last executing test programs:

1m46.040708557s ago: executing program 1 (id=183):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000080)={{}, 'syz1\x00'})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)

1m46.009872573s ago: executing program 1 (id=184):
r0 = syz_open_dev$I2C(&(0x7f00000002c0), 0x1, 0x0)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f00000001c0)={&(0x7f00000003c0)=[{0x0, 0xa001, 0x0, 0x0}], 0x63})
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_matches\x00')
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6}, [@printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x800000}}, @snprintf={{}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x6a}}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r3, 0xffffffffffffffff, 0x20000000}, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'geneve1\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @loopback={0xff00000000000000}}]}}}]}, 0x48}, 0x1, 0x2}, 0x0)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000dfffffffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(&(0x7f0000000100)=@loop={'/dev/loop', 0x0}, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='nilfs2\x00', 0x0, 0x0)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
ioctl$TUNSETQUEUE(r10, 0x400454d9, &(0x7f0000000280)={'veth1\x00', 0x400})
ioctl$TUNSETQUEUE(r10, 0x400454d9, &(0x7f0000000180)={'bridge_slave_1\x00', 0x400})
sendmmsg(r7, &(0x7f0000004d40)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000100)="f6", 0x1}], 0x1}}], 0x1, 0x0)
sendfile(r0, r1, 0x0, 0xfff)

1m45.871071095s ago: executing program 1 (id=185):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000040)={'ip6gre0\x00', <r1=>0x0, 0x2f, 0xbd, 0x1, 0x1, 0x0, @private1, @local, 0x0, 0x80, 0xfb5, 0x64}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0x1028c4, &(0x7f0000000200)={0x0, 0x9f65, 0x1000, 0x2}, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write$binfmt_misc(r5, &(0x7f0000000200), 0xfffffecc)
splice(r4, 0x0, r3, 0x0, 0x8001, 0x0)
syz_open_dev$MSR(&(0x7f0000000340), 0x4, 0x0)
write(r0, &(0x7f00000000c0)="510003000000", 0x6)

1m45.017129349s ago: executing program 1 (id=187):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, 0x0, &(0x7f00000000c0))

1m44.921334734s ago: executing program 1 (id=188):
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x10000000, 0x5, 0x200a, 0xb}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000))
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
close(r3)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x408)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180))
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, &(0x7f0000000180))

1m43.861393827s ago: executing program 1 (id=195):
r0 = socket$nl_route(0x10, 0x3, 0x0)
timerfd_gettime(0xffffffffffffffff, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r2 = syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r2, 0x4004480c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r5, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000640)="383cd9cbce39f8c83f86c16cba3abbe0a1cc0ad921451ad90d20c72eb63222a37aae8f91c29a66efc1105e7f0b06d2d7d1f876c12c8b973ed6d1cc7e50c655a261d38303a2a8207b93fdf1c3119793fde070c8b352da2b29dc1881854b3c4e3fee5c11fb47c67ad456420760e853740c170a0a959fb04834d318beb94d0f919978e7735438d039dc81547bd691dc26888535a0af6262f7aee3fcde21e4e51474c1154f91dd642c1523f08a194491fbb33e25fe4f566802650ed77497cef0b0ce59681befc62a0c1e9b5899567715c0824463466d6d948a059962e44407245258ba2e6d02affafb03fcfdcecb5691e97fa7f332a35ff0c8e379a5f91e01302be79027b1f342614b0c616786ee8fc05d1ff275918e487ee241ae9759a500137bb7e63f65ec7969cff76b97e14dd7a7de48e37584ba66da992e3674d3f8a0788c6e72b0a736b8da9c6087090fcd5c0e3aefb88b39c8892becf8760560b16a45cfee5304f4d6c228772200d4fe48be3b4ed570c85f7b09c94210375e7263dc1119bf9aef972f32cbb6d70b427bb3c3fe211353d210eb27a757bc592b268d92c8e3c8632467f93c9a5a0cf90d0f8e0c6480b512e70828c5e2b53ed5d5f4b9f1d84477c209886aa095a77087d93c166797ec3282daf2f8e18d9944b4b9a13bb391b312fea26301ce18952204d4552bcc707112cb10d18df37379961ba957caf4bfaf4c48f0573ef237fb1f1cd0310a39d55f5def3da37e2e8a0f5573a2268ba74afb62f681f4bd02c9f250b3ff01388e59f69d9d651506561dfd901aa56129b8474afec21fc1115a38198fd0047e132cf879fb1dcf374eff81e5f079493d55a70014722b9157080281f42c7f37711aec262670ba5ddd151bdd018542c803b47be1dfc884ff5a22156fb9032095de7e69afe9eab810b0c3bac90a8ca8d8c1cb7919a082e7d6d5b2944822ebba4aef382525c5c3382bd8b9d368c337247b935aca5aa46e1124e350ef3fb60b80dd35dc0c65e45c81cd9f271be8c97b8845928926f931641af62f2bc81a6a1a982f8f3318da1a38489f51c564c6c7791fe2f63a10e0e432271aa1aff11f899c87a5c29c5bef73ed72473fada6f49d0af7916800fae9a4b8c60a2c69a93ba9abad0df99ea168cd40c63dee61518dcf8bb29743085de0b2b0cc0a68c4005120fa8ee871b8baa2c6f2f2f4c22002231c9334ca23804457df0922cfc37aaf4b8e4757ff37cd16052006e8bd20a086e4c2a2c3d8dd722e67dd0cb0204a577febd46d1c2315db5c5929c23d08b9c0fcaf9eef78f48d7ef6f51e5b9a6046699d572a9195b8a61ddab408580e209f5fdd804099f01afb597ef41419c82d029be14b8ac40c23c4519619301536709fed1a3150ed69f34012ee25257f4b19fcd1f3d1bfd5be03f85587470c85372ae257d220d7c346bfbd22fbfba27d5daf988e5fbed3c1872e70039f9196f61a30436791a65d5f727b5eb375a06735f7fab2e0434e6424e333a8d098e61c2793b9030df7427f5d654f48ac2f547acce2293fbc7ae6afd36008c31078cef27ec19e975b387ae73ba3e5b3657869ee0fe24a33b558fe42386466d55c56a3b5ce46c54df104bfa002e97e8bde1811681687dc7a2269783476a2c4106bcb25057a72c527a0747d7bef127e4dcd22a658ebe1ff79a77cd887734621b2fc9c4336c5ddc1fb49812b869c13453680e041bc2212f17550fc8d2c70c82452ef6b288985b7cbf53bb35b56a4b53e51dd112e", 0x4de}], 0x1}}, {{0x0, 0x0, &(0x7f0000007440)=[{&(0x7f0000001500)="adf5bd04f01eccec95c1c5ca7fba623735df51cf89844d9bad7429917e03ad4b4cc6ae623ad8c0924b316f0e6d195479b75186ca55315366ef5d0b491b1811e932fb16a15906cab57fa112718bef35405bee39435abc9aa27f44c0fb7d15e1d8dd4b7a59deae296177fe9316e72cbc89f7e7e7c83d3ffae7d847a21894888b3de40826e54e7a0fc7b552c388637004dc3ea210d2c6dfc6283f690afa5b85b25939464a350dcdf1c38d97854aba19593fc884caec78d9c0", 0xb7}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="6be87034983df7d6abe2c2e287503e9fe67324bd3e88", 0x16}], 0x1}}], 0x3, 0x400c804)
getdents(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="e9070000000000000000010000001c0002800c00018008000100030000000c0001800800010001000000"], 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc01cf509, &(0x7f0000000140)={<r8=>r2, 0x100000001, 0xc, 0xfffffffffffffffe})
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f0000000300), 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x3, 0x18000000, @empty}}, 0xfffffffc, 0x3, 0x989, 0x0, 0x84, 0x8000}, 0x9c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
clock_settime(0xa, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000003c0)={0x2020}, 0x2020)

