb91821a8c76757342c8351216e6dbb0070e4f510c1258b6530fdf4d6b5d8af3d6f99ac68da4cbb4da4c350ea982a1bfcd0e169e910680167381d9847bcc97ba191a669c58e84dbf5a663d3fa2bf5ae35e3e45edc3a433d9535d7093bcbb4e3e0a9d653e89f1d3ea582cdb2911c0c62ca066a5d885124e991239106c8af8e65954675e4cb225995e0dfe3f70cd1928035b083d3c2aabfc6d11328423f777f1d52e1ac854358f80220595e810f34d4e98ce41f6151dcd75cf39e14c1a5ff1a5d5ca97989e19243bad303fbbb6a318dcd8e5bc65fdf8a7d2749aee2a49b2b0b4525e4fd9feea443a918f547e9fc72460d5da4a57ac8bf0d59b3bc93d4836a242a463c6cf5d01bec9e2ae54e41fd5841157e69219d8c653b14a94a0c3afb46a680c9ee5abcac6f65b3883b61fd5a5f48a6801c4adc9b69165acccf97f987926bce25e2f6e6ef49e97ddf6cf4d4e8e6277cd4862d947d5c1bd0be568570b45318ebb33147a35c25039179939710d5e92a2021a0b618fe88c9a77a69482021a5f264ea06d6573580badeff449fdd86db88d21aed5a5667e4d1fc076c324ef3751feb5aa8e1ecf040fc5b3e8e54c11f9a88f7d2ace37d4e2b0b0fb80dc8c28aef396b0a1f519283602073610338d2a6c4db60754673c2d447074d245150ef5ef34701d86e064120d7a80c1a7a2af64331f9e7c9f45d10c2cea0be900f6c25dc9c57d5fd0612a44c9bddab780d37dc8306db611b577cf0b19b03cff8d996d381e97fba60a14e72276b854f612cf677ad16d29a6d8d73a957afecd3368424477ce4de3c03226177495428581db61fa2321e09657413b5c885bbceb67b27e9152eaeced435fcb7d66be4a3400d41a7a6ef220e295ca826587481a068c267887dd6be98578fcb5d1ee34b34074c4dca32b85bb1ef35cb70bf779d9212071cece78a50473a73c1471fe4fcb0c7926b403c6af92345df3ef7ce27438e81910587809cc48e79a1a900dc0c5b59b08285c059ee9751f371746ce9f3b849c1970209f182353a60b6fb3b4ee53ddcf82d08585db0e1837cc26c31d8fbd09e791f42cc6a6dc25f4cc976799069cad0d117ee907b6ab185d4ca0c77647113f8c1398cdeedcb9d64280a84e15e830545e6c3e484f1050fb6fe1627012dfca482deee53c191a2a85bf88f5b2d624dab5905d88e7e10b9b2e23be0b89d2a2656addc04b18aa31c66384f91e11985d47259f9abc979e67d6fc44d4d678a443b96f95c8a197ca2ed85b2d817b764c2c7ea3528a42454e2cd1f551873da97e878099600d6e43751c52419d7c22ca25009611b618efbe1d5cdb1dd2bb09155c47bf0cd7f1e17ec048f83e4e68716e253e32ad4f82538266d79b6f4a01a57c20f54c602d419daa5f1ffd0fc3bfa57dba27abe87491636df90cd0b17554e01419323c729d4545f475bd2c0dcde15b4593219e83bcd076403dc04f6ba21f9bce3b7bb74ca88eed0a11b6a942c9ff42baefad4a18759c4726f75b2970de97e8e47c5959a527a3824d3e3f44c119f5c1c682205a4a0ad49195a04c39c8025ecdc7be020fe59f90544a45abd1198ef32035cd9c5f3f225e93c8e1da9f7c753a70ed1db10e83242c3429d0bdfed2a24ee8bd9a1afb0d66a79709129b9c01010558b60bc72b4cd7bbcc86bc1c7ab5b683ad541e13ca051b3b6f696796fde899dfb77e5381bd8179699681110849c9603187867b1a91f30dab0c5cecb269dbd418ead7f66e59383975fbda5fd1c120e846b7766b54a98dd4f11e40d6e4db1b022077b0743300cc09e55f31e69e114359b169511368fe48ecc4fa49bb2450616ac1d1d8270759879ccd28ef4a0a083605bdafa98f01315255d0eaf2a9fa2bc879e045105a2b32e632e6bde63e1baed07b4d4a9cd3cf372827f82908284c577c8e3fb9df553f2942dbff00573b7d712d9599c666cd5baf1cf61d7a5c01f0c32e652ebb967ddedbec53ba2b81a49bb0e1fd1e8885d64e066cf06275843a20b86eb405befb9d656328fc4ce3b0233c215c8af7b72edae67dbba95fa3ad92574b9d74c20d80f6837ea8c56654199a2efa81e1b8f04fdc9aa65c1c350134e8e8048d9d37aa2bca348a27bbae42d68bc40d975c508f37047412acc27cba490730c712a826f035feebed0a9b4335935d2926799825eb9cb00b45b7e5f9a47d8ec1bbe3ff63c6c698d275d53ace42ba92b3629fcadc30f71759b4a809f04f8fc7e5795338aa39cf9edc615e94f27b4a12a60aee881e5d00380513a6779653b6f30fcc23245b6264ce1041d46e6ded9ec5555a255ee9844c00f4c2e612523f3e178be8134c306702e185a858abe3288b12aa328c2ea7e9aa43c7f751889ae123dcce0b8e79e50304df2ff32d1072b0b3c37ee2d16376cc411bf7af6efd8de184fd5c0523ba57be7631eacb1c4cfeaae8586370d99194f7db1c56c3a006592e35f439aa6fbb52a60e01eb1eca88505ed1f1e6bba7dc86f44546c542f1ce53b7557227c60f9cb4069bfe30c0e9688f03776582e57e96557b0e48c9f108460aac9d295a11c0584fa33e1e6e8cbe207b7ab685d88a1c1587e941e02ac68280472a2f6dfb8e37b8b4b427657092ee1e04cbae608806629aef21a4244869364fb232522feec20c0fffcfd23338d21c8cd7c83955045325d48ead75cccc582e9869b7a8c216b7c5e72fc1ab545a7c5fb33b42894820c2edd0fcd9f70312d8fd2895d6d1863d73ac6d73b843d576ae2a374680203f8b9e86dcc381d6d316581b26397ad8001bfb70101d55218045398a6dfee51d016e8a9abc81be8cd2e006c23ac65aabd91c92d6084c2a75b9f842165b32dbd3d0a51ba78d43d87c5c08570e2dfdd499f1a9546fac9b8192aaa9ee3f3db204da919383510654e3e0817cec6a480b3c95cfb1205940a3d67292c671b76e9a2446cb24dbf378499f80d9c4caa8f321b0629f8a662853c0b2b3766b518230c31eb6f47b92ea8747ecb99b771d546ad94ed3df279bae888b2520901153047a8545907b55675a32fa9c80dd78efb715315556fb11e852889b54464842a193fcdb23495c25b581a21827d8040903864f02ca096fc274fb980acc78d365716cefa4e0e978902cfccacb74f048e91d26c08afd742f0baec3e23e274fe615ebc68913d7402e5a415959946a5616432b4cdcad3cfca9ea82d7cb2483a0117a38b1a662526c550ba9c07ef1f76e3cb14acbb03c56b8a1db34948c9048b7ac4f366780ddb09817d37bb8e578dc9c8a5917ebcc1f36013797b63ea8c5cb14cb4d983868f2f495f9408bb2ee377ef3c8556778109dd01880759497451e58a16bf78f52f952f3a1495a3142ae4805f879b95c1fd5e81890debb8a2f9f8de2ebe95c6186e46e50b455c5a53104039a6de9811a990f26226fea8c16c0aad639baee6a3710338fe8da2e852efeda72dd35700ec522db260a9145ea5c6d36563f8c4996f7218b1ab12a9275250febb9aef0c13d9cc01f22f60fd73b9d3bfc9a9da8291a06a9fe88c45278823183518fb4f41c3f43842f41bb9a57e61f28881b40beb093a2de871f36851d6bd753d4a41b87b3ea7861477c34d9aac9b716343735cde4ebdb8211315c95443f6210570d671bce046b5ca1fbb6b0b313438bd63a9a5de2c4e485e9b13c3870c23273c066519ef5d10fd3ffc29dcdb2", 0x1000}, {&(0x7f0000001300)="ff19ad38eb0b6cc2abec70a0be9b1d21db1d9bb4a9c305bd50cdebe44b9ec9dede30dbb0a267f899d1d9c3aa24620c9184836e6467d5c7a99120032065761fe6d5da752c345a388934336dee94c6808e0a4a56127fb8132a32e3f2876595ae81be8c2653a0c291f6e5f9ddfe0dd7d5e3b52210db0467eb62fad9ed91522d24ad9a10d93e021441164665b271653f96d036981a", 0x93}, {&(0x7f00000013c0)="d21cdb53dfbf6461d5ba1ea6d6fc36bdd33f5f538a18bf0c68", 0x19}, {&(0x7f0000001400)="f344c7b419f2e15128a6489267705da01deeed245667052766ad6ad7c582e2a8287db702129b0d0ea58ca1f203454f7f5d4e31bacbf56f793ce50bf46c9d204091b1a00d10c13226aee522f299fd98430663182d83b535522ff3d95b4c9585f687e9ea36d61dff02a5117cf330a9b223d54704df2b869b016503b8c756af57bacd650aba52c5b808dafb41dba0b4564f9739b1000e2f9c86b6fd60f0280d1d54cd3e829bd34926044ced63285ec5ac", 0xaf}], 0x6)
ioctl$TCSBRKP(r1, 0x5425, 0x9)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000001580)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000001540)={<r2=>0xffffffffffffffff}, 0x111, 0xa}}, 0x20)
r3 = openat$rdma_cm(0xffffff9c, &(0x7f00000015c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000001600)={0x12, 0x10, 0xfa00, {&(0x7f0000001500), r2, r3}}, 0x18)
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82187202, &(0x7f0000001640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r4 = openat$mice(0xffffff9c, &(0x7f0000001880), 0x30002)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r4, 0xc25c4111, &(0x7f00000018c0)={0x7, [[0xf, 0x3, 0xdae0, 0x1, 0x2, 0x0, 0x3, 0x4], [0x401, 0x3bf, 0xf, 0x2a, 0xd6, 0x200, 0x1000, 0x2], [0x1ff, 0x55664d81, 0x7, 0x8, 0x58da9e0a, 0xffc, 0x2303, 0xf]], '\x00', [{0x4, 0xafe}, {0x8, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x2, 0x9, 0x1}, {0x2, 0x8a, 0x0, 0x1, 0x1}, {0x9, 0x2, 0x1, 0x1, 0x0, 0x1}, {0x337, 0x5, 0x1, 0x0, 0x1}, {0x8, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x9, 0x3, 0x1}, {0x232, 0x4, 0x1, 0x0, 0x1, 0x1}, {0x4, 0x9, 0x1}, {0x7, 0x5, 0x0, 0x1, 0x0, 0x1}, {0xb5, 0x1}], '\x00', 0x1})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$SEG6(&(0x7f0000001b40), r5)
r6 = openat$comedi(0xffffff9c, &(0x7f0000001b80)='/dev/comedi2\x00', 0x80000, 0x0)
openat$dir(0xffffff9c, &(0x7f0000001bc0)='./file0\x00', 0xc000, 0x120)
ioctl$IOC_PR_RESERVE(r1, 0x401070c9, &(0x7f0000001c00)={0x1, 0x6})
sendmsg$tipc(r1, &(0x7f0000002380)={&(0x7f0000001c40)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x0, 0x2}}, 0x10, &(0x7f0000002200)=[{&(0x7f0000001c80)="94b09f9ece41c31a83902a", 0xb}, {&(0x7f0000001cc0)="c4442fd47945d0391af886965713f60d52a9f9587a8df7e69d139bd7585203e82b7752d46cbde7fba8d190db0ef12c5f84c4149b6fdc59984a5aa9738cfdeabd3755d8c5e21b8a3ea7075bba18c4fa010241e1179d5ddb8bb17c18b9105a83bfeb5d45bd8809346e21964145ff665a5dda1f9528c91d236e49ec22e559105a436809abc61889add3ad7077648bdb223bdcfb28fe840c439bad29e1698c41", 0x9e}, {&(0x7f0000001d80)="31dc8357e9fc6111a043716ae11ce6b33b474fc345f293b51187c687fef8f1a37e6af2d295e40457814387ea1b3de920874b7a3b7f01db4df25a259526b6c86bfccf10df55fca998dcb85f6f273920ed4a952e3b228e47a79b803d8432ad6a7c3b6e98fc33903ce1eef6c0fdc6537f760e9e66d0ebb13b13a25c8a261c93da9be7a5a55925c5599a3b635c1c2bf337d58a1cfe7933b3453076ba9aea0250e5", 0x9f}, {&(0x7f0000001e40)="d43d27bafe91df4e428b22ae6cd08c7eccfd5e8a72a06cfd50a252a14f265549f6810ebcf3f05dc2d7f1cd6806595fcbc16041c56f1e93f9662063a3b1cec1c3b734d0d9b2e4524c441286d52f4f7228597b9078cddf0bf0530dadd9db65da59e18d9f81f331158622d64fdae3336ba2368ed6cc572b615e5e0e536cda613416d86770bbd0c260172e9853e2da759f083a57b6e4d5462567141fa4adfe2ed7f4c239c761cee24d74caffc25031184ade91053bd0e8ad699feb5e91b1e86f5d126550cfc820dd99b78c7cfff7f6d248ac505e", 0xd2}, {&(0x7f0000001f40)="fbbd82a89a68ded03ff4c74ca6b2b546ac99edef9dfc74726d57777d9766cbdc69b64398ed63190e0ada69fee8fab87f", 0x30}, {&(0x7f0000001f80)="1f5f15644ff05ed972720c697e18147078188cc073b00061f712ce97a56a26035463995ff4f920adc38378f459078c351a2af4b6937eab33387e483c6e41af6e08584cc32875e35c32948e68230d8ec6d841fd430c8427370b7506ce20d43ac6091808afdb1d47f1f63e692b337049cf967c590ec64178282b3fc345eeee6ca65dc468b146f9f65cdff68bde04bce546703ef3974be4206620c404899245bd89f2ef41e08afa56d579cf7d620ef7c3b6000bb39aef63f5ce357a019ce189f0db0acc7b786523b6acd5aa43627e3164603f8b75f19b75", 0xd6}, {&(0x7f0000002080)="e6430b3cb23e446dc3d752fe588b6f03cba88e023806bf831553c5e06e3c6857d3941064b92215b3bf268306599f08a4207641601bc8b05b510c7fe18b5ff6d5a603494a6d0fd56e3f6c0c36814f6732e3c309aa47c7b12a71f773fbdb9ec507e949d28f956be951461d2b8b1e9aaaac6b318d6de4fb4a590ba9328d5048", 0x7e}, {&(0x7f0000002100)="4f8cf9035bd052fbf069149903f43569ff786e8dd18a685bb957d631663d7305fb5d1c913221c064e45f68250c3a896c05326481e7d3c6c168198008bdae91afcf3ec356082a59f71422e6bd0d7ae2b03dd1689e361197a0c91d", 0x5a}, {&(0x7f0000002180)="376219517093247ee58d50e596cd5a062c5d0c4658c743e84fe95e3956d999398f1345651325df4893f9936d50673b7d789235ca1851611953641270d680d54d4ea9ca2c76714fadd0be456685de2a4dcd6d93", 0x53}], 0x9, &(0x7f0000002280)="580d7444710ff2636c045973e8961efad2552d5b4903522937b055dd8a344408efb76fd71d3c4c2b489b0de5980ab64434b64e26e669e053531c5d6db5253c45d803d7b55f2c3565879992a624b0d5e0bb1aa96e6ff822ec29bb2aa7c3cda50e73d4e8debb631a14fafb060300a5e3949125ee01bbad50f6df2ac1ebfa5564a8c74d4bb41a78de145845b8d1a9747414f0ef2c1384908f6364f0421f17f34b511ce16c563b21a70ef518f0e87f5ea5a36440299f4fa43b8d564a76cc4484e1ddf31562e65eacd84683326c2052", 0xcd, 0x810}, 0x890)
syz_genetlink_get_family_id$l2tp(&(0x7f00000023c0), r5)
writev(r6, &(0x7f00000025c0)=[{&(0x7f0000002400)="2d3b6e3506addc71df56e9d4f983486f2f8507aea862daefbdd732a90f41ae9cd667c7835b12", 0x26}, {&(0x7f0000002440)="e5789064b69698e9c6e6834c5c7b46291c94d79b4c67b6739a42bc03b7cca2ecc6d81dbbabeff27e19de5e5b8bc3fe386586d46d2cb909e884cc9e90176cb6ee508481e3ff612ef00d3ab5e3", 0x4c}, {&(0x7f00000024c0)="ebf2e46a7c2cdeca0dabecaa46bb97e675b789efbce6130abd89ead091199369e0a69679be05b0ea5f16596f5e4afbd54512e1d81bff4a91ac11f6a7216edc5cc04fbaaa022b82ef61edeb772ecd9be2f625d6a1", 0x54}, {&(0x7f0000002540)="7129611613feb37a4646c7d1e5800d9e7253b6b62e07b0077c6c8f880d7e87c955dde7c0d8347eb0e60f11764202844f7a6827fc952182ab0cc2385f230e0edf6f96c15fed1b93fdc208adb0f00056", 0x4f}], 0x4)
r7 = getpid()
ioprio_set$pid(0x3, r7, 0x2007)
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f0000002600)=0x4000202)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3, 0x4810, r1, 0x8000000)
syz_io_uring_setup(0x3d68, &(0x7f0000002640)={0x0, 0x56d6, 0x4000, 0x3, 0x3c0}, &(0x7f00000026c0), &(0x7f0000002700)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f00000027c0)=@IORING_OP_READ=@pass_buffer={0x16, 0xf9483f9ccc8de0d6, 0x6004, @fd=r5, 0x0, &(0x7f0000002740)=""/72, 0x48, 0x2, 0x1})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002840)={0x8, &(0x7f0000002800)=[{0x0, 0xa, 0x0, 0x1ff}, {0x5, 0x18, 0x0, 0x9}, {0x401, 0x2, 0xe, 0x4}, {0x3, 0xb, 0xd2, 0xffffffff}, {0x401, 0xd, 0x2, 0x1}, {0x2, 0xd, 0xb4, 0x4}, {0x5, 0x10, 0x2b, 0x5}, {0x16fe, 0x0, 0x1f, 0xd69}]})
r10 = syz_genetlink_get_family_id$tipc(&(0x7f00000028c0), r4)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000002980)={&(0x7f0000002880)={0x10, 0x0, 0x0, 0x41200406}, 0xc, &(0x7f0000002940)={&(0x7f0000002900)={0x34, r10, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {}, {0x18, 0x17, {0xd, 0x9e6, @udp='udp:syz0\x00'}}}, ["", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x9011)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003cc0)={0x6, 0x2f, &(0x7f0000002a00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf1}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@jmp={0x5, 0x1, 0x5, 0x1, 0x5, 0xfffffffffffffff0, 0xfffffffffffffff0}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3d84c6d6}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}, @btf_id={0x18, 0x14, 0x3, 0x0, 0x4}, @generic={0x6f, 0xa, 0x0, 0xad, 0xff}, @generic={0x2, 0x9, 0x5, 0xc, 0xff}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6}, @call={0x85, 0x0, 0x0, 0x6}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000002b80)='GPL\x00', 0x8000, 0x1000, &(0x7f0000002bc0)=""/4096, 0x41100, 0x26, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000003bc0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000003c00)={0x4, 0xc, 0xfffffff4, 0x8000}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000003c40), &(0x7f0000003c80)=[{0x2, 0x3, 0x1, 0x3}, {0x4, 0x5, 0x5}, {0x5, 0x5, 0xa, 0x2}], 0x10, 0xffff}, 0x94)