1m28.775197283s ago: executing program 32 (id=195):
r0 = socket$nl_route(0x10, 0x3, 0x0)
timerfd_gettime(0xffffffffffffffff, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r2 = syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r2, 0x4004480c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r5, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000000fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000640)="383cd9cbce39f8c83f86c16cba3abbe0a1cc0ad921451ad90d20c72eb63222a37aae8f91c29a66efc1105e7f0b06d2d7d1f876c12c8b973ed6d1cc7e50c655a261d38303a2a8207b93fdf1c3119793fde070c8b352da2b29dc1881854b3c4e3fee5c11fb47c67ad456420760e853740c170a0a959fb04834d318beb94d0f919978e7735438d039dc81547bd691dc26888535a0af6262f7aee3fcde21e4e51474c1154f91dd642c1523f08a194491fbb33e25fe4f566802650ed77497cef0b0ce59681befc62a0c1e9b5899567715c0824463466d6d948a059962e44407245258ba2e6d02affafb03fcfdcecb5691e97fa7f332a35ff0c8e379a5f91e01302be79027b1f342614b0c616786ee8fc05d1ff275918e487ee241ae9759a500137bb7e63f65ec7969cff76b97e14dd7a7de48e37584ba66da992e3674d3f8a0788c6e72b0a736b8da9c6087090fcd5c0e3aefb88b39c8892becf8760560b16a45cfee5304f4d6c228772200d4fe48be3b4ed570c85f7b09c94210375e7263dc1119bf9aef972f32cbb6d70b427bb3c3fe211353d210eb27a757bc592b268d92c8e3c8632467f93c9a5a0cf90d0f8e0c6480b512e70828c5e2b53ed5d5f4b9f1d84477c209886aa095a77087d93c166797ec3282daf2f8e18d9944b4b9a13bb391b312fea26301ce18952204d4552bcc707112cb10d18df37379961ba957caf4bfaf4c48f0573ef237fb1f1cd0310a39d55f5def3da37e2e8a0f5573a2268ba74afb62f681f4bd02c9f250b3ff01388e59f69d9d651506561dfd901aa56129b8474afec21fc1115a38198fd0047e132cf879fb1dcf374eff81e5f079493d55a70014722b9157080281f42c7f37711aec262670ba5ddd151bdd018542c803b47be1dfc884ff5a22156fb9032095de7e69afe9eab810b0c3bac90a8ca8d8c1cb7919a082e7d6d5b2944822ebba4aef382525c5c3382bd8b9d368c337247b935aca5aa46e1124e350ef3fb60b80dd35dc0c65e45c81cd9f271be8c97b8845928926f931641af62f2bc81a6a1a982f8f3318da1a38489f51c564c6c7791fe2f63a10e0e432271aa1aff11f899c87a5c29c5bef73ed72473fada6f49d0af7916800fae9a4b8c60a2c69a93ba9abad0df99ea168cd40c63dee61518dcf8bb29743085de0b2b0cc0a68c4005120fa8ee871b8baa2c6f2f2f4c22002231c9334ca23804457df0922cfc37aaf4b8e4757ff37cd16052006e8bd20a086e4c2a2c3d8dd722e67dd0cb0204a577febd46d1c2315db5c5929c23d08b9c0fcaf9eef78f48d7ef6f51e5b9a6046699d572a9195b8a61ddab408580e209f5fdd804099f01afb597ef41419c82d029be14b8ac40c23c4519619301536709fed1a3150ed69f34012ee25257f4b19fcd1f3d1bfd5be03f85587470c85372ae257d220d7c346bfbd22fbfba27d5daf988e5fbed3c1872e70039f9196f61a30436791a65d5f727b5eb375a06735f7fab2e0434e6424e333a8d098e61c2793b9030df7427f5d654f48ac2f547acce2293fbc7ae6afd36008c31078cef27ec19e975b387ae73ba3e5b3657869ee0fe24a33b558fe42386466d55c56a3b5ce46c54df104bfa002e97e8bde1811681687dc7a2269783476a2c4106bcb25057a72c527a0747d7bef127e4dcd22a658ebe1ff79a77cd887734621b2fc9c4336c5ddc1fb49812b869c13453680e041bc2212f17550fc8d2c70c82452ef6b288985b7cbf53bb35b56a4b53e51dd112e", 0x4de}], 0x1}}, {{0x0, 0x0, &(0x7f0000007440)=[{&(0x7f0000001500)="adf5bd04f01eccec95c1c5ca7fba623735df51cf89844d9bad7429917e03ad4b4cc6ae623ad8c0924b316f0e6d195479b75186ca55315366ef5d0b491b1811e932fb16a15906cab57fa112718bef35405bee39435abc9aa27f44c0fb7d15e1d8dd4b7a59deae296177fe9316e72cbc89f7e7e7c83d3ffae7d847a21894888b3de40826e54e7a0fc7b552c388637004dc3ea210d2c6dfc6283f690afa5b85b25939464a350dcdf1c38d97854aba19593fc884caec78d9c0", 0xb7}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="6be87034983df7d6abe2c2e287503e9fe67324bd3e88", 0x16}], 0x1}}], 0x3, 0x400c804)
getdents(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="e9070000000000000000010000001c0002800c00018008000100030000000c0001800800010001000000"], 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc01cf509, &(0x7f0000000140)={<r8=>r2, 0x100000001, 0xc, 0xfffffffffffffffe})
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f0000000300), 0x4)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x3, 0x18000000, @empty}}, 0xfffffffc, 0x3, 0x989, 0x0, 0x84, 0x8000}, 0x9c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
clock_settime(0xa, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000003c0)={0x2020}, 0x2020)

4.269998317s ago: executing program 4 (id=844):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x40840, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x16, 0x0, &(0x7f0000000200)='asymmetric\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus\x00', 0x0)
link(&(0x7f00000006c0)='./bus\x00', &(0x7f0000000700)='./file0\x00')
r2 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc2c85513, &(0x7f0000000340)={{0x8, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xe0f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc587, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}]})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r3)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000ac0)=ANY=[@ANYRES64=r2, @ANYRES16=r4, @ANYBLOB="010025bd70bffbdbdf251b000000060021003000"], 0x4c}}, 0x4002000)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$update(0x2, r7, 0x0, 0x0)
keyctl$chown(0x4, r7, 0x0, 0xffffffffffffffff)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="140100002c0001000000000000000000040100800c0009"], 0x114}], 0x1}, 0x2000000000000000)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680), r1)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000a40)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0xdea60fa9b436cfca}, 0xc, &(0x7f0000000a00)={&(0x7f0000000740)={0x29c, r8, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xe9a7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8f}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xf}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}]}, @TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x40, @local, 0xc0}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x12}, 0x8}}}}]}, @TIPC_NLA_BEARER={0x11c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @empty}}, {0x14, 0x2, @in={0x2, 0x4e22, @private=0xa010101}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x3, @private0, 0x719f}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x8, @mcast1, 0x2}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x613a, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffffd}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast1}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e22, @loopback}}}}]}, @TIPC_NLA_NET={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x800}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x200}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fff}]}, @TIPC_NLA_NODE={0x18, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xc6f6}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0x5c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}}}}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'veth0_to_batadv\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3ff}]}, @TIPC_NLA_NODE={0x14, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x60d}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8001}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8ed5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}]}]}, 0x29c}, 0x1, 0x0, 0x0, 0x4800}, 0x880)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001500010000000000000000000a000000080001"], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40480401}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xa8, r4, 0x8, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1711}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfffff001}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1cc}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1000}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xe}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x46}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x11}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_OPER_CLASS={0x5}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4040010}, 0xc0)
unshare(0x72040200)

4.160389161s ago: executing program 4 (id=845):
socket(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{0x0, 0xffffffff}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000200)='source', 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x56, 0x0, 0x4, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="067f000000000000080010bc8434000080000000", @ANYRES32=0x1, @ANYBLOB="0400"/18, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="000000000100"/28], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r4, 0x0, 0x487, &(0x7f0000000040), &(0x7f00000000c0)=0x30)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
ioctl$sock_SIOCBRDELBR(r5, 0x89a1, 0x0)
getegid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)

3.8657899s ago: executing program 3 (id=847):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, r2, 0x1, 0x70bd27, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x81}, {0x6, 0x11, 0x7f}}]}, 0x44}, 0x1, 0x0, 0x0, 0x24004840}, 0x3400c800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="2000000022009b3c2dbd7000ffdbdf25030000000c008f800800fa00", @ANYBLOB="2578ee7e8d0ee2465acb76a1"], 0x20}, 0x1, 0x0, 0x0, 0x20000001}, 0x4000050)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

3.8654343s ago: executing program 0 (id=848):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc04f01f56bb6e284f5fab", 0xe)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1e8640, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r3, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000040)=0x1f3d)
preadv2(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000b0000070000000900010073797a30000000002000000002000900010073797a3000000000140000001000010000000000000000000084000acda9511dfd12618e0c90"], 0x68}}, 0x0)
r5 = socket$inet(0x2, 0xa, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)=@o_path={&(0x7f0000000080)='./file0\x00', 0x0, 0x28, r5}, 0x14)
ioctl$sock_inet_SIOCSARP(r5, 0x8954, &(0x7f0000000000)={{}, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x4, {0x2, 0x0, @multicast2}, 'lo\x00'})

3.306580083s ago: executing program 4 (id=849):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000180), 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'bridge_slave_1\x00'})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x8044)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r4, 0x40045010, &(0x7f0000000300)=0x3)
sendmsg$key(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
sendmsg$key(r3, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000002c0)={0x2, &(0x7f0000000140)=[{0x8001, 0x23, 0xf9, 0x5}, {0x2, 0x80, 0x2, 0xba}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000440))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0x6e0}]})
r9 = socket$inet6(0xa, 0xa, 0x1)
sendmmsg$inet(r9, &(0x7f0000006bc0)=[{{&(0x7f0000000780)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10, 0x0, 0x0, &(0x7f0000001ec0)=[@ip_tos_int={{0x10, 0x0, 0x1, 0x8}}], 0x10}}], 0x1, 0x4004080)
ioctl$VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000240)=@fd={0x8, 0x8, 0x4, 0x400, 0x4, {}, {0x1, 0x2, 0x4, 0x2, 0x4, 0x9, "d7365642"}, 0x3, 0x4, {}, 0x7})
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000defb00000a58000000060a09040000000000000000020000002c000480280001800b0001006f626a7265660000180002800900020073797a300000000008000340000000000900010073797a30000000000900020073797a32"], 0x80}}, 0x0)

3.139103155s ago: executing program 4 (id=851):
syz_emit_ethernet(0x2e, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaa090000000000000800460000200000000100029078ac1414bb640101000000000000803b7800000000"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x11, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x1, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180), &(0x7f00000001c0))
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x19)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x401, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e1e, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}, 0x44}}, 0x0, 0x0, 0x0, 0x0, 0x8a, 0xfffffffd, 0x2}, 0x9c)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in={{0x2, 0x4e24, @remote}}, 0x8, 0x0, 0x0, 0x0, 0x5e}, 0x9c)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$inet(0xa, 0x0, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x4e23, @multicast1}, 0x10)
listen(r3, 0x8)
r4 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)

2.931332661s ago: executing program 0 (id=852):
syz_emit_ethernet(0x2e, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaa090000000000000800460000200000000100029078ac1414bb640101000000000000803b7800000000"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x11, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x1, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180), &(0x7f00000001c0))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x401, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e1e, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}, 0x44}}, 0x0, 0x0, 0x0, 0x0, 0x8a, 0xfffffffd, 0x2}, 0x9c)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in={{0x2, 0x4e24, @remote}}, 0x8, 0x0, 0x0, 0x0, 0x5e}, 0x9c)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$inet(0xa, 0x0, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x4e23, @multicast1}, 0x10)
listen(r3, 0x8)
r4 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)

2.930791533s ago: executing program 2 (id=853):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x40840, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x16, 0x0, &(0x7f0000000200)='asymmetric\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus\x00', 0x0)
link(&(0x7f00000006c0)='./bus\x00', &(0x7f0000000700)='./file0\x00')
r2 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc2c85513, &(0x7f0000000340)={{0x8, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xe0f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc587, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}]})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r3)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000ac0)=ANY=[@ANYRES64=r2, @ANYRES16=r4, @ANYBLOB="010025bd70bffbdbdf251b000000060021003000"], 0x4c}}, 0x4002000)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$update(0x2, r7, 0x0, 0x0)
keyctl$chown(0x4, r7, 0x0, 0xffffffffffffffff)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="140100002c0001000000000000000000040100800c0009"], 0x114}], 0x1}, 0x2000000000000000)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680), r1)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000a40)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0xdea60fa9b436cfca}, 0xc, &(0x7f0000000a00)={&(0x7f0000000740)={0x29c, r8, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xe9a7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8f}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xf}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}]}, @TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x40, @local, 0xc0}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x12}, 0x8}}}}]}, @TIPC_NLA_BEARER={0x11c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @empty}}, {0x14, 0x2, @in={0x2, 0x4e22, @private=0xa010101}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x3, @private0, 0x719f}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x8, @mcast1, 0x2}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x613a, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffffd}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast1}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e22, @loopback}}}}]}, @TIPC_NLA_NET={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x800}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x200}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fff}]}, @TIPC_NLA_NODE={0x18, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xc6f6}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0x5c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}}}}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'veth0_to_batadv\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3ff}]}, @TIPC_NLA_NODE={0x14, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x60d}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8001}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8ed5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}]}]}, 0x29c}, 0x1, 0x0, 0x0, 0x4800}, 0x880)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001500010000000000000000000a000000080001"], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40480401}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xa8, r4, 0x8, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1711}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfffff001}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1cc}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1000}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xe}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x46}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x11}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_OPER_CLASS={0x5}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4040010}, 0xc0)
unshare(0x72040200)

2.880648297s ago: executing program 3 (id=854):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x94, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x94}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)={0x58, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0x58}, 0x1, 0x0, 0x1100}, 0x0)

2.880307685s ago: executing program 3 (id=855):
r0 = socket$key(0xf, 0x3, 0x2)
setgid(0xee00)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000050201c0"])
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000180)={0x34, r2, 0x1, 0x70bd2b, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x59}]}]}]}, 0x34}}, 0x0)
dup(0xffffffffffffffff)
r8 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0)
ftruncate(r8, 0x200004)
r9 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r9, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r9, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_int(r9, 0x0, 0x2e, 0x0, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x0)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="02030002130000002cbd7000fedbdf2505001a00fc010000000000000000000000000001000000000000000000000000040000001d00140005000600000000000a004e2400000002fe8400000000000000000000000000000000000000000000020001000000000000f408000000000005000500000000000a"], 0x98}, 0x1, 0x7}, 0x0)

2.809144292s ago: executing program 2 (id=856):
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40088a01, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000001540))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=<r4=>r3, @ANYBLOB="0100"], 0x1c}}, 0x0)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="e40001000000000035d89afadff7f54119a000000000", @ANYRES32=0x77359400, @ANYRES32=0x0, @ANYRES32=0x77359400, @ANYRES32, @ANYRES64=r4], 0x80}}, 0x44801)
getgroups(0xa, &(0x7f0000000340)=[0xee00, 0x0, 0xee00, 0xffffffffffffffff, 0xee00, 0xee00, 0x0, 0xee01, 0x0, 0xffffffffffffffff])
r6 = syz_io_uring_setup(0x881, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000640)={'filter\x00', 0x7, 0x4, 0x3d8, 0x0, 0x218, 0x0, 0x2f8, 0x2f8, 0x2f8, 0x4, &(0x7f0000000140), {[{{@arp={@broadcast, @loopback, 0xff000000, 0xffffffff, 0x7, 0x2, {@mac=@multicast, {[0xff, 0x0, 0x0, 0x0, 0xff, 0xff]}}, {@empty, {[0x0, 0x0, 0xff, 0x0, 0xff]}}, 0xe7b, 0xfff7, 0xfff3, 0x0, 0xc, 0x3, 'dummy0\x00', 'veth0_to_bond\x00', {0xff}, {}, 0x0, 0x8}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="c687faa40541", @empty, @dev={0xac, 0x14, 0x14, 0x37}, @remote, 0x2, 0xffffffff}}}, {{@arp={@rand_addr=0x64010101, @rand_addr=0x64010100, 0xff, 0x0, 0xe, 0xe, {@mac=@local, {[0xff, 0xff, 0xff, 0xff, 0x0, 0x258d3373e64f550a]}}, {@empty, {[0xff, 0x0, 0xff]}}, 0x8, 0xd9c6, 0x5, 0xfff, 0x7, 0x5, '\x00', 'team_slave_0\x00'}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @multicast1, @broadcast, 0x1}}}, {{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, 0xff000000, 0xff, 0x2, 0xd, {@empty, {[0x0, 0xff, 0xff, 0x0, 0x0, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0x0, 0xff]}}, 0x3, 0x50b, 0x9, 0x0, 0x7b6, 0x9, 'ip6_vti0\x00', 'lo\x00', {0xff}, {0xff}, 0x0, 0x44}, 0xbc, 0xe0}, @unspec=@CLASSIFY={0x24, 'CLASSIFY\x00', 0x0, {0x4}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x424)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x2})
io_uring_enter(r6, 0x47ba, 0x0, 0x0, 0x0, 0x0)
sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000580)={0x14, 0x0, 0x301, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4)
syz_memcpy_off$IO_URING_METADATA_FLAGS(r7, 0x118, &(0x7f00000002c0), 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000008113b0ffbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103600000000001d300500000000004704000001ed00000f030000000000001d44020000000000620a00fe040400007203000000000000e500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a8641aa05a1336b3b4c4becea710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343cccc953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c9102"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
io_uring_register$IORING_REGISTER_NAPI(r6, 0x1b, &(0x7f0000000240)={0x8, 0xfd}, 0x1)

2.610154122s ago: executing program 3 (id=857):
socket(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{0x0, 0xffffffff}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000200)='source', 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x56, 0x0, 0x4, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="067f000000000000080010bc8434000080000000", @ANYRES32=0x1, @ANYBLOB="0400"/19, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="000000000100"/28], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r4, 0x0, 0x487, &(0x7f0000000040), &(0x7f00000000c0)=0x30)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
ioctl$sock_SIOCBRDELBR(r5, 0x89a1, 0x0)
getegid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)

2.16826015s ago: executing program 2 (id=858):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xab3, 0x2d0142)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000240)=0xffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r3 = add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000003c0)="725ba33612bdf3d0d5420ed6309512dabc6ba686f65bcb2d739db1b03018175c6a8bb2e003dcd90a38ec1000cd68944dff0cf3fd2abc0e7eabe6c91b23274bba30c0097a080438f366ae3131cdf215a6b9b646435f4e5eb25e0fdf1ef51eb28e237ffd25c264fe448e198bef3f728565fc1be3a28235e041e17a36dcef52bf72bf2b5a2d1888261e66fae6d158872726f7732a1bdd59afff9c5bb1dffdcd1d", 0x9f, 0xffffffffffffffff)
keyctl$read(0xb, r3, &(0x7f0000000480)=""/157, 0x9d)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r4)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000004c0)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}}, 0x4000880)
chdir(&(0x7f00000001c0)='./bus\x00')
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
chown(&(0x7f0000000280)='./file0\x00', 0x0, 0xffffffffffffffff)