3.967624891s ago: executing program 2 (id=2267):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x2461, &(0x7f0000000380)={0x0, 0xddec, 0x10100, 0x3}, &(0x7f0000002080)=<r3=>0x0, &(0x7f0000002100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f0000000640)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r5, 0x84, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0xfe, 0x0, 0x2a}, 0xe)
r6 = socket$packet(0x11, 0x2, 0x300)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000), 0x8)
syz_emit_ethernet(0x52, &(0x7f0000000000)={@local, @local, @val, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f10200", 0x14, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000), 0x8)
shutdown(r5, 0x1)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x2e, &(0x7f0000000000)=0x21ea, 0x4)
recvmmsg(r5, &(0x7f0000000840)=[{{0x0, 0x41, 0x0}}], 0x414, 0x406, 0x0)

3.957880189s ago: executing program 3 (id=2268):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$SG_SET_COMMAND_Q(0xffffffffffffffff, 0x2271, 0x0)
pselect6(0x2a, 0x0, 0x0, &(0x7f0000000400)={0x1, 0x5, 0xffffffff, 0x30000, 0x80000001, 0x8, 0x4, 0x5e5e}, &(0x7f0000000480), &(0x7f0000000500)={&(0x7f00000004c0)={[0x4dd]}, 0x8})
r2 = socket$inet(0x2, 0x1, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(r2, 0x1)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r7 = gettid()
tkill(r7, 0xb)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r8, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x55fdb4595c3d8036)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0000001080010800000000cb172a180040000000", @ANYRES32=0x0, @ANYBLOB="312000000000000014002b8008000100", @ANYRES32, @ANYBLOB="080003000200000008001b0000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x60442, 0x0)

3.387518904s ago: executing program 1 (id=2269):
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_clone(0x6280800, 0x0, 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c800}, 0x0)
r1 = openat$cuse(0xffffff9c, &(0x7f0000000140), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INTERRUPT(r1, &(0x7f0000000180)={0x10}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x24c01, 0x0)
lseek(r2, 0x1, 0x1)
writev(r2, &(0x7f0000000240)=[{0x0}, {&(0x7f00000003c0)="543dbf774f46eb7c9d4c45610d4ed164ed0bb635311f952cef66d7a4d254107cdc2fbd669f340837d7efcc70d90b1bf34924b72399a046649e", 0x39}, {&(0x7f0000000500)}], 0x3)
mount$9p_virtio(&(0x7f00000002c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
ftruncate(r3, 0x5)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0xe}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffbf83}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000040)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

3.05941675s ago: executing program 0 (id=2271):
r0 = syz_io_uring_setup(0x507d, &(0x7f0000000480)={0x0, 0x0, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='6'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

3.050560476s ago: executing program 2 (id=2272):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x10, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x4}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0xc, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x15)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0x5, 0x3, 0x5cc7, 0x8}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0xb, @loopback={0x400000004000300}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc6010f201000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r3, 0x0)
pipe2(&(0x7f0000000040), 0x0)
sendfile(r3, r3, 0x0, 0x40008)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

2.916247772s ago: executing program 3 (id=2273):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000000)={0xb, 0x86, 0x80000000, 0x5, 0x7, 0xb, 0x651, 0xffffffff, 0x9657, 0x0, 0x7dfffff7, 0x1000000000000000, 0x0, 0xb, 0x80000000000000, 0xcc3, 0x1, 0xfd, 0x94d6, 0x0, 0xfffffffd, 0x8, 0x8, 0xfffffffffffffffa, 0x3, 0x6})
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendto$packet(r1, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000440)={0x11, 0x0, r4, 0x1, 0x95, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}}, 0x14)
bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha384\x00'}, 0x58)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[], 0x48)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
clock_adjtime(0x0, &(0x7f0000000180)={0x6d04, 0xb, 0x7fff, 0x7, 0x2400000, 0x9, 0x8000, 0xfffffffa, 0x6, 0x8, 0x1, 0x7fd, 0x7, 0x200413d, 0x9, 0x0, 0x50, 0x2c32, 0x4, 0x63, 0xfffffffd, 0x7f, 0x4, 0x7, 0x10001, 0x7fffffff})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4800, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x28)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)

2.906174492s ago: executing program 0 (id=2274):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x40)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file0/file0'}}]})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000380)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
r3 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x1, 0x288}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r3, 0x3516, 0x0, 0x4, 0x0, 0x0)

2.366685458s ago: executing program 1 (id=2275):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x8000)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000040)={0xfffffff8, 0x401, 0xfffffffd, 0xc4cf, 0x7, "0441d3e189e87fe30600000000000f000200", 0x4, 0x200})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000340)=0x2)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x395, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xffffffff, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x2002c810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x707cb000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2000000000002)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sysvipc/msg\x00', 0x0, 0x0)
bind$netlink(r5, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
preadv(r6, 0x0, 0x0, 0xc002a0, 0x0)
r7 = syz_io_uring_setup(0x18d7, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x25b}, &(0x7f0000ffe000), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r7, 0x2, &(0x7f0000000180), 0xfe)
syz_open_procfs(0x0, 0x0)
r8 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$inet6_buf(r8, 0x29, 0x30, 0x0, 0x0)
bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r2, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)

1.310020339s ago: executing program 0 (id=2276):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f0000000680))
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000002, 0x13, r4, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01"])
ioctl$KVM_RUN(r4, 0xae80, 0x300)

1.151204096s ago: executing program 2 (id=2277):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@delqdisc={0xa8, 0x25, 0x0, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x7, 0x1}, {0xd, 0x10}, {0x3, 0xa}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x78, 0x2, {{0x7, [0x6, 0x3, 0xc, 0xe, 0x1, 0x9, 0xf, 0x2, 0xd, 0xe, 0x7, 0xc, 0x4, 0x0, 0xc], 0x1, [0x8, 0x5, 0x7, 0x7, 0x9, 0x5a, 0x7, 0x8d71, 0x1, 0x7, 0x3, 0x5, 0x2f, 0x0, 0x4, 0xd], [0x101, 0xd, 0x694, 0x1, 0x9c, 0x8, 0x7ff, 0x9, 0x5, 0x7, 0x7, 0x7, 0x3, 0x9, 0x6cb, 0x2]}, [@TCA_MQPRIO_SHAPER={0x6, 0x2, 0x1}, @TCA_MQPRIO_SHAPER={0x6}, @TCA_MQPRIO_MAX_RATE64={0x4}, @TCA_MQPRIO_MAX_RATE64={0x4}, @TCA_MQPRIO_SHAPER={0x6, 0x2, 0x1}]}}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b37, &(0x7f0000000000)={'wlan1\x00'})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000020601020000000000000000000000000500010006000000050005000a00000011000300686173683a69702c706f72740000000009000200ba000000000000000500040003000000"], 0x4c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
syz_open_dev$vim2m(0x0, 0x47b, 0x2)
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)

994.981712ms ago: executing program 0 (id=2278):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x20)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000080)})
close_range(r1, r1, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x4800003e, r2, 0x0)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000000)=<r6=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x6, 0x0, 0x7ffc1ffb}]})
openat(0xffffffffffffff9c, 0x0, 0x88041, 0x2)
llistxattr(&(0x7f0000000740)='./file1\x00', 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

533.638591ms ago: executing program 3 (id=2279):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xc}, 0x50)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x1f00, 0x12)

270.550182ms ago: executing program 3 (id=2280):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x82, 0x92, &(0x7f0000000300)="a43b61af131c40c5153097109882eb7a4a58878efebadc497a2221c505b6571a3dc333c1bd2af6b521af9e0a6b37cf2facfa912c62e1a62d0560ebb328196f5e7ea847ba265c56e88ba188903398252cc37d04ecf439e691f461f59c5221ae9b99a6377b2f3b4f959db1bee7d00dc5eb68a73081192d56355bf93c7eea8626e4489b", &(0x7f0000000440)=""/146, 0xffff47cb, 0x0, 0xbd, 0xf2, &(0x7f0000000500)="3e6166037f25a0ae28b52d4a299ecea61e548b6dd063a87f1b860f1fa053cd0e80d528e5a065fa8614c993189205d8710365a51f71d98f9e6ee177b66710aaa078bab341de652222dcf6d9ce044a0ee84b501071074b49feb3fb74f56934b88f04abe6d10704ab472b4c454cd268cf9908acdc40d5b4c4f5339660e36a2ab3aa9fe2296a4a9e206be45e970d8c59004a1cfc809001944d1cdc0b434c569e5cd7c1964558b306caca182bb233b79bb4982ab2571e7f5ffeb947ca359c74", &(0x7f00000005c0)="079bbae91e1bdfa013afb784e1ca89720cad6fa6647dd74a5199ef0af0ab88bf619ef144c6f305ad32598b1a106c9a91c4a959d219fe9a8a0a4eb4be4c100cb1df24f631d6e1ebe7c85d36e637a2d09497c8a8a8cc33ef946c48940d7e7e3c19169fe490fb99b2bc90b6c0ad0863dcb6b6a8af3bbeaded283ff6f402b056931bfff48b3f63f45798768fce8b3f9000c43f080fef9f27dc09d9107669c42e449ccb8092bef5f874105d4308d11948d92175e9e2502383cbac08573017918a809aa7f4680106ce83ba2fc619341ed1d6b372ac12956aa663a9909dc20e11e323962499c60c6f89abd8ed9c4e134b7d6783da2e", 0x3, 0x0, 0x80000001}, 0x4c)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x1f00, 0x12)

149.166244ms ago: executing program 3 (id=2281):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x1000089}, 0x0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001001, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

59.261622ms ago: executing program 0 (id=2282):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x39c, 0x1e8, 0x9403, 0x0, 0x0, 0x2c0, 0x2d4, 0x3d8, 0x3d8, 0x2d4, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1c4, 0x1e8, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x6, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@udplite={{0x2c}, {[0x4e21, 0x4e23], [0x4e24, 0x4e21], 0x2}}]}, @common=@unspec=@CLASSIFY={0x24}}, {{@uncond, 0x0, 0xc8, 0xec, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x5}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3f8)
fallocate(r0, 0x68, 0x2, 0x7f)

0s ago: executing program 0 (id=2283):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x54, r6, 0x1, 0x0, 0x200004, {0x2, 0x2, 0x2}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wlan1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ip6_vti0\x00'}]}, 0x54}, 0x1, 0x40030000000000, 0x0, 0x800}, 0x80)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendfile(0xffffffffffffffff, r7, 0x0, 0x40008)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
r9 = dup(r8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r9, 0x84, 0x70, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e23, 0x10001, @private0, 0xff}}, [0x101, 0x5, 0x80000001, 0x0, 0x1, 0x0, 0x64, 0x7ff, 0x81, 0xf88f, 0x2, 0x4c7, 0x38, 0x0, 0x772c]}, &(0x7f0000000100)=0xfc)
ioctl$vim2m_VIDIOC_TRY_FMT(r9, 0xc0cc5640, &(0x7f00000003c0)={0x6, @sdr={0x41495043, 0x1000}})
syz_emit_ethernet(0x3ec, &(0x7f00000008c0)={@random="f74b4d6f9ca8", @local, @val={@void}, {@mpls_mc={0x8848, {[{0x1}, {0x2, 0x0, 0x1}, {0xb, 0x0, 0x1}, {0x7, 0x0, 0x1}, {0x9, 0x0, 0x1}, {0x66}, {0x4, 0x0, 0x1}, {0x100}], @ipv4=@gre={{0xd, 0x4, 0x2, 0x7, 0x3ba, 0x65, 0x0, 0x4, 0x2f, 0x0, @multicast1, @multicast2, {[@lsrr={0x83, 0xf, 0xd7, [@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @local]}, @ssrr={0x89, 0xf, 0x7a, [@local, @local, @multicast1]}]}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0xe4, 0x1, [], "8eb2e5f11b978c9a55308bf504656e39c89e404349b536ca3c9a06cde4b773b937c6aeb717e2bc496da67f9b2d4307c513d39b4b2512d6c48d40b99f0eb4b3b9b375fe2ac63ed551305d0d263fed7a87e354215e454ebbbbc2c66df0fe4401bc0edf7050508149b096e539a62d1c541a5b8de2df54534e5cc2c6a5b9483d73872e39af7de6abeebb67b04467a545fc39b3aee5f1aab427686806eb65e53eded678d6984435a3c17088a48a32d0c182e2b357c3e0e3e8e3fd384b23d79cacdcabf4241e9de1552ecedd026c64bf493b8438e05522b7b34a725eb506ba69c3a2e948d34c40"}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0xb, 0xfe01], "4b7b6e23138e27175d620f79ccb1bce6496113a1647dbc29753c2433edc376dfb64a35782c619574eb3adf2b492c10ef6ab91444a28922868c4ad9df6df2f7c28a98e06787f2d843e4d87d8167d2c26f666899239a9ec0acfc6dbff6d06fc142c51292bcdd774b4b33e17f32f3ad3e524a29c85ef83ea1b115962536f238d4c1dbdf0fcb16e68531bc09f5a268c1a879a192a01f425e8d21298f8ea67479c9e4829e4d96b78b6f7f7a4c1cb110ab428f8895997f723aea2a67d4f1f9ce794c272a8024f57698472479aaa02a6e"}, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x86dd, [], "dfb71b1e539a047f4044ba53d1b8dcf243089c674e0db3514ebceea2288b316da53191ba51e42f39e449ee366d1027d4bd304e640647bfb2d224d0153d49201ae74c63c68f07a76707bf8acd9b9fc4b3546b6fbd7f3aed399a11948eb819baafd3b32bd752b529f5312880a7df92a8117fa4e5fe4fde5c22b1ff5c78b7b650224b59b4bb263916dc8763c45b3fa889e10556db72144187e53aaf64e966677518f9e1e041b5870e579532527af9fde894772a34deecaa127275a804561b7b5befa0bd675e18afbe7e37b5ce93ee00ad39a4fd92e473463245e83d1af61267516ff9e6ea01bbea810fa07a1e162394a7"}, {0x8, 0x88be, 0x1, {{0x8, 0x1, 0x7, 0x0, 0x1, 0x3, 0x4, 0x25}, 0x1, {0x4}}}, {0x8, 0x22eb, 0x1, {{0x5, 0x2, 0x1, 0x0, 0x0, 0x0, 0x3, 0x12}, 0x2, {0x7, 0x3, 0x0, 0x7, 0x1, 0x0, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x1, "7fafdd237fa3b77426663bbe312acc0d359d00b235edbd327750af5201ba5087d21f5fd4177d823c07892dc2c466f890fa55d12e2c3e8369643b145930749f4571bc888075deb226b62f8feaeff610d7198ae1c488c357061ec4ab2b3e2d863d5431c6c0cb61db0a30be7a14c51a30c83464b27a3758de28a26c001734d66c57eae47087c4d8755fcef7b113e0c1ccaa105b2b92a726ad05930798786038"}}}}}}}, 0x0)
read$char_usb(r0, &(0x7f0000000000)=""/124, 0x7c)

kernel console output (not intermixed with test programs):

50.023051][T12379] RIP: 0023:0xf705d579
[  450.023065][T12379] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  450.023096][T12379] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  450.023114][T12379] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c008561c
[  450.023126][T12379] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  450.023136][T12379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  450.023146][T12379] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  450.023157][T12379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  450.023184][T12379]  </TASK>
[  450.128227][T12381] overlayfs: failed to resolve './file0/file0': -2
[  450.362922][T12385] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  450.365664][T12385] syzkaller0: entered promiscuous mode
[  450.367804][T12385] syzkaller0: entered allmulticast mode
[  450.379736][T12385] tipc: Resetting bearer <eth:syzkaller0>
[  450.385042][T12384] tipc: Resetting bearer <eth:syzkaller0>
[  450.426321][T12384] tipc: Disabling bearer <eth:syzkaller0>
[  450.560281][T12387] syzkaller0: entered promiscuous mode
[  450.562648][T12387] syzkaller0: entered allmulticast mode
[  450.580551][T12387] sch_tbf: burst 9 is lower than device syzkaller0 mtu (1514) !
[  450.795323][T12391] 8021q: VLANs not supported on ip6gre0
[  450.855031][T12393] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1740'.
[  451.151125][T11692] usb 7-1: USB disconnect, device number 9
[  451.158721][T11691] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  451.317760][T11691] usb 5-1: Using ep0 maxpacket: 16
[  451.322409][T11691] usb 5-1: config 0 has no interfaces?
[  451.324798][T11691] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  451.355481][T11691] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.359930][T12395] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  451.362654][T12395] syzkaller0: entered promiscuous mode
[  451.364869][T12395] syzkaller0: entered allmulticast mode
[  451.378623][T11691] usb 5-1: config 0 descriptor??
[  451.388818][T12395] tipc: Resetting bearer <eth:syzkaller0>
[  451.396279][T12394] tipc: Resetting bearer <eth:syzkaller0>
[  451.425925][T12394] tipc: Disabling bearer <eth:syzkaller0>
[  451.504750][T12399] FAULT_INJECTION: forcing a failure.
[  451.504750][T12399] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  451.512450][T12399] CPU: 0 UID: 0 PID: 12399 Comm: syz.3.1743 Not tainted syzkaller #0 PREEMPT(full) 
[  451.512467][T12399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  451.512473][T12399] Call Trace:
[  451.512477][T12399]  <TASK>
[  451.512482][T12399]  dump_stack_lvl+0x16c/0x1f0
[  451.512499][T12399]  should_fail_ex+0x512/0x640
[  451.512519][T12399]  should_fail_alloc_page+0xe7/0x130
[  451.512537][T12399]  prepare_alloc_pages+0x3c2/0x610
[  451.512554][T12399]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  451.512575][T12399]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  451.512597][T12399]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  451.512617][T12399]  ? policy_nodemask+0xea/0x4e0
[  451.512634][T12399]  alloc_pages_mpol+0x1fb/0x550
[  451.512650][T12399]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  451.512669][T12399]  folio_alloc_mpol_noprof+0x36/0x2f0
[  451.512687][T12399]  vma_alloc_folio_noprof+0xed/0x1e0
[  451.512709][T12399]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  451.512731][T12399]  do_pte_missing+0x2202/0x3ba0
[  451.512763][T12399]  ? find_held_lock+0x2b/0x80
[  451.512780][T12399]  __handle_mm_fault+0x1556/0x2aa0
[  451.512802][T12399]  ? __pfx___handle_mm_fault+0x10/0x10
[  451.512821][T12399]  ? __pte_offset_map_lock+0x174/0x310
[  451.512835][T12399]  ? find_held_lock+0x2b/0x80
[  451.512851][T12399]  ? follow_page_pte+0x5cf/0x1390
[  451.512870][T12399]  handle_mm_fault+0x589/0xd10
[  451.512890][T12399]  __get_user_pages+0x54e/0x3530
[  451.512910][T12399]  ? down_read_killable+0x220/0x4b0
[  451.512928][T12399]  ? __pfx___get_user_pages+0x10/0x10
[  451.512945][T12399]  ? __lock_acquire+0x622/0x1c90
[  451.512962][T12399]  __gup_longterm_locked+0xa92/0x17e0
[  451.512982][T12399]  ? __pfx___gup_longterm_locked+0x10/0x10
[  451.513000][T12399]  ? find_held_lock+0x2b/0x80
[  451.513011][T12399]  ? sanity_check_pinned_pages+0x23/0x11d0
[  451.513030][T12399]  gup_fast_fallback+0xee2/0x22a0
[  451.513057][T12399]  ? __pfx_gup_fast_fallback+0x10/0x10
[  451.513072][T12399]  ? bpf_ksym_find+0x124/0x1c0
[  451.513086][T12399]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  451.513100][T12399]  ? is_bpf_text_address+0x94/0x1a0
[  451.513116][T12399]  ? kernel_text_address+0x8d/0x100
[  451.513129][T12399]  pin_user_pages_fast+0xa7/0xf0
[  451.513144][T12399]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  451.513164][T12399]  iov_iter_extract_pages+0x3a2/0x1ed0
[  451.513178][T12399]  ? stack_depot_save_flags+0x29/0x9c0
[  451.513194][T12399]  ? __pfx_stack_trace_save+0x10/0x10
[  451.513206][T12399]  ? look_up_lock_class+0x59/0x150
[  451.513222][T12399]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  451.513232][T12399]  ? kasan_save_stack+0x42/0x60
[  451.513243][T12399]  ? kasan_save_stack+0x33/0x60
[  451.513255][T12399]  ? kasan_save_track+0x14/0x30
[  451.513267][T12399]  ? __kasan_kmalloc+0xaa/0xb0
[  451.513279][T12399]  ? __kmalloc_noprof+0x32f/0x880
[  451.513295][T12399]  ? sock_kmalloc+0x111/0x170
[  451.513308][T12399]  ? af_alg_alloc_areq+0xbc/0x2e0
[  451.513320][T12399]  ? aead_recvmsg+0x3fd/0x16a0
[  451.513336][T12399]  ? sock_recvmsg+0x1f9/0x250
[  451.513348][T12399]  ? ____sys_recvmsg+0x218/0x6b0
[  451.513361][T12399]  ? ___sys_recvmsg+0x114/0x1a0
[  451.513371][T12399]  ? do_recvmmsg+0x55d/0x750
[  451.513380][T12399]  ? __sys_recvmmsg+0x21c/0x280
[  451.513390][T12399]  ? __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  451.513402][T12399]  ? __do_fast_syscall_32+0x7c/0x300
[  451.513416][T12399]  ? do_fast_syscall_32+0x32/0x80
[  451.513430][T12399]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  451.513449][T12399]  extract_iter_to_sg+0xf6e/0x20c0
[  451.513471][T12399]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  451.513492][T12399]  ? rcu_is_watching+0x12/0xc0
[  451.513508][T12399]  af_alg_get_rsgl+0x2b8/0x7f0
[  451.513529][T12399]  aead_recvmsg+0x443/0x16a0
[  451.513551][T12399]  ? __lock_acquire+0xb8a/0x1c90
[  451.513567][T12399]  ? __pfx_aead_recvmsg+0x10/0x10
[  451.513584][T12399]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  451.513604][T12399]  sock_recvmsg+0x1f9/0x250
[  451.513619][T12399]  ____sys_recvmsg+0x218/0x6b0
[  451.513636][T12399]  ? __pfx_____sys_recvmsg+0x10/0x10
[  451.513649][T12399]  ? import_iovec+0x86/0xb0
[  451.513665][T12399]  ? __lock_acquire+0x622/0x1c90
[  451.513683][T12399]  ___sys_recvmsg+0x114/0x1a0
[  451.513698][T12399]  ? __pfx____sys_recvmsg+0x10/0x10
[  451.513711][T12399]  ? find_held_lock+0x2b/0x80
[  451.513733][T12399]  do_recvmmsg+0x55d/0x750
[  451.513746][T12399]  ? __pfx_do_recvmmsg+0x10/0x10
[  451.513769][T12399]  ? __fget_files+0x20e/0x3c0
[  451.513779][T12399]  ? handle_mm_fault+0x250/0xd10
[  451.513798][T12399]  __sys_recvmmsg+0x21c/0x280
[  451.513810][T12399]  ? __pfx___sys_recvmmsg+0x10/0x10
[  451.513823][T12399]  ? __pfx_ksys_write+0x10/0x10
[  451.513838][T12399]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  451.513849][T12399]  ? lockdep_hardirqs_on+0x7c/0x110
[  451.513862][T12399]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  451.513877][T12399]  __do_fast_syscall_32+0x7c/0x300
[  451.513893][T12399]  do_fast_syscall_32+0x32/0x80
[  451.513908][T12399]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  451.513922][T12399] RIP: 0023:0xf705d579
[  451.513931][T12399] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  451.513942][T12399] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  451.513952][T12399] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080004600
[  451.513959][T12399] RDX: 0000000000000001 RSI: 0000000020001000 RDI: 0000000000000000
[  451.513965][T12399] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  451.513971][T12399] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  451.513977][T12399] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  451.513993][T12399]  </TASK>
[  451.605936][   T60] usb 5-1: USB disconnect, device number 24
[  451.607485][    C0] vkms_vblank_simulate: vblank timer overrun
[  451.746627][T12401] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1744'.
[  451.843378][T12411] netlink: 'syz.2.1747': attribute type 58 has an invalid length.
[  451.846001][T12411] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1747'.
[  451.846878][T12412] netlink: 'syz.3.1746': attribute type 10 has an invalid length.
[  451.908612][T12414] overlayfs: failed to resolve './file0/file0': -2
[  452.207323][T12419] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  452.209443][T12419] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  452.218578][T12419] vhci_hcd vhci_hcd.0: Device attached
[  452.488667][   T60] usb 41-1: new low-speed USB device number 7 using vhci_hcd
[  452.527426][T12428] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  452.539147][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  452.952015][T12430] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  452.954094][T12430] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  452.956650][T12430] vhci_hcd vhci_hcd.0: Device attached
[  453.075321][T12433] syz.1.1752 (12433): drop_caches: 2
[  453.079724][T12433] syz.1.1752 (12433): drop_caches: 2
[  453.607911][T11684] usb 40-1: SetAddress Request (26) to port 0
[  453.610666][T12431] vhci_hcd: connection closed
[  453.642222][ T7906] vhci_hcd: stop threads
[  453.645556][T11684] usb 40-1: new SuperSpeed USB device number 26 using vhci_hcd
[  453.648209][ T7906] vhci_hcd: release socket
[  453.655632][ T7906] vhci_hcd: disconnect device
[  453.658797][T11684] usb 40-1: enqueue for inactive port 0
[  453.697115][T12420] vhci_hcd: connection reset by peer
[  453.709179][   T12] vhci_hcd: stop threads
[  453.710778][   T12] vhci_hcd: release socket
[  453.712637][   T12] vhci_hcd: disconnect device
[  453.779193][   T29] vhci_hcd: vhci_device speed not set
[  454.049929][T11684] usb usb40-port1: attempt power cycle
[  454.219952][T12436] overlayfs: failed to resolve './file0/file0': -2
[  454.540757][T12448] comedi comedi0: pcl711: I/O port conflict (0x6,16)
[  454.550470][ T5299] Bluetooth: hci4: command 0x1003 tx timeout
[  454.553629][T11340] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  454.596994][T12452] overlayfs: failed to resolve './file0/file0': -2
[  454.649803][T11684] usb usb40-port1: unable to enumerate USB device
[  455.503400][T12462] overlayfs: failed to resolve './file0/file0': -2
[  455.675785][T12464] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  455.677862][T12464] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  455.793150][T12464] vhci_hcd vhci_hcd.0: Device attached
[  456.055090][   T29] usb 43-1: new low-speed USB device number 7 using vhci_hcd
[  456.143275][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  456.143285][   T40] audit: type=1326 audit(2000000624.649:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.170101][   T40] audit: type=1326 audit(2000000624.659:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.191088][   T40] audit: type=1326 audit(2000000624.659:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.213172][   T40] audit: type=1326 audit(2000000624.659:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.236425][   T40] audit: type=1326 audit(2000000624.659:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.263261][   T40] audit: type=1326 audit(2000000624.659:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.272923][T12465] vhci_hcd: connection reset by peer
[  456.274973][ T7909] vhci_hcd: stop threads
[  456.276407][ T7909] vhci_hcd: release socket
[  456.278099][ T7909] vhci_hcd: disconnect device
[  456.282810][   T40] audit: type=1326 audit(2000000624.659:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.289571][   T40] audit: type=1326 audit(2000000624.659:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.296762][   T40] audit: type=1326 audit(2000000624.659:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.303904][   T40] audit: type=1326 audit(2000000624.659:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.1.1762" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  456.959385][T12476] wg2 speed is unknown, defaulting to 1000
[  457.219116][T12476] lo speed is unknown, defaulting to 1000
[  457.222780][T12476] lo speed is unknown, defaulting to 1000
[  457.581419][   T60] vhci_hcd: vhci_device speed not set
[  457.852482][T12492] fuse: Bad value for 'rootmode'
[  458.018313][T12505] overlayfs: failed to resolve './file0/file0': -2
[  458.263963][T12513] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1773'.
[  458.266866][T12513] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1773'.
[  458.272197][T12513] syzkaller0: entered promiscuous mode
[  458.273930][T12513] syzkaller0: entered allmulticast mode
[  458.815915][T12518] netlink: 'syz.0.1775': attribute type 1 has an invalid length.
[  459.338433][T12519] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1775'.
[  460.101985][T12533] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.1777'.
[  460.105505][T12533] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1777'.
[  460.862328][T12545] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  460.868316][T12545] syzkaller0: entered promiscuous mode
[  460.870733][T12545] syzkaller0: entered allmulticast mode
[  460.892289][T12545] tipc: Resetting bearer <eth:syzkaller0>
[  460.899681][T12544] tipc: Resetting bearer <eth:syzkaller0>
[  460.912750][T12543] fuse: Bad value for 'rootmode'
[  460.915087][T12544] tipc: Disabling bearer <eth:syzkaller0>
[  461.206442][   T29] vhci_hcd: vhci_device speed not set
[  461.740815][T12565] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1787'.
[  461.768147][T12567] netlink: 'syz.2.1788': attribute type 1 has an invalid length.
[  461.784982][T12567] gretap2: entered promiscuous mode
[  461.788461][T12567] bond6: (slave gretap2): making interface the new active one
[  461.791734][T12567] bond6: (slave gretap2): Enslaving as an active interface with an up link
[  461.800378][T12567] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1788'.
[  461.810206][T12567] macvlan3: entered promiscuous mode
[  461.812558][T12567] macvlan3: entered allmulticast mode
[  461.815977][T12567] bond6: entered promiscuous mode
[  461.818995][T12567] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  461.822498][T12567] bond6: (slave macvlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  461.830108][T12567] bond6: left promiscuous mode
[  462.009268][T12574] overlayfs: failed to resolve './file0/file0': -2
[  462.185910][T12575] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.1789'.
[  462.198478][T12575] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1789'.
[  462.867772][T12584] fuse: Bad value for 'rootmode'
[  463.050021][T12594] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1795'.
[  463.517857][ T5349]  pmem0: AHDI p1
[  463.571514][T12612] __nla_validate_parse: 1 callbacks suppressed
[  463.571526][T12612] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1800'.
[  464.154164][T12617] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.1802'.
[  464.165654][T12617] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1802'.
[  464.853776][T12621] fuse: root generation should be zero
[  465.826474][T12651] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1811'.
[  465.847290][T12653] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1812'.
[  465.922681][T12656] FAULT_INJECTION: forcing a failure.
[  465.922681][T12656] name failslab, interval 1, probability 0, space 0, times 0
[  465.927990][T12656] CPU: 1 UID: 0 PID: 12656 Comm: syz.0.1809 Not tainted syzkaller #0 PREEMPT(full) 
[  465.928017][T12656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  465.928024][T12656] Call Trace:
[  465.928028][T12656]  <TASK>
[  465.928032][T12656]  dump_stack_lvl+0x16c/0x1f0
[  465.928050][T12656]  should_fail_ex+0x512/0x640
[  465.928068][T12656]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  465.928082][T12656]  should_failslab+0xc2/0x120
[  465.928098][T12656]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  465.928110][T12656]  ? __d_lookup+0x25c/0x4a0
[  465.928126][T12656]  ? __d_alloc+0x32/0xae0
[  465.928141][T12656]  ? __d_alloc+0x32/0xae0
[  465.928152][T12656]  __d_alloc+0x32/0xae0
[  465.928167][T12656]  d_alloc+0x4a/0x1e0
[  465.928181][T12656]  lookup_one_qstr_excl+0x175/0x250
[  465.928197][T12656]  ? mnt_want_write+0x161/0x450
[  465.928215][T12656]  filename_create+0x1e7/0x4a0
[  465.928227][T12656]  ? __pfx_filename_create+0x10/0x10
[  465.928237][T12656]  ? find_held_lock+0x2b/0x80
[  465.928255][T12656]  do_mkdirat+0xaa/0x3e0
[  465.928268][T12656]  ? __pfx_do_mkdirat+0x10/0x10
[  465.928281][T12656]  ? getname_flags.part.0+0x1c5/0x550
[  465.928300][T12656]  __ia32_sys_mkdir+0x61/0x80
[  465.928313][T12656]  __do_fast_syscall_32+0x7c/0x300
[  465.928330][T12656]  do_fast_syscall_32+0x32/0x80
[  465.928344][T12656]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  465.928358][T12656] RIP: 0023:0xf700d579
[  465.928367][T12656] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  465.928378][T12656] RSP: 002b:00000000f53bb55c EFLAGS: 00000296 ORIG_RAX: 0000000000000027
[  465.928388][T12656] RAX: ffffffffffffffda RBX: 0000000080000280 RCX: 0000000000000000
[  465.928394][T12656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  465.928401][T12656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  465.928406][T12656] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  465.928412][T12656] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  465.928427][T12656]  </TASK>
[  466.002425][    C1] vkms_vblank_simulate: vblank timer overrun
[  466.020109][T12662] overlayfs: failed to resolve './file0/file0': -2
[  467.706447][ T7906] Bluetooth: hci4: Frame reassembly failed (-84)
[  467.709117][T12679] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  468.187564][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  468.187574][   T40] audit: type=1326 audit(2000000636.692:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.265629][   T40] audit: type=1326 audit(2000000636.692:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.313929][   T40] audit: type=1326 audit(2000000636.692:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.322432][   T40] audit: type=1326 audit(2000000636.692:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.330714][   T40] audit: type=1326 audit(2000000636.692:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.339185][   T40] audit: type=1326 audit(2000000636.702:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.348118][   T40] audit: type=1326 audit(2000000636.702:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.356586][   T40] audit: type=1326 audit(2000000636.702:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.366338][   T40] audit: type=1326 audit(2000000636.702:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.374647][   T40] audit: type=1326 audit(2000000636.702:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12688 comm="syz.2.1823" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  468.502374][T12698] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1825'.
[  469.685783][T12719] overlayfs: failed to resolve './file0/file0': -2
[  469.758299][ T5299] Bluetooth: hci4: command 0x1003 tx timeout
[  469.758338][T11340] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  470.949949][T12739] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1837'.
[  472.381313][T12748] FAULT_INJECTION: forcing a failure.
[  472.381313][T12748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  472.385384][T12748] CPU: 2 UID: 0 PID: 12748 Comm: syz.3.1839 Not tainted syzkaller #0 PREEMPT(full) 
[  472.385399][T12748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  472.385406][T12748] Call Trace:
[  472.385410][T12748]  <TASK>
[  472.385414][T12748]  dump_stack_lvl+0x16c/0x1f0
[  472.385432][T12748]  should_fail_ex+0x512/0x640
[  472.385454][T12748]  _copy_from_user+0x2e/0xd0
[  472.385472][T12748]  memdup_user+0x6b/0xe0
[  472.385486][T12748]  sctp_getsockopt+0x2702/0x69b0
[  472.385505][T12748]  ? __lock_acquire+0x622/0x1c90
[  472.385521][T12748]  ? __pfx_sctp_getsockopt+0x10/0x10
[  472.385546][T12748]  ? get_pid_task+0xfc/0x250
[  472.385564][T12748]  ? aa_sk_perm+0x2f4/0xb10
[  472.385581][T12748]  ? proc_fail_nth_write+0x9f/0x220
[  472.385594][T12748]  ? __pfx_aa_sk_perm+0x10/0x10
[  472.385605][T12748]  ? __lock_acquire+0x622/0x1c90
[  472.385623][T12748]  ? aa_sock_opt_perm+0xfd/0x1c0
[  472.385640][T12748]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  472.385655][T12748]  do_sock_getsockopt+0x34d/0x440
[  472.385669][T12748]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  472.385682][T12748]  ? __fget_files+0x204/0x3c0
[  472.385701][T12748]  __sys_getsockopt+0x123/0x1b0
[  472.385715][T12748]  __ia32_sys_getsockopt+0xbc/0x160
[  472.385725][T12748]  ? lockdep_hardirqs_on+0x7c/0x110
[  472.385739][T12748]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  472.385754][T12748]  __do_fast_syscall_32+0x7c/0x300
[  472.385771][T12748]  do_fast_syscall_32+0x32/0x80
[  472.385786][T12748]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  472.385800][T12748] RIP: 0023:0xf705d579
[  472.385808][T12748] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  472.385821][T12748] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  472.385832][T12748] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000084
[  472.385839][T12748] RDX: 000000000000006f RSI: 0000000080000000 RDI: 0000000080000440
[  472.385845][T12748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  472.385851][T12748] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  472.385858][T12748] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  472.385873][T12748]  </TASK>
[  472.418798][T12749] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1840'.
[  472.626503][T12765] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1847'.
[  472.690141][ T6003] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  472.779714][T12776] overlay: Bad value for 'redirect_dir'
[  472.899152][ T6003] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  472.903043][ T6003] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  472.906132][ T6003] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  472.919497][ T6003] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  472.926320][ T6003] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  472.929117][ T6003] usb 8-1: Product: syz
[  472.931146][ T6003] usb 8-1: Manufacturer: syz
[  472.932849][ T6003] usb 8-1: SerialNumber: syz
[  473.237092][ T6003] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  473.491321][T12753] tmpfs: Unknown parameter 'ui|'
[  473.903496][T11692] usb 8-1: USB disconnect, device number 5
[  473.906933][T11692] usblp0: removed
[  474.441679][T12806] overlayfs: failed to resolve './file0/file0': -2
[  474.727777][T12810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1860'.
[  474.996392][   T40] kauditd_printk_skb: 50 callbacks suppressed