1.980190162s ago: executing program 0 (id=859):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000180), 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'bridge_slave_1\x00'})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x8044)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r4, 0x40045010, &(0x7f0000000300)=0x3)
sendmsg$key(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
sendmsg$key(r3, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000002c0)={0x2, &(0x7f0000000140)=[{0x8001, 0x23, 0xf9, 0x5}, {0x2, 0x80, 0x2, 0xba}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000440))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0x6e0}]})
r9 = socket$inet6(0xa, 0xa, 0x1)
sendmmsg$inet(r9, &(0x7f0000006bc0)=[{{&(0x7f0000000780)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10, 0x0, 0x0, &(0x7f0000001ec0)=[@ip_tos_int={{0x10, 0x0, 0x1, 0x8}}], 0x10}}], 0x1, 0x4004080)
ioctl$VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000240)=@fd={0x8, 0x8, 0x4, 0x400, 0x4, {}, {0x1, 0x2, 0x4, 0x2, 0x4, 0x9, "d7365642"}, 0x3, 0x4, {}, 0x7})
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000defb00000a58000000060a09040000000000000000020000002c000480280001800b0001006f626a7265660000180002800900020073797a300000000008000340000000000900010073797a30000000000900020073797a32"], 0x80}}, 0x0)

1.780379681s ago: executing program 3 (id=860):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc04f01f56bb6e284f5fab", 0xe)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1e8640, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r3, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000040)=0x1f3d)
preadv2(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000b0000070000000900010073797a30000000002000000002000900010073797a3000000000140000001000010000000000000000000084000acda9511dfd12618e0c90"], 0x68}}, 0x0)
r5 = socket$inet(0x2, 0xa, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)=@o_path={&(0x7f0000000080)='./file0\x00', 0x0, 0x28, r5}, 0x14)
ioctl$sock_inet_SIOCSARP(r5, 0x8954, &(0x7f0000000000)={{}, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x4, {0x2, 0x0, @multicast2}, 'lo\x00'})

1.56878238s ago: executing program 0 (id=861):
syz_emit_ethernet(0x2e, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaa090000000000000800460000200000000100029078ac1414bb640101000000000000803b7800000000"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x11, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x1, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180), &(0x7f00000001c0))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x401, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e1e, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}, 0x44}}, 0x0, 0x0, 0x0, 0x0, 0x8a, 0xfffffffd, 0x2}, 0x9c)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in={{0x2, 0x4e24, @remote}}, 0x8, 0x0, 0x0, 0x0, 0x5e}, 0x9c)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$inet(0xa, 0x0, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x4e23, @multicast1}, 0x10)
listen(r3, 0x8)
r4 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)

980.138142ms ago: executing program 4 (id=862):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, r2, 0x1, 0x70bd27, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x81}, {0x6, 0x11, 0x7f}}]}, 0x44}, 0x1, 0x0, 0x0, 0x24004840}, 0x3400c800)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYRES32=r0, @ANYBLOB="2578ee7e8d0ee2465acb76a1"], 0x20}, 0x1, 0x0, 0x0, 0x20000001}, 0x4000050)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

766.821883ms ago: executing program 3 (id=863):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private=0xa010100, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe4)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{0xfffffffc}, {}, {0x0, 0x3}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
r5 = dup(r4)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000c40)=ANY=[])
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000400101c00000008d57ed60992cf2018e836fe7dbde2500000000ee0cf6ab600000000000"])
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setregid(0x0, 0x0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_SKBMARK={0x8}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000000380)=""/231, 0xe7)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

766.333846ms ago: executing program 2 (id=864):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x40840, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x16, 0x0, &(0x7f0000000200)='asymmetric\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus\x00', 0x0)
link(&(0x7f00000006c0)='./bus\x00', &(0x7f0000000700)='./file0\x00')
r2 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc2c85513, &(0x7f0000000340)={{0x8, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xe0f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc587, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}]})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r3)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000ac0)=ANY=[@ANYRES64=r2, @ANYRES16=r4, @ANYBLOB="010025bd70bffbdbdf251b000000060021003000"], 0x4c}}, 0x4002000)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$update(0x2, r7, 0x0, 0x0)
keyctl$chown(0x4, r7, 0x0, 0xffffffffffffffff)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="140100002c0001000000000000000000040100800c0009"], 0x114}], 0x1}, 0x2000000000000000)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680), r1)
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000a40)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0xdea60fa9b436cfca}, 0xc, &(0x7f0000000a00)={&(0x7f0000000740)={0x29c, r8, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xe9a7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8f}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xf}, @TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x2}]}, @TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x40, @local, 0xc0}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x12}, 0x8}}}}]}, @TIPC_NLA_BEARER={0x11c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @empty}}, {0x14, 0x2, @in={0x2, 0x4e22, @private=0xa010101}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x3, @private0, 0x719f}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x8, @mcast1, 0x2}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x613a, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffffd}}, {0x14, 0x2, @in={0x2, 0x4e20, @multicast1}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e22, @loopback}}}}]}, @TIPC_NLA_NET={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x800}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x200}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fff}]}, @TIPC_NLA_NODE={0x18, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xc6f6}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0x5c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}}}}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'veth0_to_batadv\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3ff}]}, @TIPC_NLA_NODE={0x14, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x60d}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8001}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8ed5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}]}]}, 0x29c}, 0x1, 0x0, 0x0, 0x4800}, 0x880)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001500010000000000000000000a000000080001"], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40480401}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xa8, r4, 0x8, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1711}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfffff001}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1cc}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1000}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xe}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x46}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x11}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_OPER_CLASS={0x5}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4040010}, 0xc0)
unshare(0x72040200)

650.110647ms ago: executing program 0 (id=865):
r0 = socket$key(0xf, 0x3, 0x2)
setgid(0xee00)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000050201c0"])
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000180)={0x34, r2, 0x1, 0x70bd2b, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x18, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x59}]}]}]}, 0x34}}, 0x0)
dup(0xffffffffffffffff)
r8 = open(&(0x7f0000000140)='./file1\x00', 0x10f0c2, 0x0)
ftruncate(r8, 0x200004)
r9 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r9, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r9, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_int(r9, 0x0, 0x2e, 0x0, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x58}}, 0x0)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="02030002130000002cbd7000fedbdf2505001a00fc010000000000000000000000000001000000000000000000000000040000001d00140005000600000000000a004e2400000002fe8400000000000000000000000000000000000000000000020001000000000000f408000000000005000500000000000a"], 0x98}, 0x1, 0x7}, 0x0)

500.653444ms ago: executing program 2 (id=866):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200052f"], 0xcfa4)
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000005c0)={0x40, 0x0, 0x3}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
rmdir(&(0x7f0000000040)='./file0\x00')
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, 0x0, 0xc000, 0x0)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pidfd_send_signal(r2, 0x12, 0x0, 0x4)
r3 = openat$sndseq(0xffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r3, 0xc0505350, &(0x7f00000002c0)={{0x0, 0x1}, {0xc}})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r7 = dup(r6)
r8 = syz_open_procfs(0x0, &(0x7f0000002100)='ns\x00')
getdents64(r8, &(0x7f0000000180)=""/212, 0xd4)
getdents64(r8, &(0x7f0000000f80)=""/243, 0xf3)
getdents64(r8, 0x0, 0x0)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
read$FUSE(0xffffffffffffffff, &(0x7f0000002640)={0x2020}, 0x2020)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r9 = syz_open_dev$usbfs(&(0x7f0000000040), 0xc, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r9, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200a006002a17006000000002000020d3"])
ioctl$USBDEVFS_REAPURBNDELAY(r9, 0x4004550c, 0x0)

371.924211ms ago: executing program 4 (id=867):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r5 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
getpeername$packet(r5, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000006"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES64=r3, @ANYBLOB="a5430a34e4a020d26c1131342902a34bd793e42c2f3f55dbacbbdc50d1bd8627c074135e67b636e00255fd63dc033d79ef5f2491245fe3d9ac32740d6810a4c71ea3ef6de682e7f6f2afd02bc72f432b3832bac33976f3830518a4506ab8a3bcfd75522f156e2ea62a26af64dd50689dccc97c6acee26eea52712ed4307c04b9101a7701fc23b813c9ef55a1999c4811230dd675756b72e371858887fe58c122c367883e1c8b00adf672ec03ec62e6cca84ca136d8107158e66f269f8c20c01a29d5b2ff7389a94adff2d00fc9b84822bd3a2148e0e3d1506b6a", @ANYRESHEX=r7, @ANYRESHEX=r1, @ANYRESHEX=r2, @ANYRES32, @ANYRES64=r3, @ANYRES16], &(0x7f0000000300)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd74, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r8}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r9, &(0x7f0000000180), 0x40010)
timer_create(0x0, 0x0, 0x0)
setgroups(0x0, 0x0)
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
openat$binfmt_register(0xffffff9c, 0x0, 0x1, 0x0)