[  474.996402][   T40] audit: type=1326 audit(2000000643.488:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.015393][T12821] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  475.059110][   T13] Bluetooth: hci4: Frame reassembly failed (-84)
[  475.061607][   T40] audit: type=1326 audit(2000000643.498:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.070953][   T40] audit: type=1326 audit(2000000643.498:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.079093][   T40] audit: type=1326 audit(2000000643.498:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.091650][   T40] audit: type=1326 audit(2000000643.498:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.101644][   T40] audit: type=1326 audit(2000000643.498:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.111570][   T40] audit: type=1326 audit(2000000643.498:1190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.119074][   T40] audit: type=1326 audit(2000000643.498:1191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.126309][   T40] audit: type=1326 audit(2000000643.548:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.134013][   T40] audit: type=1326 audit(2000000643.548:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.1862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  475.601798][T11340] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  475.727976][T12825] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1865'.
[  476.450939][T12829] comedi comedi3: das16m1: I/O port conflict (0x4,16)
[  476.546057][T12836] overlayfs: failed to resolve './file0/file0': -2
[  477.042510][T11340] Bluetooth: hci4: command 0x1003 tx timeout
[  477.045587][ T5299] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  477.416693][T12850] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1870'.
[  477.655998][T11227] block nbd0: Possible stuck request ffff88802657e000: control (read@0,1024B). Runtime 30 seconds
[  477.660604][T11227] block nbd0: Possible stuck request ffff88802657e1c0: control (read@1024,1024B). Runtime 30 seconds
[  477.664609][T11227] block nbd0: Possible stuck request ffff88802657e380: control (read@2048,1024B). Runtime 30 seconds
[  477.668137][T11227] block nbd0: Possible stuck request ffff88802657e540: control (read@3072,1024B). Runtime 30 seconds
[  477.838652][T12852] wg2 speed is unknown, defaulting to 1000
[  478.063522][T12852] lo speed is unknown, defaulting to 1000
[  478.066900][T12852] lo speed is unknown, defaulting to 1000
[  478.116614][T12860] FAULT_INJECTION: forcing a failure.
[  478.116614][T12860] name failslab, interval 1, probability 0, space 0, times 0
[  478.120504][T12860] CPU: 0 UID: 0 PID: 12860 Comm: syz.3.1873 Not tainted syzkaller #0 PREEMPT(full) 
[  478.120520][T12860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  478.120527][T12860] Call Trace:
[  478.120531][T12860]  <TASK>
[  478.120535][T12860]  dump_stack_lvl+0x16c/0x1f0
[  478.120552][T12860]  should_fail_ex+0x512/0x640
[  478.120570][T12860]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  478.120582][T12860]  should_failslab+0xc2/0x120
[  478.120597][T12860]  kmem_cache_alloc_noprof+0x75/0x6e0
[  478.120609][T12860]  ? skb_clone+0x190/0x3f0
[  478.120624][T12860]  ? skb_clone+0x190/0x3f0
[  478.120634][T12860]  skb_clone+0x190/0x3f0
[  478.120646][T12860]  netlink_deliver_tap+0xabd/0xd30
[  478.120662][T12860]  netlink_unicast+0x64c/0x870
[  478.120676][T12860]  ? __pfx_netlink_unicast+0x10/0x10
[  478.120694][T12860]  netlink_sendmsg+0x8c8/0xdd0
[  478.120713][T12860]  ? __pfx_netlink_sendmsg+0x10/0x10
[  478.120727][T12860]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  478.120747][T12860]  ____sys_sendmsg+0xa98/0xc70
[  478.120763][T12860]  ? __pfx_____sys_sendmsg+0x10/0x10
[  478.120777][T12860]  ? get_compat_msghdr+0x11a/0x170
[  478.120795][T12860]  ___sys_sendmsg+0x134/0x1d0
[  478.120807][T12860]  ? __pfx____sys_sendmsg+0x10/0x10
[  478.120825][T12860]  ? find_held_lock+0x2b/0x80
[  478.120847][T12860]  __sys_sendmsg+0x16d/0x220
[  478.120859][T12860]  ? __pfx___sys_sendmsg+0x10/0x10
[  478.120876][T12860]  ? rcu_is_watching+0x12/0xc0
[  478.120891][T12860]  __do_fast_syscall_32+0x7c/0x300
[  478.120908][T12860]  do_fast_syscall_32+0x32/0x80
[  478.120922][T12860]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  478.120936][T12860] RIP: 0023:0xf705d579
[  478.120945][T12860] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  478.120956][T12860] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  478.120966][T12860] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  478.120973][T12860] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  478.120979][T12860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  478.120985][T12860] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  478.120991][T12860] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  478.121006][T12860]  </TASK>
[  478.408016][T12871] overlayfs: failed to resolve './file0/file0': -2
[  480.521074][T12881] 8021q: VLANs not supported on ip6gre0
[  480.539256][T12883] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1880'.
[  480.575194][T12885] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1879'.
[  480.824621][T11692] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  480.984651][T11692] usb 7-1: Using ep0 maxpacket: 16
[  480.988061][T11692] usb 7-1: config 0 has no interfaces?
[  480.989995][T11692] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  480.992871][T11692] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.993634][T12894] binder: 12891:12894 ioctl c0306201 0 returned -14
[  481.007037][T11692] usb 7-1: config 0 descriptor??
[  481.414876][T12899] FAULT_INJECTION: forcing a failure.
[  481.414876][T12899] name failslab, interval 1, probability 0, space 0, times 0
[  481.419119][T12899] CPU: 3 UID: 0 PID: 12899 Comm: syz.3.1884 Not tainted syzkaller #0 PREEMPT(full) 
[  481.419134][T12899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  481.419141][T12899] Call Trace:
[  481.419145][T12899]  <TASK>
[  481.419150][T12899]  dump_stack_lvl+0x16c/0x1f0
[  481.419168][T12899]  should_fail_ex+0x512/0x640
[  481.419185][T12899]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  481.419199][T12899]  should_failslab+0xc2/0x120
[  481.419215][T12899]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  481.419227][T12899]  ? unwind_get_return_address+0x59/0xa0
[  481.419241][T12899]  ? __d_alloc+0x32/0xae0
[  481.419257][T12899]  ? __d_alloc+0x32/0xae0
[  481.419268][T12899]  __d_alloc+0x32/0xae0
[  481.419283][T12899]  d_alloc_parallel+0x111/0x1510
[  481.419305][T12899]  ? save_trace+0x4e/0x380
[  481.419319][T12899]  ? __pfx_d_alloc_parallel+0x10/0x10
[  481.419338][T12899]  ? lockdep_init_map_type+0x5c/0x280
[  481.419355][T12899]  ? lockdep_init_map_type+0x5c/0x280
[  481.419374][T12899]  __lookup_slow+0x193/0x460
[  481.419397][T12899]  ? __pfx___lookup_slow+0x10/0x10
[  481.419416][T12899]  ? __mod_node_page_state+0x1c0/0x1d0
[  481.419437][T12899]  ? __mod_node_page_state+0x1c0/0x1d0
[  481.419454][T12899]  ? d_lookup+0xe7/0x190
[  481.419474][T12899]  lookup_one_unlocked+0xd4/0x120
[  481.419491][T12899]  lookup_one_positive_unlocked+0x24/0xc0
[  481.419510][T12899]  ovl_lower_positive+0x29f/0x560
[  481.419525][T12899]  ? __pfx_ovl_lower_positive+0x10/0x10
[  481.419541][T12899]  ovl_do_remove+0x78/0x1040
[  481.419554][T12899]  ? __pfx___might_resched+0x10/0x10
[  481.419566][T12899]  ? __pfx_make_vfsgid+0x10/0x10
[  481.419581][T12899]  ? security_inode_permission+0xbf/0x260
[  481.419596][T12899]  ? __pfx_ovl_do_remove+0x10/0x10
[  481.419608][T12899]  ? __pfx_down_write+0x10/0x10
[  481.419623][T12899]  ? may_delete+0x56b/0x820
[  481.419644][T12899]  vfs_unlink+0x2fe/0x9b0
[  481.419663][T12899]  do_unlinkat+0x4c5/0x6a0
[  481.419678][T12899]  ? __pfx_do_unlinkat+0x10/0x10
[  481.419697][T12899]  ? getname_flags.part.0+0x1c5/0x550
[  481.419716][T12899]  __ia32_sys_unlink+0xc4/0x110
[  481.419730][T12899]  __do_fast_syscall_32+0x7c/0x300
[  481.419746][T12899]  do_fast_syscall_32+0x32/0x80
[  481.419761][T12899]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  481.419776][T12899] RIP: 0023:0xf705d579
[  481.419784][T12899] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  481.419795][T12899] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 000000000000000a
[  481.419806][T12899] RAX: ffffffffffffffda RBX: 00000000800002c0 RCX: 0000000000000000
[  481.419813][T12899] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  481.419820][T12899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  481.419826][T12899] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  481.419832][T12899] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  481.419848][T12899]  </TASK>
[  481.652698][T12905] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  481.709811][T12909] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1887'.
[  482.416168][ T7906] Bluetooth: hci4: Frame reassembly failed (-84)
[  482.556457][T12915] program syz.1.1888 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  482.978923][T12925] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1889'.
[  483.468715][T11690] usb 7-1: USB disconnect, device number 10
[  483.686354][ T5299] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  483.742250][T12935] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  483.816025][ T7906] Bluetooth: hci5: Frame reassembly failed (-84)
[  484.586891][T12946] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1897'.
[  485.021772][T12953] kvm: apic: phys broadcast and lowest prio
[  485.062696][T12957] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1901'.
[  485.244151][T12960] binder: 12958:12960 ioctl c0306201 0 returned -14
[  485.708230][T12965] 8021q: VLANs not supported on ip6gre0
[  485.767504][ T5299] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  485.774871][T12967] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1903'.
[  486.017716][ T6003] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  486.025829][T12972] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  486.032185][ T7909] Bluetooth: hci4: Frame reassembly failed (-84)
[  486.602194][T11684] hid-generic 0003:0008:0009.000A: unknown main item tag 0x0
[  486.604500][T11684] hid-generic 0003:0008:0009.000A: unknown main item tag 0x0
[  486.617998][T11684] hid-generic 0003:0008:0009.000A: hidraw1: USB HID v0.08 Device [syz1] on syz1
[  486.898086][ T6003] usb 6-1: Using ep0 maxpacket: 16
[  487.216824][ T6003] usb 6-1: config 0 has no interfaces?
[  487.254722][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  487.254837][   T40] audit: type=1326 audit(2000000655.731:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  487.509254][ T6003] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  487.511932][ T6003] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.989135][   T40] audit: type=1326 audit(2000000655.741:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705d579 code=0x7ffc0000
[  487.997785][   T40] audit: type=1326 audit(2000000655.741:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  488.069966][   T40] audit: type=1326 audit(2000000655.741:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  488.089459][ T5299] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  488.092826][T11340] Bluetooth: hci4: command 0x1003 tx timeout
[  488.097803][   T40] audit: type=1326 audit(2000000655.741:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf705d579 code=0x7ffc0000
[  488.107438][ T6003] usb 6-1: config 0 descriptor??
[  488.118833][   T40] audit: type=1326 audit(2000000655.741:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  488.125889][   T40] audit: type=1326 audit(2000000655.741:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  488.133387][   T40] audit: type=1326 audit(2000000655.741:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  488.139824][   T40] audit: type=1326 audit(2000000655.741:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  488.146018][   T40] audit: type=1326 audit(2000000655.741:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12989 comm="syz.2.1910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  488.186941][T12993] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  488.292497][T13000] serio: Serial port ptm0
[  489.146349][T13015] overlayfs: failed to resolve './file0/file0': -2
[  489.981241][T11692] usb 6-1: USB disconnect, device number 16
[  491.764451][T13052] wg1: entered promiscuous mode
[  491.766605][T13052] wg1: entered allmulticast mode
[  492.074465][T13054] 8021q: VLANs not supported on ip6gre0
[  492.133063][T13056] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1928'.
[  492.159627][T13058] netlink: 'syz.1.1929': attribute type 6 has an invalid length.
[  492.461326][ T5970] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  492.611687][ T5970] usb 7-1: Using ep0 maxpacket: 16
[  492.618002][ T5970] usb 7-1: config 0 has no interfaces?
[  492.621039][ T5970] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  492.663811][ T5970] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.719647][ T5970] usb 7-1: config 0 descriptor??
[  493.074526][T13071] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  493.077129][T13071] UDF-fs: Scanning with blocksize 2048 failed
[  493.082343][T13071] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  493.084769][T13071] UDF-fs: Scanning with blocksize 4096 failed
[  493.902155][T13082] input input19: cannot allocate more than FF_MAX_EFFECTS effects
[  494.252809][T13087] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1937'.
[  494.259643][T11684] lo speed is unknown, defaulting to 1000
[  494.836959][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  494.836996][   T40] audit: type=1326 audit(2000000663.317:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.847622][   T40] audit: type=1326 audit(2000000663.337:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.856358][   T40] audit: type=1326 audit(2000000663.337:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.864537][   T40] audit: type=1326 audit(2000000663.337:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.873883][   T40] audit: type=1326 audit(2000000663.337:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.883616][   T40] audit: type=1326 audit(2000000663.337:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.892258][   T40] audit: type=1326 audit(2000000663.337:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.901043][   T40] audit: type=1326 audit(2000000663.337:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.910484][   T40] audit: type=1326 audit(2000000663.337:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.919939][   T40] audit: type=1326 audit(2000000663.337:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13089 comm="syz.1.1938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000
[  494.952078][T13093] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1939'.
[  495.011046][T11692] usb 7-1: USB disconnect, device number 11
[  495.302785][T13097] smc: removing ib device syz1
[  496.090189][T13115] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1946'.
[  496.162042][T13117] overlayfs: failed to resolve './file0/file0': -2
[  496.266731][T13119] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1948'.
[  496.541645][T13125] 8021q: VLANs not supported on ip6gre0
[  496.595410][T13128] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1950'.
[  497.213730][T11692] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  497.373928][T11692] usb 7-1: Using ep0 maxpacket: 16
[  497.378283][T11692] usb 7-1: config 0 has no interfaces?
[  497.380658][T11692] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  497.384560][T11692] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.390084][T11692] usb 7-1: config 0 descriptor??
[  498.307813][T13147] overlayfs: failed to resolve './file0/file0': -2
[  499.452833][T11692] usb 7-1: USB disconnect, device number 12
[  500.408699][T13158] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  500.411411][T13158] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  500.414566][T13158] vhci_hcd vhci_hcd.0: Device attached
[  500.815640][T11684] usb 37-1: new low-speed USB device number 5 using vhci_hcd
[  501.033809][T13159] vhci_hcd: connection reset by peer
[  501.036662][ T7909] vhci_hcd: stop threads
[  501.038450][ T7909] vhci_hcd: release socket
[  501.040361][ T7909] vhci_hcd: disconnect device
[  501.544195][T13166] 9pnet_virtio: no channels available for device syz
[  501.562900][T13166] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  502.991896][   T40] kauditd_printk_skb: 32 callbacks suppressed
[  502.991913][   T40] audit: type=1326 audit(2000000671.472:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.006853][   T40] audit: type=1326 audit(2000000671.472:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.014261][   T40] audit: type=1326 audit(2000000671.482:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.024573][   T40] audit: type=1326 audit(2000000671.482:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.052087][   T40] audit: type=1326 audit(2000000671.482:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.063632][   T40] audit: type=1326 audit(2000000671.482:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.073751][   T40] audit: type=1326 audit(2000000671.482:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.081000][   T40] audit: type=1326 audit(2000000671.482:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.088377][   T40] audit: type=1326 audit(2000000671.482:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.095029][   T40] audit: type=1326 audit(2000000671.482:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13171 comm="syz.2.1964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  503.154836][T13185] nbd: nbd0 already in use
[  503.158688][T13185] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1967'.
[  503.377426][T13181] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.1966'.
[  503.390997][T13181] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1966'.
[  503.498338][T13192] overlayfs: failed to resolve './file0/file0': -2
[  503.742783][T13199] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  503.756709][ T7909] Bluetooth: hci4: Frame reassembly failed (-84)
[  503.759597][ T7909] Bluetooth: hci4: Frame reassembly failed (-84)
[  504.543109][T13200] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  504.545849][T13200] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  504.549011][T13200] vhci_hcd vhci_hcd.0: Device attached
[  504.912618][T13204] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  504.914692][T13204] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  504.917281][T13204] vhci_hcd vhci_hcd.0: Device attached
[  504.951730][T13201] vhci_hcd: connection closed
[  504.952553][ T7871] vhci_hcd: stop threads
[  504.955573][ T7871] vhci_hcd: release socket
[  504.957097][ T7871] vhci_hcd: disconnect device
[  505.036459][   T29] usb 42-1: enqueue for inactive port 0
[  505.124164][T13213] : entered promiscuous mode
[  505.148671][T13207] vhci_hcd: connection closed
[  505.148908][ T7871] vhci_hcd: stop threads
[  505.151826][ T7871] vhci_hcd: release socket
[  505.153357][ T7871] vhci_hcd: disconnect device
[  505.189575][ T5970] usb 44-1: enqueue for inactive port 0
[  505.529039][   T29] usb usb42-port1: attempt power cycle
[  505.686060][T13234] overlayfs: failed to resolve './file0/file0': -2
[  505.743090][ T5970] usb usb44-port1: attempt power cycle
[  505.778633][ T5299] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  506.198709][T11684] vhci_hcd: vhci_device speed not set
[  506.340882][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  506.871135][T13249] overlayfs: failed to resolve './file0/file0': -2
[  507.052367][   T29] usb usb42-port1: unable to enumerate USB device
[  507.229132][ T6028] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  507.264967][ T5970] usb usb44-port1: unable to enumerate USB device
[  507.390867][ T6028] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  507.394243][ T6028] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  507.397669][ T6028] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  507.400819][ T6028] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.410047][T13259] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  507.412409][T13259] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  507.417915][ T6028] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  507.678939][T11692] usb 7-1: USB disconnect, device number 13
[  507.753707][T13272] overlayfs: failed to resolve './file0/file0': -2
[  508.286520][T11227] block nbd0: Possible stuck request ffff88802657e000: control (read@0,1024B). Runtime 60 seconds
[  508.290062][T11227] block nbd0: Possible stuck request ffff88802657e1c0: control (read@1024,1024B). Runtime 60 seconds
[  508.294116][T11227] block nbd0: Possible stuck request ffff88802657e380: control (read@2048,1024B). Runtime 60 seconds
[  508.298580][T11227] block nbd0: Possible stuck request ffff88802657e540: control (read@3072,1024B). Runtime 60 seconds
[  508.677959][T13284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1993'.
[  509.045274][T13294] overlayfs: failed to resolve './file0/file0': -2
[  509.853268][   T40] kauditd_printk_skb: 57 callbacks suppressed
[  509.853282][   T40] audit: type=1326 audit(2000000678.329:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  509.874335][   T40] audit: type=1326 audit(2000000678.329:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  509.887036][   T40] audit: type=1326 audit(2000000678.339:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf700d579 code=0x7ffc0000
[  509.896097][   T40] audit: type=1326 audit(2000000678.339:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  509.897792][T13315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2002'.
[  509.908197][   T40] audit: type=1326 audit(2000000678.339:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  509.916201][   T40] audit: type=1326 audit(2000000678.339:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf700d579 code=0x7ffc0000
[  509.925007][   T40] audit: type=1326 audit(2000000678.339:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  509.932145][   T40] audit: type=1326 audit(2000000678.339:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  509.939693][   T40] audit: type=1326 audit(2000000678.339:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  509.950174][   T40] audit: type=1326 audit(2000000678.339:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.0.2000" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  510.546947][T13328] netlink: 181328 bytes leftover after parsing attributes in process `syz.3.2006'.
[  510.550482][T13328] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2006'.
[  510.716726][T13334] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2009'.
[  511.121183][ T6003] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  511.291303][ T6003] usb 5-1: Using ep0 maxpacket: 8
[  511.294487][ T6003] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  511.294526][ T6003] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  511.294544][ T6003] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  511.294564][ T6003] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 42272, setting to 1024
[  511.294586][ T6003] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  511.294605][ T6003] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  511.294636][ T6003] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  511.294654][ T6003] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.500722][ T6003] usb 5-1: usb_control_msg returned -32
[  511.502614][ T6003] usbtmc 5-1:16.0: can't read capabilities
[  511.859060][T13354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2010'.
[  511.862706][T13354] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2010'.
[  511.894550][T13354] usbtmc 5-1:16.0: usb_control_msg returned -32
[  511.899463][ T6003] usb 5-1: USB disconnect, device number 25
[  511.951687][T13360] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2016'.
[  511.999478][T13357] bond7: (slave geneve2): Enslaving as an active interface with an up link
[  512.003417][   T13] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  512.006293][   T13] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  512.009214][   T13] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  512.013107][   T13] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  512.586899][T13372] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2021'.
[  512.636463][T13374] netlink: 181328 bytes leftover after parsing attributes in process `syz.3.2020'.
[  513.330637][T13386] overlayfs: failed to resolve './file0/file0': -2
[  513.470013][T13382] pimreg: entered allmulticast mode
[  513.475626][T13382] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  513.477687][T13382] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  513.480358][T13382] vhci_hcd vhci_hcd.0: Device attached
[  513.489902][T13390] vhci_hcd: connection closed
[  513.490419][ T7871] vhci_hcd: stop threads
[  513.494598][ T7871] vhci_hcd: release socket
[  513.496675][ T7871] vhci_hcd: disconnect device
[  516.043915][ T5349] udevd[5349]: worker [11787] /devices/virtual/block/nbd0 is taking a long time
[  516.284784][T13425] overlayfs: failed to resolve './file0/file0': -2
[  516.497301][T13421] __nla_validate_parse: 2 callbacks suppressed
[  516.497321][T13421] netlink: 181328 bytes leftover after parsing attributes in process `syz.2.2034'.
[  516.515422][T13421] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2034'.
[  519.157064][T13457] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2043'.
[  519.337761][T13463] overlayfs: failed to resolve './file0/file0': -2
[  519.342003][T13464] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2045'.
[  519.731643][T13472] overlayfs: failed to resolve './file0/file0': -2
[  519.984684][T13478] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2050'.
[  520.092391][T13481] overlayfs: failed to resolve './file0/file0': -2
[  521.651834][T13498] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2057'.
[  521.656913][T13500] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2056'.
[  521.891505][T13504] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  521.893693][T13504] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  521.897114][T13504] vhci_hcd vhci_hcd.0: Device attached
[  522.133604][T13511] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2059'.
[  522.137410][T11692] usb 43-1: new low-speed USB device number 8 using vhci_hcd
[  522.531825][T13507] vhci_hcd: connection reset by peer
[  522.534432][   T12] vhci_hcd: stop threads
[  522.536290][   T12] vhci_hcd: release socket
[  522.538345][   T12] vhci_hcd: disconnect device
[  522.603242][T13519] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  522.657363][T11690] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  522.716767][T13519] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  522.732666][T13519] overlayfs: failed to look up (tracing) for ino (-66)
[  522.807427][T11690] usb 7-1: Using ep0 maxpacket: 32
[  522.812641][T11690] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  522.816137][T11690] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  522.819784][T11690] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  522.823642][T11690] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  522.827793][T11690] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  522.831756][T11690] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  522.838085][T11690] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  522.841879][T11690] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.847277][T11690] usb 7-1: config 0 descriptor??
[  523.056070][T11690] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 14 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  523.066466][T11690] usb 7-1: USB disconnect, device number 14
[  523.070608][T11690] usblp0: removed
[  523.497790][T11691] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  523.597591][T13527] input: syz1 as /devices/virtual/input/input20
[  523.667798][T11691] usb 7-1: Using ep0 maxpacket: 32
[  523.689953][T11691] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  523.692505][T11691] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  523.695134][T11691] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  523.714446][T11691] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  523.717635][T11691] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  523.727813][T11691] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  523.731709][T11691] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  523.734531][T11691] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.748613][T11691] usb 7-1: config 0 descriptor??
[  523.970049][T11691] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 15 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  524.201831][T13530] overlayfs: failed to resolve './file0/file0': -2
[  524.271688][T13532] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  524.274620][T13532] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  524.278944][    C2] usblp0: nonzero read bulk status received: -71
[  524.283126][T13531] usblp0: error -71 reading from printer
[  524.289479][    C2] usblp0: nonzero read bulk status received: -71
[  524.293932][T11691] usb 7-1: USB disconnect, device number 15
[  524.296033][T13517] usblp0: error -71 reading from printer
[  524.750345][ T6003] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  524.901371][ T6003] usb 7-1: Using ep0 maxpacket: 32
[  524.908359][ T6003] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  524.911122][ T6003] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  524.918988][ T6003] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  524.921887][ T6003] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  524.925084][ T6003] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  524.933263][ T6003] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  524.937489][ T6003] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  524.945456][ T6003] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.959152][ T6003] usb 7-1: config 0 descriptor??
[  525.090703][T13538] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2067'.
[  525.126193][T13540] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2068'.
[  525.181877][T13517] openvswitch: netlink: Key type 58 is out of range max 32
[  525.187566][T13517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  525.194813][T13517] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  525.369126][T13516] usblp0: removed
[  526.167582][ T6003] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 16 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  526.172317][ T6003] usb 7-1: USB disconnect, device number 16
[  526.178363][ T6003] usblp0: removed
[  526.292051][T13552] 9pnet_virtio: no channels available for device syz
[  526.699915][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  526.699931][   T40] audit: type=1326 audit(2000000695.140:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  526.747985][   T40] audit: type=1326 audit(2000000695.140:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  526.761376][   T40] audit: type=1326 audit(2000000695.140:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705d579 code=0x7ffc0000
[  526.772141][   T40] audit: type=1326 audit(2000000695.140:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  527.080663][   T40] audit: type=1326 audit(2000000695.140:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  527.209310][   T40] audit: type=1326 audit(2000000695.140:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf705d579 code=0x7ffc0000
[  527.216690][   T40] audit: type=1326 audit(2000000695.140:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  527.230141][   T40] audit: type=1326 audit(2000000695.150:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  527.241617][   T40] audit: type=1326 audit(2000000695.150:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  527.248611][   T40] audit: type=1326 audit(2000000695.150:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13553 comm="syz.3.2072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  527.530565][T11692] vhci_hcd: vhci_device speed not set
[  529.121154][T13637] wg2 speed is unknown, defaulting to 1000
[  529.585575][T13637] lo speed is unknown, defaulting to 1000
[  529.588098][T13637] lo speed is unknown, defaulting to 1000
[  530.568181][T13661] overlayfs: failed to resolve './file0/file0': -2
[  530.572897][T13662] binder: BINDER_SET_CONTEXT_MGR already set
[  530.577870][T13662] binder: 13659:13662 ioctl 4018620d 800002c0 returned -16
[  530.812519][T13667] fuse: Bad value for 'user_id'
[  530.814202][T13667] fuse: Bad value for 'user_id'
[  531.059731][T13670] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  531.061801][T13670] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  531.066895][T13670] vhci_hcd vhci_hcd.0: Device attached
[  531.512389][   T60] usb 40-1: SetAddress Request (30) to port 0
[  531.514408][   T60] usb 40-1: new SuperSpeed USB device number 30 using vhci_hcd
[  531.525932][T13677] overlayfs: failed to resolve './file1': -2
[  531.842764][T13671] vhci_hcd: connection reset by peer
[  531.851097][T13619] vhci_hcd: stop threads
[  531.853512][T13619] vhci_hcd: release socket
[  531.855495][T13619] vhci_hcd: disconnect device
[  531.944056][T13683] netlink: 181328 bytes leftover after parsing attributes in process `syz.2.2091'.
[  531.948399][T13683] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2091'.
[  532.431602][T13688] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2092'.
[  532.549982][T13687] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  532.556147][T13614] Bluetooth: hci4: Frame reassembly failed (-84)
[  532.584491][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  532.584502][   T40] audit: type=1326 audit(2000000701.047:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  532.602469][   T40] audit: type=1326 audit(2000000701.047:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  532.609083][   T40] audit: type=1326 audit(2000000701.057:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf700d579 code=0x7ffc0000
[  532.615886][   T40] audit: type=1326 audit(2000000701.057:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  532.622567][   T40] audit: type=1326 audit(2000000701.057:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  532.629173][   T40] audit: type=1326 audit(2000000701.057:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf700d579 code=0x7ffc0000
[  532.636026][   T40] audit: type=1326 audit(2000000701.057:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  532.642690][   T40] audit: type=1326 audit(2000000701.057:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  532.649255][   T40] audit: type=1326 audit(2000000701.057:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf700d579 code=0x7ffc0000
[  532.656153][   T40] audit: type=1326 audit(2000000701.057:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13691 comm="syz.0.2095" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  533.815498][T13707] netlink: 181328 bytes leftover after parsing attributes in process `syz.0.2098'.
[  533.823062][T13707] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2098'.
[  533.856848][T13709] FAULT_INJECTION: forcing a failure.
[  533.856848][T13709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  533.861368][T13709] CPU: 1 UID: 0 PID: 13709 Comm: syz.1.2099 Not tainted syzkaller #0 PREEMPT(full) 
[  533.861383][T13709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  533.861390][T13709] Call Trace:
[  533.861403][T13709]  <TASK>
[  533.861408][T13709]  dump_stack_lvl+0x16c/0x1f0
[  533.861439][T13709]  should_fail_ex+0x512/0x640
[  533.861467][T13709]  _copy_from_user+0x2e/0xd0
[  533.861486][T13709]  drm_ioctl+0x4fb/0xc30
[  533.861505][T13709]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  533.861525][T13709]  ? __pfx_drm_ioctl+0x10/0x10
[  533.861551][T13709]  drm_compat_ioctl+0x327/0x460
[  533.861570][T13709]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  533.861589][T13709]  __ia32_compat_sys_ioctl+0x242/0x370
[  533.861608][T13709]  __do_fast_syscall_32+0x7c/0x300
[  533.861625][T13709]  do_fast_syscall_32+0x32/0x80
[  533.861640][T13709]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  533.861655][T13709] RIP: 0023:0xf707d579
[  533.861663][T13709] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  533.861675][T13709] RSP: 002b:00000000f546d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  533.861686][T13709] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000c03864bc
[  533.861693][T13709] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  533.861699][T13709] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  533.861706][T13709] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  533.861712][T13709] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  533.861727][T13709]  </TASK>
[  534.297001][T13715] netlink: 'syz.1.2100': attribute type 10 has an invalid length.
[  534.311100][T13715] team0: Cannot enslave team device to itself
[  534.593520][T11340] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  534.594478][ T5299] Bluetooth: hci4: command 0x1003 tx timeout
[  534.770033][T13722] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2103'.
[  534.819025][T13724] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2104'.
[  535.312360][T13736] overlayfs: failed to resolve './file0/file0': -2
[  536.406362][T13744] netlink: 181328 bytes leftover after parsing attributes in process `syz.0.2109'.
[  536.410247][T13744] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2109'.
[  536.595258][   T60] usb 40-1: device descriptor read/8, error -110
[  537.001354][   T60] usb usb40-port1: attempt power cycle
[  537.139729][T13749] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2112'.
[  537.282529][T13757] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2121'.
[  537.359075][T13758] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  537.364727][T13761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2115'.
[  537.601480][   T60] usb usb40-port1: unable to enumerate USB device
[  538.365585][T11227] block nbd0: Possible stuck request ffff88802657e000: control (read@0,1024B). Runtime 90 seconds
[  538.369874][T11227] block nbd0: Possible stuck request ffff88802657e1c0: control (read@1024,1024B). Runtime 90 seconds
[  538.374401][T11227] block nbd0: Possible stuck request ffff88802657e380: control (read@2048,1024B). Runtime 90 seconds
[  538.377827][T11227] block nbd0: Possible stuck request ffff88802657e540: control (read@3072,1024B). Runtime 90 seconds
[  539.392658][T13796] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2123'.
[  539.699249][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  539.699267][   T40] audit: type=1326 audit(2000000708.143:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.716865][   T40] audit: type=1326 audit(2000000708.143:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.726188][   T40] audit: type=1326 audit(2000000708.143:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.733475][   T40] audit: type=1326 audit(2000000708.143:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.734013][T13798] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  539.744275][T13798] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  539.746721][T13798] vhci_hcd vhci_hcd.0: Device attached
[  539.749058][   T40] audit: type=1326 audit(2000000708.143:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.756679][   T40] audit: type=1326 audit(2000000708.143:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.763376][   T40] audit: type=1326 audit(2000000708.143:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.776798][   T40] audit: type=1326 audit(2000000708.143:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.776843][T13803] vhci_hcd: connection closed
[  539.784027][   T40] audit: type=1326 audit(2000000708.153:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.794159][   T40] audit: type=1326 audit(2000000708.153:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13800 comm="syz.3.2125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  539.794566][T13618] vhci_hcd: stop threads
[  539.803816][T13618] vhci_hcd: release socket
[  539.805269][T13618] vhci_hcd: disconnect device
[  540.033787][T13806] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2127'.
[  541.441401][T13833] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2133'.
[  541.953182][T13845] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  541.955259][T13845] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  541.958000][T13845] vhci_hcd vhci_hcd.0: Device attached
[  541.968241][T13849] vhci_hcd: connection closed
[  541.968371][ T7871] vhci_hcd: stop threads
[  541.971187][ T7871] vhci_hcd: release socket
[  541.972548][ T7871] vhci_hcd: disconnect device
[  542.485325][T13855] syzkaller0: entered promiscuous mode
[  542.487102][T13855] syzkaller0: entered allmulticast mode
[  542.615763][T13859] binder: BINDER_SET_CONTEXT_MGR already set
[  542.618341][T13859] binder: 13858:13859 ioctl 4018620d 80000100 returned -16
[  542.620664][T13859] binder: BINDER_SET_CONTEXT_MGR already set
[  542.622560][T13859] binder: 13858:13859 ioctl 4018620d 80000100 returned -16
[  542.631572][T13862] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2138'.
[  542.665518][T13867] mac80211_hwsim hwsim4 wlan1: entered allmulticast mode
[  542.673370][T13867] FAULT_INJECTION: forcing a failure.
[  542.673370][T13867] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  542.674968][T13869] netlink: 'syz.1.2143': attribute type 1 has an invalid length.
[  542.679561][T13867] CPU: 3 UID: 0 PID: 13867 Comm: syz.3.2142 Not tainted syzkaller #0 PREEMPT(full) 
[  542.679576][T13867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  542.679583][T13867] Call Trace:
[  542.679588][T13867]  <TASK>
[  542.679592][T13867]  dump_stack_lvl+0x16c/0x1f0
[  542.679611][T13867]  should_fail_ex+0x512/0x640
[  542.679632][T13867]  _copy_from_iter+0x29f/0x1720
[  542.679652][T13867]  ? __alloc_skb+0x200/0x380
[  542.679670][T13867]  ? __pfx__copy_from_iter+0x10/0x10
[  542.679688][T13867]  ? netlink_autobind.isra.0+0x158/0x370
[  542.679708][T13867]  netlink_sendmsg+0x820/0xdd0
[  542.679723][T13867]  ? __pfx_netlink_sendmsg+0x10/0x10
[  542.679738][T13867]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  542.679758][T13867]  ____sys_sendmsg+0xa98/0xc70
[  542.679775][T13867]  ? __pfx_____sys_sendmsg+0x10/0x10
[  542.679789][T13867]  ? get_compat_msghdr+0x11a/0x170
[  542.679807][T13867]  ___sys_sendmsg+0x134/0x1d0
[  542.679819][T13867]  ? __pfx____sys_sendmsg+0x10/0x10
[  542.679838][T13867]  ? find_held_lock+0x2b/0x80
[  542.679860][T13867]  __sys_sendmsg+0x16d/0x220
[  542.679872][T13867]  ? __pfx___sys_sendmsg+0x10/0x10
[  542.679890][T13867]  ? rcu_is_watching+0x12/0xc0
[  542.679905][T13867]  __do_fast_syscall_32+0x7c/0x300
[  542.679926][T13867]  do_fast_syscall_32+0x32/0x80
[  542.679941][T13867]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  542.679956][T13867] RIP: 0023:0xf705d579
[  542.679964][T13867] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  542.679976][T13867] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  542.679986][T13867] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800003c0
[  542.679994][T13867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  542.680000][T13867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  542.680006][T13867] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  542.680013][T13867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  542.680028][T13867]  </TASK>
[  543.443212][T13887] FAULT_INJECTION: forcing a failure.
[  543.443212][T13887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  543.447325][T13887] CPU: 2 UID: 0 PID: 13887 Comm: syz.2.2147 Not tainted syzkaller #0 PREEMPT(full) 
[  543.447340][T13887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  543.447348][T13887] Call Trace:
[  543.447353][T13887]  <TASK>
[  543.447357][T13887]  dump_stack_lvl+0x16c/0x1f0
[  543.447375][T13887]  should_fail_ex+0x512/0x640
[  543.447395][T13887]  copy_fpstate_to_sigframe+0x854/0xaf0
[  543.447414][T13887]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  543.447433][T13887]  ? collect_signal+0x263/0x540
[  543.447449][T13887]  ? x86_task_fpu+0x5f/0x90
[  543.447463][T13887]  get_sigframe+0x4a8/0x9c0
[  543.447479][T13887]  ? __pfx_get_sigframe+0x10/0x10
[  543.447493][T13887]  ? _raw_spin_unlock_irq+0x23/0x50
[  543.447506][T13887]  ? siginfo_layout+0x1d2/0x290
[  543.447520][T13887]  ia32_setup_rt_frame+0xe3/0xb30
[  543.447538][T13887]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  543.447555][T13887]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  543.447571][T13887]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  543.447587][T13887]  ? find_held_lock+0x2b/0x80
[  543.447602][T13887]  arch_do_signal_or_restart+0x471/0x790
[  543.447616][T13887]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  543.447639][T13887]  exit_to_user_mode_loop+0x85/0x130
[  543.447658][T13887]  __do_fast_syscall_32+0x240/0x300
[  543.447674][T13887]  do_fast_syscall_32+0x32/0x80
[  543.447689][T13887]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  543.447703][T13887] RIP: 0023:0xf705d579
[  543.447712][T13887] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  543.447723][T13887] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 000000000000008d
[  543.447734][T13887] RAX: 0000000000000010 RBX: 0000000000000007 RCX: 0000000080001fc0
[  543.447741][T13887] RDX: 00000000000000b8 RSI: 0000000000000000 RDI: 0000000000000000
[  543.447748][T13887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  543.447754][T13887] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  543.447760][T13887] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  543.447775][T13887]  </TASK>
[  543.668668][T13895] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2150'.
[  543.761090][T13893] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  543.763187][T13893] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  543.765560][T13893] vhci_hcd vhci_hcd.0: Device attached
[  543.772247][T13897] vhci_hcd: connection closed
[  543.772586][T13601] vhci_hcd: stop threads
[  543.775844][T13601] vhci_hcd: release socket
[  543.777619][T13601] vhci_hcd: disconnect device
[  544.033537][T13908] vlan1: entered promiscuous mode
[  544.035564][T13908] vlan1: entered allmulticast mode
[  544.037230][T13908] veth0_vlan: entered allmulticast mode
[  544.500161][T13914] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2154'.