189.920471ms ago: executing program 0 (id=868):
socket(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{0x0, 0xffffffff}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000200)='source', 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x56, 0x0, 0x4, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="067f000000000000080010bc8434000080000000", @ANYRES32=0x1, @ANYBLOB="0400"/19, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="000000000100"/28], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r4, 0x0, 0x487, &(0x7f0000000040), &(0x7f00000000c0)=0x30)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
ioctl$sock_SIOCBRDELBR(r5, 0x89a1, 0x0)
getegid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)

0s ago: executing program 2 (id=869):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000180), 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'bridge_slave_1\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x8044)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r5, 0x40045010, &(0x7f0000000300)=0x3)
sendmsg$key(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
sendmsg$key(r4, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000002c0)={0x2, &(0x7f0000000140)=[{0x8001, 0x23, 0xf9, 0x5}, {0x2, 0x80, 0x2, 0xba}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000440))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0x6e0}]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000001d00070f0000000000000000070000", @ANYRES32=r2, @ANYBLOB="cbfd6f"], 0x1c}}, 0x0)
r9 = socket$inet6(0xa, 0xa, 0x1)
sendmmsg$inet(r9, &(0x7f0000006bc0)=[{{&(0x7f0000000780)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10, 0x0, 0x0, &(0x7f0000001ec0)=[@ip_tos_int={{0x10, 0x0, 0x1, 0x8}}], 0x10}}], 0x1, 0x4004080)
ioctl$VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000240)=@fd={0x8, 0x8, 0x4, 0x400, 0x4, {}, {0x1, 0x2, 0x4, 0x2, 0x4, 0x9, "d7365642"}, 0x3, 0x4, {}, 0x7})
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000defb00000a58000000060a09040000000000000000020000002c000480280001800b0001006f626a7265660000180002800900020073797a300000000008000340000000000900010073797a30000000000900020073797a32"], 0x80}}, 0x0)

kernel console output (not intermixed with test programs):