[  544.696329][T13918] netlink: 'syz.3.2155': attribute type 10 has an invalid length.
[  544.701998][T13918] mac80211_hwsim hwsim4 wlan1: left allmulticast mode
[  544.881538][T13923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2158'.
[  545.174933][T13929] netlink: 'syz.1.2159': attribute type 1 has an invalid length.
[  545.204160][T13929] bond1: entered promiscuous mode
[  545.206538][T13929] 8021q: adding VLAN 0 to HW filter on device bond1
[  545.222548][T13929] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2159'.
[  545.311621][T13932] comedi comedi3: pcl818: I/O port conflict (0x7,16)
[  545.349933][T13936] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2160'.
[  545.520814][T13938] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  545.523555][T13938] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  545.526707][T13938] vhci_hcd vhci_hcd.0: Device attached
[  545.537995][T13940] vhci_hcd: connection closed
[  545.538350][T13614] vhci_hcd: stop threads
[  545.542566][T13614] vhci_hcd: release socket
[  545.544620][T13614] vhci_hcd: disconnect device
[  545.930426][   T40] kauditd_printk_skb: 51 callbacks suppressed
[  545.930439][   T40] audit: type=1326 audit(2000000714.390:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.939135][   T40] audit: type=1326 audit(2000000714.390:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.945785][   T40] audit: type=1326 audit(2000000714.390:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.952911][   T40] audit: type=1326 audit(2000000714.390:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.961495][   T40] audit: type=1326 audit(2000000714.390:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.968190][   T40] audit: type=1326 audit(2000000714.390:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.974939][   T40] audit: type=1326 audit(2000000714.390:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.981585][   T40] audit: type=1326 audit(2000000714.390:1487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.988269][   T40] audit: type=1326 audit(2000000714.390:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.989543][T13953] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  545.995444][   T40] audit: type=1326 audit(2000000714.390:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.3.2165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  545.997453][T13953] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  546.007447][T13953] vhci_hcd vhci_hcd.0: Device attached
[  546.280144][   T60] usb 44-1: SetAddress Request (19) to port 0
[  546.282276][   T60] usb 44-1: new SuperSpeed USB device number 19 using vhci_hcd
[  547.036475][T13966] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2169'.
[  547.471467][T13954] vhci_hcd: connection reset by peer
[  547.475903][T13618] vhci_hcd: stop threads
[  547.477718][T13618] vhci_hcd: release socket
[  547.507212][T13618] vhci_hcd: disconnect device
[  548.520935][ T5970] page_pool_release_retry() stalled pool shutdown: id 32, 49 inflight 60 sec
[  548.570768][T14003] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2178'.
[  548.673473][T14007] netlink: 'syz.1.2180': attribute type 1 has an invalid length.
[  548.942936][T14020] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  548.945134][T14020] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  548.947594][T14020] vhci_hcd vhci_hcd.0: Device attached
[  548.956111][T14023] vhci_hcd: connection closed
[  548.956420][T13614] vhci_hcd: stop threads
[  548.960180][T13614] vhci_hcd: release socket
[  548.962682][T13614] vhci_hcd: disconnect device
[  549.565512][T11691] IPVS: starting estimator thread 0...
[  549.651711][T14047] IPVS: using max 44 ests per chain, 105600 per kthread
[  550.324038][T14077] FAULT_INJECTION: forcing a failure.
[  550.324038][T14077] name failslab, interval 1, probability 0, space 0, times 0
[  550.327920][T14077] CPU: 2 UID: 0 PID: 14077 Comm: syz.1.2194 Not tainted syzkaller #0 PREEMPT(full) 
[  550.327935][T14077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  550.327942][T14077] Call Trace:
[  550.327947][T14077]  <TASK>
[  550.327951][T14077]  dump_stack_lvl+0x16c/0x1f0
[  550.327970][T14077]  should_fail_ex+0x512/0x640
[  550.327988][T14077]  ? __kmalloc_noprof+0xca/0x880
[  550.328008][T14077]  should_failslab+0xc2/0x120
[  550.328024][T14077]  __kmalloc_noprof+0xdd/0x880
[  550.328042][T14077]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  550.328063][T14077]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  550.328078][T14077]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  550.328094][T14077]  ? kfree_skbmem+0x1a4/0x1f0
[  550.328111][T14077]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  550.328126][T14077]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  550.328146][T14077]  ? bpf_lsm_capable+0x9/0x10
[  550.328162][T14077]  ? security_capable+0x7e/0x260
[  550.328179][T14077]  ? ns_capable+0xd7/0x110
[  550.328193][T14077]  genl_rcv_msg+0x55c/0x800
[  550.328209][T14077]  ? __pfx_genl_rcv_msg+0x10/0x10
[  550.328223][T14077]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  550.328236][T14077]  ? __pfx_nl80211_new_key+0x10/0x10
[  550.328253][T14077]  ? __pfx_nl80211_post_doit+0x10/0x10
[  550.328275][T14077]  netlink_rcv_skb+0x158/0x420
[  550.328287][T14077]  ? __pfx_genl_rcv_msg+0x10/0x10
[  550.328303][T14077]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  550.328321][T14077]  ? netlink_deliver_tap+0x1ae/0xd30
[  550.328336][T14077]  genl_rcv+0x28/0x40
[  550.328348][T14077]  netlink_unicast+0x5aa/0x870
[  550.328363][T14077]  ? __pfx_netlink_unicast+0x10/0x10
[  550.328381][T14077]  netlink_sendmsg+0x8c8/0xdd0
[  550.328397][T14077]  ? __pfx_netlink_sendmsg+0x10/0x10
[  550.328411][T14077]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  550.328431][T14077]  ____sys_sendmsg+0xa98/0xc70
[  550.328448][T14077]  ? __pfx_____sys_sendmsg+0x10/0x10
[  550.328461][T14077]  ? get_compat_msghdr+0x11a/0x170
[  550.328480][T14077]  ___sys_sendmsg+0x134/0x1d0
[  550.328492][T14077]  ? __pfx____sys_sendmsg+0x10/0x10
[  550.328511][T14077]  ? find_held_lock+0x2b/0x80
[  550.328533][T14077]  __sys_sendmsg+0x16d/0x220
[  550.328545][T14077]  ? __pfx___sys_sendmsg+0x10/0x10
[  550.328563][T14077]  ? rcu_is_watching+0x12/0xc0
[  550.328578][T14077]  __do_fast_syscall_32+0x7c/0x300
[  550.328595][T14077]  do_fast_syscall_32+0x32/0x80
[  550.328610][T14077]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  550.328624][T14077] RIP: 0023:0xf707d579
[  550.328633][T14077] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  550.328644][T14077] RSP: 002b:00000000f546d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  550.328655][T14077] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  550.328662][T14077] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  550.328668][T14077] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  550.328675][T14077] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  550.328681][T14077] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  550.328696][T14077]  </TASK>
[  550.486171][T14094] netlink: 'syz.1.2198': attribute type 6 has an invalid length.
[  550.488627][T14094] FAULT_INJECTION: forcing a failure.
[  550.488627][T14094] name failslab, interval 1, probability 0, space 0, times 0
[  550.494940][T14094] CPU: 0 UID: 0 PID: 14094 Comm: syz.1.2198 Not tainted syzkaller #0 PREEMPT(full) 
[  550.494956][T14094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  550.494963][T14094] Call Trace:
[  550.494968][T14094]  <TASK>
[  550.494972][T14094]  dump_stack_lvl+0x16c/0x1f0
[  550.494991][T14094]  should_fail_ex+0x512/0x640
[  550.495009][T14094]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  550.495024][T14094]  should_failslab+0xc2/0x120
[  550.495040][T14094]  kmem_cache_alloc_node_noprof+0x78/0x770
[  550.495052][T14094]  ? __alloc_skb+0x2b2/0x380
[  550.495074][T14094]  ? __alloc_skb+0x2b2/0x380
[  550.495091][T14094]  __alloc_skb+0x2b2/0x380
[  550.495108][T14094]  ? __pfx___alloc_skb+0x10/0x10
[  550.495125][T14094]  ? __pfx_br_vlan_rtm_process+0x10/0x10
[  550.495142][T14094]  netlink_ack+0x15d/0xb80
[  550.495160][T14094]  netlink_rcv_skb+0x332/0x420
[  550.495172][T14094]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  550.495187][T14094]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  550.495205][T14094]  ? netlink_deliver_tap+0x1ae/0xd30
[  550.495219][T14094]  netlink_unicast+0x5aa/0x870
[  550.495234][T14094]  ? __pfx_netlink_unicast+0x10/0x10
[  550.495252][T14094]  netlink_sendmsg+0x8c8/0xdd0
[  550.495267][T14094]  ? __pfx_netlink_sendmsg+0x10/0x10
[  550.495281][T14094]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  550.495301][T14094]  ____sys_sendmsg+0xa98/0xc70
[  550.495317][T14094]  ? __pfx_____sys_sendmsg+0x10/0x10
[  550.495331][T14094]  ? get_compat_msghdr+0x11a/0x170
[  550.495360][T14094]  ___sys_sendmsg+0x134/0x1d0
[  550.495375][T14094]  ? __pfx____sys_sendmsg+0x10/0x10
[  550.495393][T14094]  ? find_held_lock+0x2b/0x80
[  550.495415][T14094]  __sys_sendmsg+0x16d/0x220
[  550.495427][T14094]  ? __pfx___sys_sendmsg+0x10/0x10
[  550.495445][T14094]  ? rcu_is_watching+0x12/0xc0
[  550.495461][T14094]  __do_fast_syscall_32+0x7c/0x300
[  550.495478][T14094]  do_fast_syscall_32+0x32/0x80
[  550.495493][T14094]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  550.495507][T14094] RIP: 0023:0xf707d579
[  550.495517][T14094] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  550.495528][T14094] RSP: 002b:00000000f546d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  550.495539][T14094] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  550.495547][T14094] RDX: 0000000020044014 RSI: 0000000000000000 RDI: 0000000000000000
[  550.495553][T14094] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  550.495559][T14094] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  550.495566][T14094] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  550.495581][T14094]  </TASK>
[  550.506618][T14086] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  550.586131][T14086] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  550.589040][T14086] vhci_hcd vhci_hcd.0: Device attached
[  550.606492][T14096] vhci_hcd: connection closed
[  550.606789][ T7871] vhci_hcd: stop threads
[  550.610136][ T7871] vhci_hcd: release socket
[  550.611619][ T7871] vhci_hcd: disconnect device
[  551.322281][   T60] usb 44-1: device descriptor read/8, error -110
[  551.723919][   T60] usb usb44-port1: attempt power cycle
[  551.741557][   T40] kauditd_printk_skb: 47 callbacks suppressed
[  551.741569][   T40] audit: type=1326 audit(2000000720.187:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  551.752942][   T40] audit: type=1326 audit(2000000720.187:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  551.757036][T14126] netlink: 292 bytes leftover after parsing attributes in process `syz.1.2206'.
[  551.760841][   T40] audit: type=1326 audit(2000000720.187:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705d579 code=0x7ffc0000
[  551.772723][   T40] audit: type=1326 audit(2000000720.187:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  551.780904][   T40] audit: type=1326 audit(2000000720.187:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  551.791148][   T40] audit: type=1326 audit(2000000720.187:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf705d579 code=0x7ffc0000
[  551.798721][   T40] audit: type=1326 audit(2000000720.187:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  551.806575][   T40] audit: type=1326 audit(2000000720.187:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  551.814015][   T40] audit: type=1326 audit(2000000720.187:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  551.820496][   T40] audit: type=1326 audit(2000000720.187:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14120 comm="syz.3.2205" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[  552.283285][   T60] usb usb44-port1: unable to enumerate USB device
[  552.331381][T14137] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2209'.
[  552.639336][T14144] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  552.641442][T14144] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  552.644291][T14144] vhci_hcd vhci_hcd.0: Device attached
[  552.943156][   T60] usb 37-1: new low-speed USB device number 6 using vhci_hcd
[  553.154793][T14150] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2212'.
[  553.162384][T14150] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2212'.
[  553.331073][T14145] vhci_hcd: connection reset by peer
[  553.344304][T13623] vhci_hcd: stop threads
[  553.346110][T13623] vhci_hcd: release socket
[  553.351218][T13623] vhci_hcd: disconnect device
[  553.457024][T14153] vivid-007: disconnect
[  553.503142][T14152] vivid-007: reconnect
[  553.536652][T14157] 8021q: VLANs not supported on ip6gre0
[  553.538881][T14157] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2214'.
[  553.769753][T14168] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  553.784455][T14168] support for the xor transformation has been removed.
[  553.794969][T11692] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  553.798652][T14162] netlink: 'syz.3.2216': attribute type 21 has an invalid length.
[  553.801074][T14162] IPv6: NLM_F_CREATE should be specified when creating new route
[  553.973240][T11692] usb 7-1: Using ep0 maxpacket: 16
[  553.984539][T11692] usb 7-1: config 0 has no interfaces?
[  553.986902][T11692] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  553.990634][T11692] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.002837][T11692] usb 7-1: config 0 descriptor??
[  554.974079][T14188] FAULT_INJECTION: forcing a failure.
[  554.974079][T14188] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  554.979010][T14188] CPU: 3 UID: 0 PID: 14188 Comm: syz.3.2222 Not tainted syzkaller #0 PREEMPT(full) 
[  554.979038][T14188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  554.979046][T14188] Call Trace:
[  554.979050][T14188]  <TASK>
[  554.979055][T14188]  dump_stack_lvl+0x16c/0x1f0
[  554.979073][T14188]  should_fail_ex+0x512/0x640
[  554.979094][T14188]  _copy_from_user+0x2e/0xd0
[  554.979113][T14188]  get_compat_msghdr+0xa7/0x170
[  554.979125][T14188]  ? __pfx_get_compat_msghdr+0x10/0x10
[  554.979137][T14188]  ? __lock_acquire+0x622/0x1c90
[  554.979156][T14188]  ___sys_recvmsg+0x191/0x1a0
[  554.979168][T14188]  ? __pfx____sys_recvmsg+0x10/0x10
[  554.979182][T14188]  ? find_held_lock+0x2b/0x80
[  554.979198][T14188]  ? __pfx___might_resched+0x10/0x10
[  554.979214][T14188]  do_recvmmsg+0x55d/0x750
[  554.979227][T14188]  ? __pfx_do_recvmmsg+0x10/0x10
[  554.979249][T14188]  ? __fget_files+0x20e/0x3c0
[  554.979261][T14188]  ? handle_mm_fault+0x250/0xd10
[  554.979281][T14188]  __sys_recvmmsg+0x21c/0x280
[  554.979293][T14188]  ? __pfx___sys_recvmmsg+0x10/0x10
[  554.979306][T14188]  ? __pfx_ksys_write+0x10/0x10
[  554.979321][T14188]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  554.979333][T14188]  ? lockdep_hardirqs_on+0x7c/0x110
[  554.979347][T14188]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  554.979362][T14188]  __do_fast_syscall_32+0x7c/0x300
[  554.979378][T14188]  do_fast_syscall_32+0x32/0x80
[  554.979393][T14188]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  554.979407][T14188] RIP: 0023:0xf705d579
[  554.979416][T14188] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  554.979427][T14188] RSP: 002b:00000000f542c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  554.979438][T14188] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000840
[  554.979445][T14188] RDX: 0000000000000414 RSI: 0000000000000406 RDI: 0000000000000000
[  554.979451][T14188] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  554.979457][T14188] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  554.979463][T14188] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  554.979478][T14188]  </TASK>
[  555.107178][T14197] syzkaller0: entered promiscuous mode
[  555.109420][T14197] syzkaller0: entered allmulticast mode
[  555.313846][T11692] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  555.394543][T14204] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  555.397350][T14204] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  555.409388][T14204] vhci_hcd vhci_hcd.0: Device attached
[  555.493899][T11692] usb 6-1: Using ep0 maxpacket: 8
[  555.499908][T11692] usb 6-1: unable to get BOS descriptor or descriptor too short
[  555.505915][T11692] usb 6-1: config 1 interface 0 altsetting 8 bulk endpoint 0x1 has invalid maxpacket 16
[  555.508900][T11692] usb 6-1: config 1 interface 0 altsetting 8 bulk endpoint 0x82 has invalid maxpacket 64
[  555.512638][T11692] usb 6-1: config 1 interface 0 has no altsetting 0
[  555.517966][T11692] usb 6-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  555.520808][T11692] usb 6-1: New USB device strings: Mfr=1, Product=231, SerialNumber=3
[  555.523446][T11692] usb 6-1: Product: syz
[  555.525832][T11692] usb 6-1: Manufacturer: 폏蹃晡ᘌ疈澢ᢹλ樵ݡᙚ꽂髏韙䛒﷭⃃ᶏ覯뿄ų쎯褈⤗䜚툖萳殯Ȝꃈ㹡䒔肃僂ͣ๾憱롢嬭땶玍艱㒷唞鋫ॉ㸐峻哹ཧꛋᢌ낎ͳ섪뵞謟孌쨳뒮଄ꅵ迲龈汗令뢄䒎앐襎ﾈ㬡쟰糇拓ᡫ懤ㄕ⌔䫋ꤣጺዴ菌殺
[  555.535000][T11692] usb 6-1: SerialNumber: syz
[  555.540730][T14192] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  555.543170][T14192] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  555.644334][   T29] usb 43-1: new low-speed USB device number 9 using vhci_hcd
[  555.748461][T14192] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  555.751916][T14192] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  555.961686][T11692] usblp0: Disabling reads from problematic bidirectional printer
[  555.965416][T11692] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 17 if 0 alt 8 proto 3 vid 0x03F0 pid 0x0004
[  555.970706][T11692] usb 6-1: USB disconnect, device number 17
[  555.976661][T11692] usblp0: removed
[  556.010393][T14205] vhci_hcd: connection reset by peer
[  556.013009][T13618] vhci_hcd: stop threads
[  556.015110][T13618] vhci_hcd: release socket
[  556.017076][T13618] vhci_hcd: disconnect device
[  556.529869][   T53] usb 7-1: USB disconnect, device number 17
[  556.630746][T14217] FAULT_INJECTION: forcing a failure.
[  556.630746][T14217] name failslab, interval 1, probability 0, space 0, times 0
[  556.636521][T14217] CPU: 3 UID: 0 PID: 14217 Comm: syz.2.2233 Not tainted syzkaller #0 PREEMPT(full) 
[  556.636544][T14217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  556.636554][T14217] Call Trace:
[  556.636560][T14217]  <TASK>
[  556.636566][T14217]  dump_stack_lvl+0x16c/0x1f0
[  556.636591][T14217]  should_fail_ex+0x512/0x640
[  556.636615][T14217]  ? fs_reclaim_acquire+0xae/0x150
[  556.636639][T14217]  should_failslab+0xc2/0x120
[  556.636662][T14217]  __kmalloc_noprof+0xdd/0x880
[  556.636687][T14217]  ? kfree+0x252/0x6d0
[  556.636700][T14217]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  556.636725][T14217]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  556.636745][T14217]  tomoyo_realpath_from_path+0xc2/0x6e0
[  556.636766][T14217]  ? tomoyo_profile+0x47/0x60
[  556.636791][T14217]  tomoyo_path2_perm+0x2a1/0x710
[  556.636806][T14217]  ? tomoyo_path2_perm+0x293/0x710
[  556.636823][T14217]  ? __pfx_tomoyo_path2_perm+0x10/0x10
[  556.636866][T14217]  ? do_raw_spin_unlock+0x172/0x230
[  556.636886][T14217]  ? simple_lookup+0x105/0x1d0
[  556.636907][T14217]  tomoyo_path_link+0xae/0x100
[  556.636927][T14217]  ? __pfx_tomoyo_path_link+0x10/0x10
[  556.636947][T14217]  ? make_vfsgid+0xf1/0x140
[  556.636969][T14217]  ? __pfx_make_vfsgid+0x10/0x10
[  556.636999][T14217]  security_path_link+0x12f/0x2b0
[  556.637030][T14217]  do_linkat+0x412/0x5a0
[  556.637055][T14217]  ? __pfx_do_linkat+0x10/0x10
[  556.637074][T14217]  ? strncpy_from_user+0x203/0x2e0
[  556.637100][T14217]  ? getname_flags.part.0+0x1c5/0x550
[  556.637129][T14217]  __ia32_sys_linkat+0xea/0x130
[  556.637152][T14217]  __do_fast_syscall_32+0x7c/0x300
[  556.637176][T14217]  do_fast_syscall_32+0x32/0x80
[  556.637197][T14217]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  556.637217][T14217] RIP: 0023:0xf705d579
[  556.637231][T14217] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  556.637247][T14217] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 000000000000012f
[  556.637262][T14217] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000380
[  556.637273][T14217] RDX: 00000000ffffff9c RSI: 00000000800003c0 RDI: 0000000000000000
[  556.637284][T14217] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  556.637293][T14217] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  556.637302][T14217] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  556.637325][T14217]  </TASK>
[  556.637332][T14217] ERROR: Out of memory at tomoyo_realpath_from_path.
[  556.944520][T14223] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  556.949260][T13601] Bluetooth: hci4: Frame reassembly failed (-84)
[  557.019546][T14231] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2238'.
[  557.853667][T14237] input: syz1 as /devices/virtual/input/input21
[  557.860379][T14237] FAULT_INJECTION: forcing a failure.
[  557.860379][T14237] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  557.866310][T14237] CPU: 2 UID: 0 PID: 14237 Comm: syz.0.2240 Not tainted syzkaller #0 PREEMPT(full) 
[  557.866334][T14237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  557.866345][T14237] Call Trace:
[  557.866353][T14237]  <TASK>
[  557.866359][T14237]  dump_stack_lvl+0x16c/0x1f0
[  557.866388][T14237]  should_fail_ex+0x512/0x640
[  557.866419][T14237]  _copy_from_user+0x2e/0xd0
[  557.866448][T14237]  input_event_from_user+0x137/0x290
[  557.866489][T14237]  ? __pfx_input_event_from_user+0x10/0x10
[  557.866513][T14237]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  557.866535][T14237]  ? input_event+0xb6/0xd0
[  557.866557][T14237]  uinput_write+0xbe7/0xff0
[  557.866591][T14237]  ? __pfx_uinput_write+0x10/0x10
[  557.866614][T14237]  ? common_file_perm+0x1a9/0x340
[  557.866635][T14237]  ? bpf_lsm_file_permission+0x9/0x10
[  557.866656][T14237]  ? security_file_permission+0x71/0x210
[  557.866677][T14237]  ? rw_verify_area+0xcf/0x6c0
[  557.866698][T14237]  ? __pfx_uinput_write+0x10/0x10
[  557.866721][T14237]  vfs_write+0x2a0/0x11d0
[  557.866748][T14237]  ? __pfx_vfs_write+0x10/0x10
[  557.866766][T14237]  ? find_held_lock+0x2b/0x80
[  557.866787][T14237]  ? __fget_files+0x204/0x3c0
[  557.866812][T14237]  ? __fget_files+0x20e/0x3c0
[  557.866829][T14237]  ? handle_mm_fault+0x250/0xd10
[  557.866865][T14237]  ksys_write+0x1f8/0x250
[  557.866885][T14237]  ? __pfx_ksys_write+0x10/0x10
[  557.866909][T14237]  ? rcu_is_watching+0x12/0xc0
[  557.866934][T14237]  __do_fast_syscall_32+0x7c/0x300
[  557.866968][T14237]  do_fast_syscall_32+0x32/0x80
[  557.866992][T14237]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  557.867014][T14237] RIP: 0023:0xf700d579
[  557.867028][T14237] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  557.867045][T14237] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  557.867063][T14237] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  557.867074][T14237] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000000
[  557.867085][T14237] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  557.867095][T14237] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  557.867106][T14237] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  557.867132][T14237]  </TASK>
[  558.036251][   T60] vhci_hcd: vhci_device speed not set