che_node_noprof+0x6f/0x3f0
[   93.474024][ T6868]  ? __get_vm_area_node+0x101/0x2f0
[   93.475385][ T6868]  __get_vm_area_node+0x101/0x2f0
[   93.476775][ T6868]  __vmalloc_node_range_noprof+0x26a/0x1530
[   93.478749][ T6868]  ? bpf_check+0x206/0xc9b0
[   93.480413][ T6868]  ? __lruvec_stat_mod_folio+0xa4/0x380
[   93.482402][ T6868]  ? lock_acquire+0x2f/0xb0
[   93.484050][ T6868]  ? __lruvec_stat_mod_folio+0xa4/0x380
[   93.486116][ T6868]  ? bpf_check+0x206/0xc9b0
[   93.487890][ T6868]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   93.490227][ T6868]  ? rcu_is_watching+0x12/0xc0
[   93.491920][ T6868]  ? trace_kmalloc+0x2d/0xd0
[   93.493530][ T6868]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[   93.495497][ T6868]  ? __kvmalloc_node_noprof+0x6f/0x1a0
[   93.497394][ T6868]  ? ktime_get+0x206/0x300
[   93.499574][ T6868]  ? bpf_check+0x206/0xc9b0
[   93.501485][ T6868]  vzalloc_noprof+0x6b/0x90
[   93.502924][ T6868]  ? bpf_check+0x206/0xc9b0
[   93.504146][ T6868]  bpf_check+0x206/0xc9b0
[   93.505374][ T6868]  ? hlock_class+0x4e/0x130
[   93.507043][ T6868]  ? __lock_acquire+0x15a9/0x3c40
[   93.508484][ T6868]  ? __pfx___lock_acquire+0x10/0x10
[   93.509789][ T6868]  ? __pfx_bpf_check+0x10/0x10
[   93.511003][ T6868]  ? find_held_lock+0x2d/0x110
[   93.512235][ T6868]  ? bpf_prog_load+0xd45/0x2670
[   93.513459][ T6868]  ? __pfx_lock_release+0x10/0x10
[   93.514712][ T6868]  ? trace_lock_acquire+0x14e/0x1f0
[   93.516280][ T6868]  ? bpf_prog_load+0xd45/0x2670
[   93.518080][ T6868]  ? ktime_get_with_offset+0x273/0x3a0
[   93.520006][ T6868]  ? lockdep_hardirqs_on+0x7c/0x110
[   93.521742][ T6868]  ? read_tsc+0x9/0x20
[   93.523173][ T6868]  ? ktime_get_with_offset+0x20f/0x3a0
[   93.525035][ T6868]  ? bpf_obj_name_cpy+0x156/0x1b0
[   93.526839][ T6868]  bpf_prog_load+0xe3f/0x2670
[   93.528539][ T6868]  ? __pfx_bpf_prog_load+0x10/0x10
[   93.530379][ T6868]  ? find_held_lock+0x2d/0x110
[   93.532132][ T6868]  ? __might_fault+0x13b/0x190
[   93.533910][ T6868]  ? __might_fault+0xe3/0x190
[   93.535596][ T6868]  __sys_bpf+0x5677/0x57a0
[   93.537210][ T6868]  ? __pfx_lock_release+0x10/0x10
[   93.539008][ T6868]  ? __pfx___sys_bpf+0x10/0x10
[   93.540734][ T6868]  ? vfs_write+0x306/0x1150
[   93.542404][ T6868]  ? __mutex_unlock_slowpath+0x164/0x690
[   93.544486][ T6868]  ? fput+0x67/0x440
[   93.545942][ T6868]  ? ksys_write+0x1ba/0x250
[   93.547601][ T6868]  ? __pfx_ksys_write+0x10/0x10
[   93.549402][ T6868]  __ia32_sys_bpf+0x76/0xe0
[   93.551082][ T6868]  __do_fast_syscall_32+0x73/0x120
[   93.552997][ T6868]  do_fast_syscall_32+0x32/0x80
[   93.554799][ T6868]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   93.557094][ T6868] RIP: 0023:0xf7f13579
[   93.558734][ T6868] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   93.566169][ T6868] RSP: 002b:00000000f507557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[   93.569230][ T6868] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000200
[   93.572093][ T6868] RDX: 0000000000000014 RSI: 0000000000000000 RDI: 0000000000000000
[   93.574968][ T6868] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   93.577848][ T6868] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   93.580721][ T6868] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   93.583610][ T6868]  </TASK>
[   93.585717][ T6868] syz.2.220: vmalloc error: size 1008, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   93.589743][ T6868] CPU: 2 UID: 0 PID: 6868 Comm: syz.2.220 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[   93.593264][ T6868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.596079][ T6868] Call Trace:
[   93.597239][ T6868]  <TASK>
[   93.598029][ T6868]  dump_stack_lvl+0x16c/0x1f0
[   93.599274][ T6868]  warn_alloc+0x24d/0x3a0
[   93.600443][ T6868]  ? __pfx_warn_alloc+0x10/0x10
[   93.601732][ T6868]  ? __kasan_kmalloc+0x8a/0xb0
[   93.603017][ T6868]  ? __get_vm_area_node+0x1dc/0x2f0
[   93.604400][ T6868]  __vmalloc_node_range_noprof+0xd27/0x1530
[   93.605954][ T6868]  ? __lruvec_stat_mod_folio+0xa4/0x380
[   93.607404][ T6868]  ? lock_acquire+0x2f/0xb0
[   93.608634][ T6868]  ? __lruvec_stat_mod_folio+0xa4/0x380
[   93.610091][ T6868]  ? bpf_check+0x206/0xc9b0
[   93.611295][ T6868]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   93.612956][ T6868]  ? rcu_is_watching+0x12/0xc0
[   93.614334][ T6868]  ? trace_kmalloc+0x2d/0xd0
[   93.615895][ T6868]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[   93.617718][ T6868]  ? __kvmalloc_node_noprof+0x6f/0x1a0
[   93.619231][ T6868]  ? ktime_get+0x206/0x300
[   93.620412][ T6868]  ? bpf_check+0x206/0xc9b0
[   93.621580][ T6868]  vzalloc_noprof+0x6b/0x90
[   93.623035][ T6868]  ? bpf_check+0x206/0xc9b0
[   93.624425][ T6868]  bpf_check+0x206/0xc9b0
[   93.625817][ T6868]  ? hlock_class+0x4e/0x130
[   93.627186][ T6868]  ? __lock_acquire+0x15a9/0x3c40
[   93.628502][ T6868]  ? __pfx___lock_acquire+0x10/0x10
[   93.629822][ T6868]  ? __pfx_bpf_check+0x10/0x10
[   93.631041][ T6868]  ? find_held_lock+0x2d/0x110
[   93.632266][ T6868]  ? bpf_prog_load+0xd45/0x2670
[   93.633504][ T6868]  ? __pfx_lock_release+0x10/0x10
[   93.634779][ T6868]  ? trace_lock_acquire+0x14e/0x1f0
[   93.636065][ T6868]  ? bpf_prog_load+0xd45/0x2670
[   93.637274][ T6868]  ? ktime_get_with_offset+0x273/0x3a0
[   93.638627][ T6868]  ? lockdep_hardirqs_on+0x7c/0x110
[   93.639948][ T6868]  ? read_tsc+0x9/0x20
[   93.641012][ T6868]  ? ktime_get_with_offset+0x20f/0x3a0
[   93.642375][ T6868]  ? bpf_obj_name_cpy+0x156/0x1b0
[   93.643648][ T6868]  bpf_prog_load+0xe3f/0x2670
[   93.644877][ T6868]  ? __pfx_bpf_prog_load+0x10/0x10
[   93.646178][ T6868]  ? find_held_lock+0x2d/0x110
[   93.647393][ T6868]  ? __might_fault+0x13b/0x190
[   93.648635][ T6868]  ? __might_fault+0xe3/0x190
[   93.649805][ T6868]  __sys_bpf+0x5677/0x57a0
[   93.650943][ T6868]  ? __pfx_lock_release+0x10/0x10
[   93.652208][ T6868]  ? __pfx___sys_bpf+0x10/0x10
[   93.653422][ T6868]  ? vfs_write+0x306/0x1150
[   93.654563][ T6868]  ? __mutex_unlock_slowpath+0x164/0x690
[   93.656001][ T6868]  ? fput+0x67/0x440
[   93.656999][ T6868]  ? ksys_write+0x1ba/0x250
[   93.658149][ T6868]  ? __pfx_ksys_write+0x10/0x10
[   93.659370][ T6868]  __ia32_sys_bpf+0x76/0xe0
[   93.660549][ T6868]  __do_fast_syscall_32+0x73/0x120
[   93.661827][ T6868]  do_fast_syscall_32+0x32/0x80
[   93.663066][ T6868]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   93.664680][ T6868] RIP: 0023:0xf7f13579
[   93.665718][ T6868] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   93.670485][ T6868] RSP: 002b:00000000f507557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[   93.672570][ T6868] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000200
[   93.674534][ T6868] RDX: 0000000000000014 RSI: 0000000000000000 RDI: 0000000000000000
[   93.676506][ T6868] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   93.678482][ T6868] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   93.680463][ T6868] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   93.682497][ T6868]  </TASK>
[   93.683887][ T6868] Mem-Info:
[   93.684923][ T6868] active_anon:11066 inactive_anon:465 isolated_anon:0
[   93.684923][ T6868]  active_file:4330 inactive_file:33602 isolated_file:0
[   93.684923][ T6868]  unevictable:1768 dirty:316 writeback:0
[   93.684923][ T6868]  slab_reclaimable:5419 slab_unreclaimable:55280
[   93.684923][ T6868]  mapped:29768 shmem:8174 pagetables:628
[   93.684923][ T6868]  sec_pagetables:292 bounce:0
[   93.684923][ T6868]  kernel_misc_reclaimable:0
[   93.684923][ T6868]  free:64438 free_pcp:5846 free_cma:0
[   93.699294][ T6868] Node 0 active_anon:4116kB inactive_anon:1860kB active_file:8888kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5604kB dirty:72kB writeback:0kB shmem:5104kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9744kB pagetables:824kB sec_pagetables:1128kB all_unreclaimable? yes
[   93.708000][ T6868] Node 1 active_anon:40148kB inactive_anon:0kB active_file:8432kB inactive_file:134408kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:113468kB dirty:1192kB writeback:0kB shmem:27592kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2348kB pagetables:1788kB sec_pagetables:40kB all_unreclaimable? no
[   93.716299][ T6868] Node 0 DMA free:2952kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:108kB inactive_anon:136kB active_file:52kB inactive_file:0kB unevictable:0kB writepending:24kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:532kB local_pcp:92kB free_cma:0kB
[   93.723622][ T6868] lowmem_reserve[]: 0 273 0 0 0
[   93.725034][ T6868] Node 0 DMA32 free:17892kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:4008kB inactive_anon:1724kB active_file:8836kB inactive_file:0kB unevictable:3536kB writepending:48kB present:1032196kB managed:306336kB mlocked:0kB bounce:0kB free_pcp:5948kB local_pcp:4236kB free_cma:0kB
[   93.733260][ T6868] lowmem_reserve[]: 0 0 0 0 0
[   93.734867][ T6868] Node 1 DMA32 free:236660kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:40148kB inactive_anon:0kB active_file:8432kB inactive_file:134408kB unevictable:3536kB writepending:1192kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:17072kB local_pcp:992kB free_cma:0kB
[   93.743284][ T6868] lowmem_reserve[]: 0 0 0 0 0
[   93.744926][ T6868] Node 0 DMA: 32*4kB (UM) 9*8kB (UM) 22*16kB (UM) 49*32kB (UM) 9*64kB (UM) 2*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2952kB
[   93.748866][ T6868] Node 0 DMA32: 299*4kB (UH) 37*8kB (UMEH) 57*16kB (UMEH) 116*32kB (UMEH) 58*64kB (UMEH) 25*128kB (UME) 7*256kB (UE) 4*512kB (UM) 1*1024kB (M) 0*2048kB 0*4096kB = 17892kB
[   93.753405][ T6868] Node 1 DMA32: 36*4kB (U) 58*8kB (UME) 81*16kB (UME) 96*32kB (UME) 87*64kB (UME) 91*128kB (UME) 44*256kB (UME) 25*512kB (UME) 18*1024kB (UM) 8*2048kB (UME) 38*4096kB (UM) = 236720kB
[   93.758443][ T6868] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   93.760964][ T6868] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   93.763381][ T6868] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   93.765875][ T6868] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   93.768419][ T6868] 46107 total pagecache pages
[   93.769682][ T6868] 0 pages in swap cache
[   93.770803][ T6868] Free swap  = 124728kB
[   93.771927][ T6868] Total swap = 124996kB
[   93.773060][ T6868] 524155 pages RAM
[   93.774086][ T6868] 0 pages HighMem/MovableOnly
[   93.775365][ T6868] 206668 pages reserved
[   93.776504][ T6868] 0 pages cma reserved
[   95.323553][ T6888] 9pnet_virtio: no channels available for device syz
[   96.365323][ T6906] netlink: 256 bytes leftover after parsing attributes in process `syz.0.231'.
[   96.369557][ T6896] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   97.453559][ T6922] x_tables: ip_tables: MASQUERADE target: used from hooks INPUT, but only usable from POSTROUTING
[   97.858791][ T6924] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   97.922343][ T6930] hub 6-0:1.0: USB hub found
[   97.923584][ T6930] hub 6-0:1.0: 1 port detected
[   98.740099][ T6935] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   99.724850][ T6968] netlink: 64 bytes leftover after parsing attributes in process `syz.2.246'.
[   99.727247][ T6968] netlink: 52 bytes leftover after parsing attributes in process `syz.2.246'.
[   99.729852][ T6968] unsupported nlmsg_type 40