[  558.256759][T14254] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  558.259498][T14254] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  558.262697][T14254] vhci_hcd vhci_hcd.0: Device attached
[  558.290938][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  558.290949][   T40] audit: type=1804 audit(2000000726.744:1552): pid=14257 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2245" name="/newroot/579/file1" dev="fuse" ino=1 res=1 errno=0
[  558.291707][T14250] FAULT_INJECTION: forcing a failure.
[  558.291707][T14250] name failslab, interval 1, probability 0, space 0, times 0
[  558.292953][   T40] audit: type=1800 audit(2000000726.744:1553): pid=14257 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2245" name="/" dev="fuse" ino=1 res=0 errno=0
[  558.301498][T14250] CPU: 2 UID: 0 PID: 14250 Comm: syz.2.2245 Not tainted syzkaller #0 PREEMPT(full) 
[  558.301523][T14250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  558.301535][T14250] Call Trace:
[  558.301542][T14250]  <TASK>
[  558.301551][T14250]  dump_stack_lvl+0x16c/0x1f0
[  558.301580][T14250]  should_fail_ex+0x512/0x640
[  558.301607][T14250]  ? fs_reclaim_acquire+0xae/0x150
[  558.301634][T14250]  should_failslab+0xc2/0x120
[  558.301659][T14250]  __kmalloc_noprof+0xdd/0x880
[  558.301686][T14250]  ? __pfx_prepend_path+0x10/0x10
[  558.301710][T14250]  ? ima_alloc_init_template+0xb5/0x720
[  558.301734][T14250]  ? ima_alloc_init_template+0xb5/0x720
[  558.301750][T14250]  ima_alloc_init_template+0xb5/0x720
[  558.301768][T14250]  ? d_absolute_path+0x136/0x1a0
[  558.301812][T14250]  ? __pfx_d_absolute_path+0x10/0x10
[  558.301839][T14250]  ima_store_measurement+0x1eb/0x5c0
[  558.301861][T14250]  ? __pfx_ima_store_measurement+0x10/0x10
[  558.301881][T14250]  ? ima_d_path+0x12b/0x2a0
[  558.301906][T14250]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  558.301937][T14250]  process_measurement+0x1f26/0x23e0
[  558.301977][T14250]  ? __lock_acquire+0x622/0x1c90
[  558.302002][T14250]  ? __pfx_process_measurement+0x10/0x10
[  558.302039][T14250]  ? find_held_lock+0x2b/0x80
[  558.302080][T14250]  ? get_pid_task+0x106/0x250
[  558.302106][T14250]  ? proc_fail_nth_write+0x9f/0x220
[  558.302127][T14250]  ? find_held_lock+0x2b/0x80
[  558.302151][T14250]  ima_file_mmap+0x1b1/0x1d0
[  558.302177][T14250]  ? __pfx_ima_file_mmap+0x10/0x10
[  558.302210][T14250]  security_mmap_file+0x88c/0x990
[  558.302233][T14250]  vm_mmap_pgoff+0xec/0x470
[  558.302258][T14250]  ? find_held_lock+0x2b/0x80
[  558.302276][T14250]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  558.302305][T14250]  ? __fget_files+0x20e/0x3c0
[  558.302330][T14250]  ksys_mmap_pgoff+0x32c/0x5c0
[  558.302355][T14250]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  558.302383][T14250]  __do_fast_syscall_32+0x7c/0x300
[  558.302406][T14250]  do_fast_syscall_32+0x32/0x80
[  558.302428][T14250]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  558.302451][T14250] RIP: 0023:0xf705d579
[  558.302467][T14250] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  558.302484][T14250] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  558.302502][T14250] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000002000
[  558.302514][T14250] RDX: 0000000000000006 RSI: 0000000000000013 RDI: 0000000000000007
[  558.302526][T14250] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  558.302536][T14250] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  558.302547][T14250] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  558.302574][T14250]  </TASK>
[  558.419381][   T40] audit: type=1800 audit(2000000726.744:1554): pid=14250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2245" name="/" dev="fuse" ino=1 res=0 errno=0
[  558.427279][   T40] audit: type=1804 audit(2000000726.754:1555): pid=14250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.2245" name="/newroot/579/file1" dev="fuse" ino=1 res=0 errno=0
[  558.569647][T14264] overlayfs: failed to resolve './file0/file0': -2
[  558.867948][T14255] vhci_hcd: connection closed
[  558.868842][T13623] vhci_hcd: stop threads
[  558.872437][T13623] vhci_hcd: release socket
[  558.874100][T13623] vhci_hcd: disconnect device
[  559.005725][ T5299] Bluetooth: hci4: command 0x1003 tx timeout
[  559.006161][T11340] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  560.491226][T14284] IPVS: set_ctl: invalid protocol: 43 224.0.0.1:20002
[  560.757169][   T29] vhci_hcd: vhci_device speed not set
[  560.998644][T14298] netlink: 181328 bytes leftover after parsing attributes in process `syz.1.2255'.
[  561.002355][T14298] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2255'.
[  561.126213][T14302] FAULT_INJECTION: forcing a failure.
[  561.126213][T14302] name failslab, interval 1, probability 0, space 0, times 0
[  561.130635][T14302] CPU: 3 UID: 0 PID: 14302 Comm: syz.3.2258 Not tainted syzkaller #0 PREEMPT(full) 
[  561.130651][T14302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  561.130657][T14302] Call Trace:
[  561.130662][T14302]  <TASK>
[  561.130666][T14302]  dump_stack_lvl+0x16c/0x1f0
[  561.130684][T14302]  should_fail_ex+0x512/0x640
[  561.130702][T14302]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  561.130716][T14302]  should_failslab+0xc2/0x120
[  561.130733][T14302]  kmem_cache_alloc_noprof+0x75/0x6e0
[  561.130744][T14302]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  561.130761][T14302]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  561.130780][T14302]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  561.130796][T14302]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  561.130818][T14302]  mmu_topup_memory_caches+0x25/0x170
[  561.130838][T14302]  kvm_mmu_load+0xd6/0x23c0
[  561.130856][T14302]  ? vmx_vcpu_load_vmcs+0x222/0x770
[  561.130874][T14302]  ? __pfx_kvm_mmu_load+0x10/0x10
[  561.130897][T14302]  kvm_arch_vcpu_pre_fault_memory+0x4e1/0x600
[  561.130916][T14302]  ? __pfx_kvm_arch_vcpu_pre_fault_memory+0x10/0x10
[  561.130940][T14302]  kvm_vcpu_ioctl+0xcc6/0x1690
[  561.130958][T14302]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  561.130978][T14302]  ? tomoyo_path_number_perm+0x18d/0x580
[  561.130991][T14302]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  561.131008][T14302]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  561.131028][T14302]  ? do_vfs_ioctl+0x128/0x14f0
[  561.131045][T14302]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  561.131069][T14302]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  561.131085][T14302]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  561.131102][T14302]  ? __fget_files+0x20e/0x3c0
[  561.131116][T14302]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  561.131133][T14302]  __ia32_compat_sys_ioctl+0x242/0x370
[  561.131152][T14302]  __do_fast_syscall_32+0x7c/0x300
[  561.131169][T14302]  do_fast_syscall_32+0x32/0x80
[  561.131184][T14302]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  561.131198][T14302] RIP: 0023:0xf705d579
[  561.131208][T14302] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  561.131219][T14302] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  561.131230][T14302] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c040aed5
[  561.131237][T14302] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  561.131243][T14302] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  561.131250][T14302] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  561.131256][T14302] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  561.131271][T14302]  </TASK>
[  561.480603][T14311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2261'.
[  562.293598][T14320] overlayfs: failed to resolve './file0/file0': -2
[  564.494269][T14352] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2273'.
[  564.504373][T14354] overlayfs: failed to resolve './file0': -2
[  564.623759][T14350] netlink: 181328 bytes leftover after parsing attributes in process `syz.2.2272'.
[  564.641017][T14350] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2272'.
[  566.538027][   T40] audit: type=1326 audit(2000000734.980:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  566.546950][   T40] audit: type=1326 audit(2000000734.980:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  566.555540][   T40] audit: type=1326 audit(2000000734.990:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf700d579 code=0x7ffc0000
[  566.564089][   T40] audit: type=1326 audit(2000000734.990:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  566.573780][   T40] audit: type=1326 audit(2000000734.990:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  566.581714][   T40] audit: type=1326 audit(2000000734.990:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf700d579 code=0x7ffc0000
[  566.590601][   T40] audit: type=1326 audit(2000000734.990:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  566.598818][   T40] audit: type=1326 audit(2000000734.990:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  566.607195][   T40] audit: type=1326 audit(2000000734.990:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x7ffc0000
[  566.615714][   T40] audit: type=1326 audit(2000000734.990:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf700d579 code=0x7ffc0000
[  567.342930][T14384] x_tables: ip6_tables: udplite match: only valid for protocol 136
[  567.812708][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  568.460266][ T6049] block nbd0: Possible stuck request ffff88802657e000: control (read@0,1024B). Runtime 120 seconds
[  568.463748][ T6049] block nbd0: Possible stuck request ffff88802657e1c0: control (read@1024,1024B). Runtime 120 seconds
[  568.467135][ T6049] block nbd0: Possible stuck request ffff88802657e380: control (read@2048,1024B). Runtime 120 seconds
[  568.473885][ T6049] block nbd0: Possible stuck request ffff88802657e540: control (read@3072,1024B). Runtime 120 seconds
[  568.701348][T14390] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  568.704097][T14390] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  568.707616][T14390] vhci_hcd vhci_hcd.0: Device attached
[  568.717326][T14390] smc: net device ip6_vti0 applied user defined pnetid SYZ1
[  568.719996][T14390] smc: ib device syz2 ibport 1 applied user defined pnetid SYZ1
[  568.967433][T14391] vhci_hcd: connection closed
[  568.967629][T13623] vhci_hcd: stop threads
[  568.970591][T13623] vhci_hcd: release socket
[  568.970925][ T5970] usb 38-1: SetAddress Request (18) to port 0
[  568.974748][ T5970] usb 38-1: new SuperSpeed USB device number 18 using vhci_hcd
[  568.975189][T13623] vhci_hcd: disconnect device
[  568.990466][ T5970] usb 38-1: enqueue for inactive port 0
[  569.381152][ T5970] usb usb38-port1: attempt power cycle
[  570.064632][ T5970] usb usb38-port1: unable to enumerate USB device
[  582.107368][ T5299] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  582.110587][ T5299] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  582.113478][ T5299] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  582.116392][ T5299] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  582.120341][ T5299] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  582.146401][T14421] wg2 speed is unknown, defaulting to 1000
[  582.225685][T14421] lo speed is unknown, defaulting to 1000
[  582.229085][T14421] lo speed is unknown, defaulting to 1000
[  582.318834][T14421] chnl_net:caif_netlink_parms(): no params data found
[  584.137884][ T5299] Bluetooth: hci4: command tx timeout
[  585.129292][T11340] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  585.133461][T11340] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  585.137636][T11340] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  585.140444][T11340] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  585.142979][T11340] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  586.014917][ T1418] ==================================================================
[  586.018087][ T1418] BUG: KASAN: slab-use-after-free in handle_tx+0x5a5/0x630
[  586.020932][ T1418] Read of size 8 at addr ffff88802274d020 by task aoe_tx0/1418
[  586.025270][ T1418] 
[  586.026227][ T1418] CPU: 2 UID: 0 PID: 1418 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT(full) 
[  586.026246][ T1418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  586.026255][ T1418] Call Trace:
[  586.026261][ T1418]  <TASK>
[  586.026267][ T1418]  dump_stack_lvl+0x116/0x1f0
[  586.026287][ T1418]  print_report+0xcd/0x630
[  586.026306][ T1418]  ? __virt_addr_valid+0x81/0x610
[  586.026324][ T1418]  ? __phys_addr+0xe8/0x180
[  586.026342][ T1418]  ? handle_tx+0x5a5/0x630
[  586.026358][ T1418]  kasan_report+0xe0/0x110
[  586.026376][ T1418]  ? handle_tx+0x5a5/0x630
[  586.026392][ T1418]  handle_tx+0x5a5/0x630
[  586.026408][ T1418]  dev_hard_start_xmit+0x97/0x740
[  586.026431][ T1418]  __dev_queue_xmit+0xa46/0x4490
[  586.026453][ T1418]  ? lockdep_hardirqs_on+0x7c/0x110
[  586.026470][ T1418]  ? finish_task_switch.isra.0+0x221/0xc10
[  586.026485][ T1418]  ? rcu_is_watching+0x12/0xc0
[  586.026501][ T1418]  ? __pfx___dev_queue_xmit+0x10/0x10
[  586.026520][ T1418]  ? __schedule+0x11a3/0x5de0
[  586.026537][ T1418]  ? __lock_acquire+0xb8a/0x1c90
[  586.026556][ T1418]  ? __lock_acquire+0xb8a/0x1c90
[  586.026577][ T1418]  ? do_raw_spin_lock+0x12c/0x2b0
[  586.026599][ T1418]  ? find_held_lock+0x2b/0x80
[  586.026613][ T1418]  ? skb_dequeue+0x126/0x180
[  586.026631][ T1418]  ? find_held_lock+0x2b/0x80
[  586.026646][ T1418]  ? rcu_is_watching+0x12/0xc0
[  586.026662][ T1418]  tx+0xcc/0x190
[  586.026681][ T1418]  ? __pfx_tx+0x10/0x10
[  586.026705][ T1418]  kthread+0x1e4/0x3e0
[  586.026722][ T1418]  ? find_held_lock+0x2b/0x80
[  586.026735][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.026753][ T1418]  ? __pfx_default_wake_function+0x10/0x10
[  586.026865][ T1418]  ? lockdep_hardirqs_on+0x7c/0x110
[  586.026883][ T1418]  ? __kthread_parkme+0x19e/0x250
[  586.026900][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.026916][ T1418]  kthread+0x3c5/0x780
[  586.026936][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.026956][ T1418]  ? rcu_is_watching+0x12/0xc0
[  586.026970][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.026989][ T1418]  ret_from_fork+0x675/0x7d0
[  586.027009][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.027029][ T1418]  ret_from_fork_asm+0x1a/0x30
[  586.027053][ T1418]  </TASK>
[  586.027058][ T1418] 
[  586.097236][ T1418] Allocated by task 11202:
[  586.098676][ T1418]  kasan_save_stack+0x33/0x60
[  586.100250][ T1418]  kasan_save_track+0x14/0x30
[  586.102337][ T1418]  __kasan_kmalloc+0xaa/0xb0
[  586.104264][ T1418]  alloc_tty_struct+0x96/0x8c0
[  586.106352][ T1418]  tty_init_dev.part.0+0x1e/0x500
[  586.108425][ T1418]  tty_open+0xa4f/0xf90
[  586.110246][ T1418]  chrdev_open+0x234/0x6a0
[  586.112085][ T1418]  do_dentry_open+0x982/0x1530
[  586.114094][ T1418]  vfs_open+0x82/0x3f0
[  586.115915][ T1418]  path_openat+0x1de4/0x2cb0
[  586.117842][ T1418]  do_filp_open+0x20b/0x470
[  586.119733][ T1418]  do_sys_openat2+0x11b/0x1d0
[  586.121783][ T1418]  __ia32_compat_sys_openat+0x16d/0x210
[  586.124128][ T1418]  __do_fast_syscall_32+0x7c/0x300
[  586.126137][ T1418]  do_fast_syscall_32+0x32/0x80
[  586.128228][ T1418]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  586.130763][ T1418] 
[  586.131806][ T1418] Freed by task 60:
[  586.133401][ T1418]  kasan_save_stack+0x33/0x60
[  586.135473][ T1418]  kasan_save_track+0x14/0x30
[  586.137417][ T1418]  __kasan_save_free_info+0x3b/0x60
[  586.139644][ T1418]  __kasan_slab_free+0x5f/0x80
[  586.141638][ T1418]  kfree+0x2b8/0x6d0
[  586.143307][ T1418]  process_one_work+0x9cf/0x1b70
[  586.145441][ T1418]  worker_thread+0x6c8/0xf10
[  586.147386][ T1418]  kthread+0x3c5/0x780
[  586.149171][ T1418]  ret_from_fork+0x675/0x7d0
[  586.151099][ T1418]  ret_from_fork_asm+0x1a/0x30
[  586.153082][ T1418] 
[  586.154121][ T1418] Last potentially related work creation:
[  586.156531][ T1418]  kasan_save_stack+0x33/0x60
[  586.158489][ T1418]  kasan_record_aux_stack+0xa7/0xc0
[  586.160708][ T1418]  insert_work+0x36/0x230
[  586.162532][ T1418]  __queue_work+0x97e/0x1160
[  586.164528][ T1418]  queue_work_on+0x1a4/0x1f0
[  586.166471][ T1418]  release_tty+0x4de/0x5d0
[  586.168323][ T1418]  tty_release_struct+0xb7/0xe0
[  586.170377][ T1418]  tty_release+0xe2d/0x1430
[  586.172293][ T1418]  __fput+0x402/0xb70
[  586.174042][ T1418]  task_work_run+0x150/0x240
[  586.175939][ T1418]  do_exit+0x86f/0x2bf0
[  586.177674][ T1418]  do_group_exit+0xd3/0x2a0
[  586.179647][ T1418]  get_signal+0x2671/0x26d0
[  586.181492][ T1418]  arch_do_signal_or_restart+0x8f/0x790
[  586.183885][ T1418]  exit_to_user_mode_loop+0x85/0x130
[  586.186086][ T1418]  __do_fast_syscall_32+0x240/0x300
[  586.188314][ T1418]  do_fast_syscall_32+0x32/0x80
[  586.190328][ T1418]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  586.192958][ T1418] 
[  586.194016][ T1418] The buggy address belongs to the object at ffff88802274d000
[  586.194016][ T1418]  which belongs to the cache kmalloc-cg-2k of size 2048
[  586.199877][ T1418] The buggy address is located 32 bytes inside of
[  586.199877][ T1418]  freed 2048-byte region [ffff88802274d000, ffff88802274d800)
[  586.205528][ T1418] 
[  586.206570][ T1418] The buggy address belongs to the physical page:
[  586.209249][ T1418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22748
[  586.212835][ T1418] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  586.216356][ T1418] memcg:ffff888025bf3e01
[  586.218169][ T1418] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  586.218878][T11340] Bluetooth: hci4: command tx timeout
[  586.221383][ T1418] page_type: f5(slab)
[  586.221399][ T1418] raw: 00fff00000000040 ffff88801b44c140 ffffea00004c1600 dead000000000002
[  586.221415][ T1418] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff888025bf3e01
[  586.221431][ T1418] head: 00fff00000000040 ffff88801b44c140 ffffea00004c1600 dead000000000002
[  586.221446][ T1418] head: 0000000000000000 0000000000080008 00000000f5000000 ffff888025bf3e01
[  586.239094][ T1418] head: 00fff00000000003 ffffea000089d201 00000000ffffffff 00000000ffffffff
[  586.242761][ T1418] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  586.246410][ T1418] page dumped because: kasan: bad access detected
[  586.249109][ T1418] page_owner tracks the page as allocated
[  586.251416][ T1418] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 10577, tgid 10576 (syz.2.1272), ts 314021250722, free_ts 313994420183
[  586.260293][ T1418]  post_alloc_hook+0x1af/0x220
[  586.262300][ T1418]  get_page_from_freelist+0x10a3/0x3a30
[  586.264643][ T1418]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  586.267167][ T1418]  alloc_pages_mpol+0x1fb/0x550
[  586.269201][ T1418]  new_slab+0x24a/0x360
[  586.270946][ T1418]  ___slab_alloc+0xd79/0x1a50
[  586.272974][ T1418]  __slab_alloc.constprop.0+0x63/0x110
[  586.275228][ T1418]  __kmalloc_noprof+0x501/0x880
[  586.277334][ T1418]  __register_sysctl_table+0xb3/0x1900
[  586.279654][ T1418]  __devinet_sysctl_register+0x1b9/0x360
[  586.281957][ T1418]  devinet_sysctl_register+0x17b/0x200
[  586.284283][ T1418]  inetdev_init+0x2b8/0x5a0
[  586.286175][ T1418]  inetdev_event+0xc5f/0x18a0
[  586.288130][ T1418]  notifier_call_chain+0xbc/0x410
[  586.290226][ T1418]  call_netdevice_notifiers_info+0xbe/0x140
[  586.292655][ T1418]  register_netdevice+0x182e/0x2270
[  586.294903][ T1418] page last free pid 5944 tgid 5944 stack trace:
[  586.297418][ T1418]  __free_frozen_pages+0x7df/0x1160
[  586.299682][ T1418]  __put_partials+0x130/0x170
[  586.301647][ T1418]  qlist_free_all+0x4d/0x120
[  586.303613][ T1418]  kasan_quarantine_reduce+0x195/0x1e0
[  586.305855][ T1418]  __kasan_slab_alloc+0x69/0x90
[  586.307916][ T1418]  __kmalloc_cache_noprof+0x274/0x780
[  586.310209][ T1418]  kernfs_fop_open+0x244/0xda0
[  586.312167][ T1418]  do_dentry_open+0x982/0x1530
[  586.314184][ T1418]  vfs_open+0x82/0x3f0
[  586.315959][ T1418]  path_openat+0x1de4/0x2cb0
[  586.317906][ T1418]  do_filp_open+0x20b/0x470
[  586.319935][ T1418]  do_sys_openat2+0x11b/0x1d0
[  586.321855][ T1418]  __x64_sys_openat+0x174/0x210
[  586.323859][ T1418]  do_syscall_64+0xcd/0xfa0
[  586.325832][ T1418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  586.328322][ T1418] 
[  586.329288][ T1418] Memory state around the buggy address:
[  586.331667][ T1418]  ffff88802274cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  586.335035][ T1418]  ffff88802274cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  586.338377][ T1418] >ffff88802274d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  586.341691][ T1418]                                ^
[  586.343884][ T1418]  ffff88802274d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  586.347200][ T1418]  ffff88802274d100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  586.350582][ T1418] ==================================================================
[  586.353987][ T1418] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  586.357133][ T1418] CPU: 2 UID: 0 PID: 1418 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT(full) 
[  586.360959][ T1418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  586.365433][ T1418] Call Trace:
[  586.366877][ T1418]  <TASK>
[  586.368148][ T1418]  dump_stack_lvl+0x3d/0x1f0
[  586.370189][ T1418]  vpanic+0x640/0x6f0
[  586.371850][ T1418]  panic+0xca/0xd0
[  586.373438][ T1418]  ? __pfx_panic+0x10/0x10
[  586.375316][ T1418]  ? check_panic_on_warn+0x1f/0xb0
[  586.377491][ T1418]  check_panic_on_warn+0xab/0xb0
[  586.379654][ T1418]  end_report+0x107/0x170
[  586.381446][ T1418]  kasan_report+0xee/0x110
[  586.383328][ T1418]  ? handle_tx+0x5a5/0x630
[  586.385260][ T1418]  handle_tx+0x5a5/0x630
[  586.387052][ T1418]  dev_hard_start_xmit+0x97/0x740
[  586.389073][ T1418]  __dev_queue_xmit+0xa46/0x4490
[  586.391236][ T1418]  ? lockdep_hardirqs_on+0x7c/0x110
[  586.393388][ T1418]  ? finish_task_switch.isra.0+0x221/0xc10
[  586.395879][ T1418]  ? rcu_is_watching+0x12/0xc0
[  586.397952][ T1418]  ? __pfx___dev_queue_xmit+0x10/0x10
[  586.400137][ T1418]  ? __schedule+0x11a3/0x5de0
[  586.402167][ T1418]  ? __lock_acquire+0xb8a/0x1c90
[  586.404218][ T1418]  ? __lock_acquire+0xb8a/0x1c90
[  586.406308][ T1418]  ? do_raw_spin_lock+0x12c/0x2b0
[  586.408377][ T1418]  ? find_held_lock+0x2b/0x80
[  586.410410][ T1418]  ? skb_dequeue+0x126/0x180
[  586.412345][ T1418]  ? find_held_lock+0x2b/0x80
[  586.414382][ T1418]  ? rcu_is_watching+0x12/0xc0
[  586.416325][ T1418]  tx+0xcc/0x190
[  586.417840][ T1418]  ? __pfx_tx+0x10/0x10
[  586.419577][ T1418]  kthread+0x1e4/0x3e0
[  586.421368][ T1418]  ? find_held_lock+0x2b/0x80
[  586.423318][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.425233][ T1418]  ? __pfx_default_wake_function+0x10/0x10
[  586.427700][ T1418]  ? lockdep_hardirqs_on+0x7c/0x110
[  586.429936][ T1418]  ? __kthread_parkme+0x19e/0x250
[  586.432024][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.434050][ T1418]  kthread+0x3c5/0x780
[  586.435780][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.437699][ T1418]  ? rcu_is_watching+0x12/0xc0
[  586.439745][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.441657][ T1418]  ret_from_fork+0x675/0x7d0
[  586.443662][ T1418]  ? __pfx_kthread+0x10/0x10
[  586.445588][ T1418]  ret_from_fork_asm+0x1a/0x30
[  586.447654][ T1418]  </TASK>
[  586.449571][ T1418] Kernel Offset: disabled
[  586.451339][ T1418] Rebooting in 86400 seconds..

VM DIAGNOSIS:
07:42:36  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080000001 RBX=00000000000547da RCX=ffffffff822f936b RDX=ffff888021658000
RSI=0000000000000000 RDI=0000000000000007 RBP=0000000000000000 RSP=ffffc9000392f4e8
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffff88803f300000 R13=ffff88807ffce400 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81bc513c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809780d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f31e0324 CR3=000000000e182000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff3affffffff8212 ff07ffffffff8212 feeeffffffff8212 fee0ffffffff8212
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000effffffff8212 ffe5ffffffff8212 ffa4ffffffff8212 ff98ffffffff8212
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ceffffffff8213 0066ffffffff8213 004dffffffff8213 0034ffffffff8213
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8715ffffffff8220 869cffffffff8220 867fffffffff8220 8640ffffffff8220
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8614ffffffff8220 82faffffffff8220 82e3ffffffff8220 8289ffffffff8220
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8175ffffffff8220 8117ffffffff8220 7f92ffffffff8220 7f88ffffffff8220
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f47ffffffff8220 7c9affffffff8220 7bcfffffffff8215 892fffffffff8213
ZMM24=5d1995bc5d1995bc 5d1995bc5d1995bc 5d1995bc5d1995bc 5d1995bc5d1995bc 5d1995bc5d1995bc 5d1995bc5d1995bc 5d1995bc5d1995bc 5d1995bc5d1995bc
ZMM25=af38604daf38604d af38604daf38604d af38604daf38604d af38604daf38604d af38604daf38604d af38604daf38604d af38604daf38604d af38604daf38604d
ZMM26=bd4d774bbd4d774b bd4d774bbd4d774b bd4d774bbd4d774b bd4d774bbd4d774b bd4d774bbd4d774b bd4d774bbd4d774b bd4d774bbd4d774b bd4d774bbd4d774b
ZMM27=6c732c326c732c32 6c732c326c732c32 6c732c326c732c32 6c732c326c732c32 6c732c326c732c32 6c732c326c732c32 6c732c326c732c32 6c732c326c732c32
ZMM28=00000200000001ff 000001fe000001fd 000001fc000001fb 000001fa000001f9 000001f8000001f7 000001f6000001f5 000001f4000001f3 000001f2000001f1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=2f1b00002f1b0000 2f1b00002f1b0000 2f1b00002f1b0000 2f1b00002f1b0000 2f1b00002f1b0000 2f1b00002f1b0000 2f1b00002f1b0000 2f1b00002f1b0000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffc90007386f3c RDX=1ffff92000e70e06
RSI=ffffffff82571ab3 RDI=ffffc90007386fe8 RBP=ffffc90007387030 RSP=ffffc90007386f78
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=00000000000156f9
R12=ffffffff81a76b90 R13=ffffc90007386fe8 R14=0000000000000000 R15=ffff888022608000
RIP=ffffffff816bb37a RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809790d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f07b4ff0 CR3=00000000514b1000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73b6ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8526ad55 RDI=ffffffff9adc5de0 RBP=ffffffff9adc5da0 RSP=ffffc90007b4f448
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000032 R14=ffffffff9adc5da0 R15=ffffffff8526acf0
RIP=ffffffff8526ad7f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097a0d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7359154 CR3=000000000e182000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000adc9d7 RBX=0000000000000003 RCX=ffffffff8b5db2a9 RDX=0000000000000000
RSI=ffffffff8da29329 RDI=ffffffff8bf078c0 RBP=ffffed10037e2000 RSP=ffffc9000048fde8
R8 =0000000000000001 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000001
R12=0000000000000003 R13=ffff88801bf10000 R14=ffffffff90824cd0 R15=0000000000000000
RIP=ffffffff8b5d9d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097b0d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000056df54ac CR3=000000000e182000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73b6ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000