[   99.998477][ T6973] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  101.316884][   T35] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  101.470072][   T35] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  101.473123][   T35] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  101.476742][   T35] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  101.480207][   T35] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  101.483887][   T35] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  101.494606][   T35] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  101.497076][   T35] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  101.499262][   T35] usb 8-1: Product: syz
[  101.500686][   T35] usb 8-1: Manufacturer: syz
[  101.506011][   T35] cdc_wdm 8-1:1.0: skipping garbage
[  101.508434][   T35] cdc_wdm 8-1:1.0: skipping garbage
[  101.513555][   T35] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  101.515650][   T35] cdc_wdm 8-1:1.0: Unknown control protocol
[  101.521314][ T7011] netlink: 'syz.2.259': attribute type 2 has an invalid length.
[  101.523462][ T7011] netlink: 244 bytes leftover after parsing attributes in process `syz.2.259'.
[  101.909549][   T35] usb 8-1: USB disconnect, device number 2
[  102.056722][ T7018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.260'.
[  102.652566][ T7019] orangefs_mount: mount request failed with -4
[  103.228049][   T39] kauditd_printk_skb: 16 callbacks suppressed
[  103.228067][   T39] audit: type=1326 audit(1733391873.548:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.259201][   T39] audit: type=1326 audit(1733391873.548:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.266647][   T39] audit: type=1326 audit(1733391873.578:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.274051][   T39] audit: type=1326 audit(1733391873.578:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.281390][   T39] audit: type=1326 audit(1733391873.578:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.288176][   T39] audit: type=1326 audit(1733391873.578:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.294501][   T39] audit: type=1326 audit(1733391873.578:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.301533][   T39] audit: type=1326 audit(1733391873.578:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.308610][   T39] audit: type=1326 audit(1733391873.588:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.314893][   T39] audit: type=1326 audit(1733391873.588:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7039 comm="syz.0.266" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  103.854945][ T7033] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  104.237274][ T5957] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  104.240904][ T5957] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  104.243189][ T5957] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  104.245541][ T5957] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  104.249894][ T5957] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  104.251901][ T5957] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  104.472476][ T7056] chnl_net:caif_netlink_parms(): no params data found
[  104.690235][ T1139] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.860587][ T7056] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.862689][ T7056] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.865626][ T7056] bridge_slave_0: entered allmulticast mode
[  104.871282][ T7056] bridge_slave_0: entered promiscuous mode
[  104.875230][ T7056] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.879119][ T7056] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.881732][ T7056] bridge_slave_1: entered allmulticast mode
[  104.886012][ T7056] bridge_slave_1: entered promiscuous mode
[  105.017936][ T1139] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.067841][ T7056] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.077572][ T7056] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.126709][ T7056] team0: Port device team_slave_0 added
[  105.129410][ T7056] team0: Port device team_slave_1 added
[  105.170779][ T7056] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.172682][ T7056] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.179421][ T7056] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.184282][ T7056] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.186084][ T7056] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.193091][ T7056] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.240871][ T1139] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.264354][ T7056] hsr_slave_0: entered promiscuous mode
[  105.267762][ T7056] hsr_slave_1: entered promiscuous mode
[  105.269963][ T7056] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  105.271928][ T7056] Cannot create hsr debugfs directory
[  105.301554][ T1139] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.493073][ T7056] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  105.500288][ T7056] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  105.510542][ T7056] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  105.515504][ T7056] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  105.584805][ T1139] bridge_slave_1: left allmulticast mode
[  105.587940][ T1139] bridge_slave_1: left promiscuous mode
[  105.591190][ T1139] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.609631][ T1139] bridge_slave_0: left allmulticast mode
[  105.611610][ T1139] bridge_slave_0: left promiscuous mode
[  105.613898][ T1139] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.935245][ T1139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  105.940749][ T1139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  105.947289][ T1139] bond0 (unregistering): Released all slaves
[  105.989609][ T7056] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.001962][ T7056] 8021q: adding VLAN 0 to HW filter on device team0
[  106.010105][ T1173] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.012099][ T1173] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.033399][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.035901][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.221255][ T7056] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  106.223705][ T7056] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  106.336867][ T5957] Bluetooth: hci4: command tx timeout
[  106.405416][ T1139] hsr_slave_0: left promiscuous mode
[  106.409932][ T1139] hsr_slave_1: left promiscuous mode
[  106.412933][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.423655][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.434744][ T1139] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.444788][ T1139] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.495850][ T1139] veth1_macvtap: left promiscuous mode
[  106.499178][ T1139] veth0_macvtap: left promiscuous mode
[  106.500845][ T1139] veth1_vlan: left promiscuous mode
[  106.502445][ T1139] veth0_vlan: left promiscuous mode
[  107.195331][ T1139] team0 (unregistering): Port device team_slave_1 removed
[  107.254328][ T1139] team0 (unregistering): Port device team_slave_0 removed
[  107.375927][ T7115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  107.767240][ T7115] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  107.769812][ T7115] batman_adv: batadv0: Removing interface: batadv_slave_0
[  107.772653][ T7115] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  107.774673][ T7115] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.816021][ T7056] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.060690][ T7056] veth0_vlan: entered promiscuous mode
[  108.078403][ T7056] veth1_vlan: entered promiscuous mode
[  108.122882][ T7056] veth0_macvtap: entered promiscuous mode
[  108.137442][ T7056] veth1_macvtap: entered promiscuous mode
[  108.143843][ T7056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.152728][ T7056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.156914][ T7056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.160495][ T7056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.167494][ T7056] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.178366][ T7056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.181784][ T7056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.185243][ T7056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.190700][ T7056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.196419][ T7056] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.207015][ T7056] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.210373][ T7056] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.213674][ T7056] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.216685][ T7056] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.284907][   T39] kauditd_printk_skb: 5 callbacks suppressed
[  108.284918][   T39] audit: type=1326 audit(1733391878.598:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7120 comm="syz.2.282" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  108.293171][   T39] audit: type=1326 audit(1733391878.608:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7120 comm="syz.2.282" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  108.340124][   T39] audit: type=1326 audit(1733391878.658:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7120 comm="syz.2.282" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  108.346321][   T39] audit: type=1326 audit(1733391878.658:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7120 comm="syz.2.282" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  108.355196][   T39] audit: type=1326 audit(1733391878.658:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7120 comm="syz.2.282" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  108.417478][ T5957] Bluetooth: hci4: command tx timeout
[  108.470909][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.472888][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.699177][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.701246][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.598089][   T39] audit: type=1326 audit(1733391879.908:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz.3.287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  109.635429][   T39] audit: type=1326 audit(1733391879.928:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz.3.287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  109.646644][   T39] audit: type=1326 audit(1733391879.928:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz.3.287" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  109.653574][   T39] audit: type=1326 audit(1733391879.928:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz.3.287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  109.659791][   T39] audit: type=1326 audit(1733391879.928:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz.3.287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  109.669208][ T7199] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  110.304231][ T7213] veth0_to_team: entered promiscuous mode
[  110.306417][ T7213] veth0_to_team: entered allmulticast mode
[  110.348948][ T7215] overlay: ./bus is not a directory
[  110.351652][ T7215] overlay: ./bus is not a directory
[  110.355412][ T7215] netlink: 'syz.3.290': attribute type 9 has an invalid length.
[  110.358822][ T7215] netlink: 244 bytes leftover after parsing attributes in process `syz.3.290'.
[  110.508013][ T5957] Bluetooth: hci4: command tx timeout
[  112.345249][ T7259] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  112.577216][ T5957] Bluetooth: hci4: command tx timeout
[  113.023386][ T7272] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  113.112353][ T7285] FAULT_INJECTION: forcing a failure.
[  113.112353][ T7285] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  113.115942][ T7285] CPU: 2 UID: 0 PID: 7285 Comm: syz.2.309 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  113.118687][ T7285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.121412][ T7285] Call Trace:
[  113.122248][ T7285]  <TASK>
[  113.123005][ T7285]  dump_stack_lvl+0x16c/0x1f0
[  113.124219][ T7285]  should_fail_ex+0x497/0x5b0
[  113.125448][ T7285]  ? fs_reclaim_acquire+0xae/0x150
[  113.126752][ T7285]  should_fail_alloc_page+0xe7/0x130
[  113.128159][ T7285]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  113.129729][ T7285]  ? __pfx_mark_lock+0x10/0x10
[  113.130949][ T7285]  __alloc_pages_noprof+0x190/0x25b0
[  113.132355][ T7285]  ? __pfx_mark_lock+0x10/0x10
[  113.133617][ T7285]  ? lock_acquire.part.0+0x11b/0x380
[  113.135009][ T7285]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  113.136518][ T7285]  ? hlock_class+0x4e/0x130
[  113.137712][ T7285]  ? __lock_acquire+0xcc5/0x3c40
[  113.139004][ T7285]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  113.140570][ T7285]  ? policy_nodemask+0xea/0x4e0
[  113.141846][ T7285]  alloc_pages_mpol_noprof+0x2c9/0x610
[  113.143264][ T7285]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  113.144883][ T7285]  ? find_held_lock+0x2d/0x110
[  113.146145][ T7285]  folio_alloc_mpol_noprof+0x36/0xd0
[  113.147524][ T7285]  shmem_alloc_folio+0x135/0x160
[  113.148853][ T7285]  shmem_alloc_and_add_folio+0x48b/0xc00
[  113.150318][ T7285]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  113.151861][ T7285]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  113.153472][ T7285]  ? shmem_huge_global_enabled+0x176/0x250
[  113.155013][ T7285]  ? shmem_allowable_huge_orders+0xcd/0x3e0
[  113.156596][ T7285]  shmem_get_folio_gfp+0x689/0x1530
[  113.157984][ T7285]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  113.159464][ T7285]  shmem_write_begin+0x161/0x300
[  113.160783][ T7285]  ? __pfx_fault_in_readable+0x10/0x10
[  113.162217][ T7285]  ? __pfx_shmem_write_begin+0x10/0x10
[  113.163646][ T7285]  generic_perform_write+0x2ba/0x920
[  113.165040][ T7285]  ? __pfx_generic_perform_write+0x10/0x10
[  113.166558][ T7285]  ? inode_needs_update_time.part.0+0x191/0x270
[  113.168202][ T7285]  shmem_file_write_iter+0x10e/0x140
[  113.169587][ T7285]  vfs_write+0x5ae/0x1150
[  113.170727][ T7285]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  113.172269][ T7285]  ? __pfx___mutex_lock+0x10/0x10
[  113.173586][ T7285]  ? __pfx_vfs_write+0x10/0x10
[  113.174854][ T7285]  ksys_write+0x12b/0x250
[  113.175987][ T7285]  ? __pfx_ksys_write+0x10/0x10
[  113.177290][ T7285]  __do_fast_syscall_32+0x73/0x120
[  113.178629][ T7285]  do_fast_syscall_32+0x32/0x80
[  113.179917][ T7285]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  113.181583][ T7285] RIP: 0023:0xf7f13579
[  113.182650][ T7285] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  113.187626][ T7285] RSP: 002b:00000000f509657c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  113.189765][ T7285] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000040
[  113.191677][ T7285] RDX: 000000000000fea7 RSI: 0000000000000000 RDI: 0000000000000000
[  113.193655][ T7285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  113.195588][ T7285] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  113.197560][ T7285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  113.199504][ T7285]  </TASK>
[  113.229491][ T7287] netlink: 'syz.2.310': attribute type 1 has an invalid length.
[  113.231510][ T7287] netlink: 224 bytes leftover after parsing attributes in process `syz.2.310'.
[  114.386901][   T63] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  114.536853][   T63] usb 7-1: Using ep0 maxpacket: 8
[  114.540058][   T63] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  114.543500][   T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  114.547397][   T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  114.550937][   T63] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  114.555424][   T63] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  114.558667][   T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.765982][   T63] usb 7-1: GET_CAPABILITIES returned 0
[  114.767547][   T63] usbtmc 7-1:16.0: can't read capabilities
[  114.805696][ T7313] trusted_key: encrypted_key: insufficient parameters specified
[  114.807176][ T6013] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  114.966864][ T6013] usb 5-1: Using ep0 maxpacket: 16
[  114.978866][ T7303] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.981794][ T7303] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.002343][ T6013] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  115.005706][ T6013] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  115.007323][ T5848] usb 7-1: USB disconnect, device number 3
[  115.009143][ T6013] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.018706][ T6013] usb 5-1: config 0 descriptor??
[  115.030679][ T6013] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input7
[  115.361349][   T39] kauditd_printk_skb: 40 callbacks suppressed
[  115.361516][   T39] audit: type=1326 audit(1733391885.678:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  115.374284][   T39] audit: type=1326 audit(1733391885.678:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  115.381258][   T39] audit: type=1326 audit(1733391885.678:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  115.392395][   T39] audit: type=1326 audit(1733391885.678:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  115.398775][   T39] audit: type=1326 audit(1733391885.678:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  115.404946][   T39] audit: type=1326 audit(1733391885.678:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  115.411406][   T39] audit: type=1326 audit(1733391885.678:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  115.417616][   T39] audit: type=1326 audit(1733391885.678:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  115.423329][   T39] audit: type=1326 audit(1733391885.678:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  115.432738][   T39] audit: type=1326 audit(1733391885.678:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.2.322" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  116.101175][ T7345] netlink: 12 bytes leftover after parsing attributes in process `syz.2.325'.
[  116.105598][ T7345] random: crng reseeded on system resumption
[  116.800721][ T7352] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  116.907494][ T7358] netlink: 28 bytes leftover after parsing attributes in process `syz.3.328'.
[  116.909888][ T7358] netlink: 8 bytes leftover after parsing attributes in process `syz.3.328'.
[  116.963878][ T7361] FAULT_INJECTION: forcing a failure.
[  116.963878][ T7361] name failslab, interval 1, probability 0, space 0, times 0
[  116.967190][ T7361] CPU: 0 UID: 0 PID: 7361 Comm: syz.4.329 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  116.969911][ T7361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.972589][ T7361] Call Trace:
[  116.973442][ T7361]  <TASK>
[  116.974191][ T7361]  dump_stack_lvl+0x16c/0x1f0
[  116.975392][ T7361]  should_fail_ex+0x497/0x5b0
[  116.976595][ T7361]  ? fs_reclaim_acquire+0xae/0x150
[  116.977939][ T7361]  should_failslab+0xc2/0x120
[  116.979136][ T7361]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  116.980513][ T7361]  ? __kernfs_new_node+0xd3/0x890
[  116.981826][ T7361]  __kernfs_new_node+0xd3/0x890
[  116.983104][ T7361]  ? __pfx___kernfs_new_node+0x10/0x10
[  116.984501][ T7361]  ? __pfx_lock_release+0x10/0x10
[  116.985784][ T7361]  ? kernfs_add_one+0x39d/0x520
[  116.987018][ T7361]  ? up_write+0x1b2/0x520
[  116.988139][ T7361]  kernfs_new_node+0x186/0x240
[  116.989608][ T7361]  __kernfs_create_file+0x53/0x350
[  116.990997][ T7361]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  116.992415][ T7361]  internal_create_group+0x56c/0xf10
[  116.993803][ T7361]  ? __pfx_internal_create_group+0x10/0x10
[  116.995340][ T7361]  ? kernfs_create_link+0x1bd/0x240
[  116.996722][ T7361]  internal_create_groups+0x9d/0x150
[  116.998775][ T7361]  device_add+0x6d3/0x1a70
[  117.000005][ T7361]  ? __pfx_device_add+0x10/0x10
[  117.001286][ T7361]  ? __init_waitqueue_head+0xca/0x150
[  117.002652][ T7361]  netdev_register_kobject+0x183/0x3a0
[  117.004044][ T7361]  register_netdevice+0x1473/0x1e20
[  117.005411][ T7361]  ? __pfx_register_netdevice+0x10/0x10
[  117.006867][ T7361]  geneve_configure+0x765/0xae0
[  117.008160][ T7361]  geneve_newlink+0x125/0x2b0
[  117.009349][ T7361]  ? __pfx_geneve_newlink+0x10/0x10
[  117.010700][ T7361]  ? rtnl_create_link+0xa2e/0xf10
[  117.012024][ T7361]  rtnl_newlink+0x11ad/0x1c10
[  117.013269][ T7361]  ? __pfx_geneve_newlink+0x10/0x10
[  117.014617][ T7361]  ? __pfx_rtnl_newlink+0x10/0x10
[  117.015914][ T7361]  ? __pfx___lock_acquire+0x10/0x10
[  117.017295][ T7361]  ? kmem_cache_free+0x152/0x4c0
[  117.018605][ T7361]  ? aa_get_newest_label+0x376/0x680
[  117.020111][ T7361]  ? find_held_lock+0x2d/0x110
[  117.021327][ T7361]  ? find_held_lock+0x2d/0x110
[  117.022543][ T7361]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  117.023867][ T7361]  ? __pfx_lock_release+0x10/0x10
[  117.025179][ T7361]  ? trace_lock_acquire+0x14e/0x1f0
[  117.026524][ T7361]  ? __pfx_rtnl_newlink+0x10/0x10
[  117.027769][ T7361]  rtnetlink_rcv_msg+0x95b/0xea0
[  117.029048][ T7361]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  117.030475][ T7361]  ? __pfx___dev_queue_xmit+0x10/0x10
[  117.031888][ T7361]  netlink_rcv_skb+0x165/0x410
[  117.033162][ T7361]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  117.034603][ T7361]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  117.035997][ T7361]  ? netlink_deliver_tap+0x1ae/0xca0
[  117.037425][ T7361]  netlink_unicast+0x53c/0x7f0
[  117.038683][ T7361]  ? __pfx_netlink_unicast+0x10/0x10
[  117.040092][ T7361]  ? __phys_addr_symbol+0x30/0x80
[  117.041418][ T7361]  ? __check_object_size+0x488/0x710
[  117.042824][ T7361]  netlink_sendmsg+0x8b8/0xd70
[  117.044101][ T7361]  ? __pfx_netlink_sendmsg+0x10/0x10
[  117.045491][ T7361]  ____sys_sendmsg+0x9ae/0xb40
[  117.046747][ T7361]  ? __pfx_____sys_sendmsg+0x10/0x10
[  117.048146][ T7361]  ? get_compat_msghdr+0x11b/0x170
[  117.049512][ T7361]  ___sys_sendmsg+0x135/0x1e0
[  117.050766][ T7361]  ? __pfx____sys_sendmsg+0x10/0x10
[  117.052232][ T7361]  ? __pfx_lock_release+0x10/0x10
[  117.053559][ T7361]  ? trace_lock_acquire+0x14e/0x1f0
[  117.054953][ T7361]  ? __fget_files+0x206/0x3a0
[  117.056212][ T7361]  __sys_sendmsg+0x16e/0x220
[  117.057439][ T7361]  ? __pfx___sys_sendmsg+0x10/0x10
[  117.059529][ T7361]  __do_fast_syscall_32+0x73/0x120
[  117.060883][ T7361]  do_fast_syscall_32+0x32/0x80
[  117.062167][ T7361]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  117.063827][ T7361] RIP: 0023:0xf7f98579
[  117.064913][ T7361] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  117.069920][ T7361] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  117.072119][ T7361] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[  117.074180][ T7361] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  117.076227][ T7361] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  117.078303][ T7361] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  117.080385][ T7361] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  117.082466][ T7361]  </TASK>
[  117.570243][ T5338] bcm5974 5-1:0.0: could not read from device
[  117.575861][ T5338] bcm5974 5-1:0.0: could not read from device
[  117.581085][ T6013] usb 5-1: USB disconnect, device number 5
[  117.583784][ T5338] bcm5974 5-1:0.0: could not read from device
[  117.619919][ T7372] fuse: Bad value for 'group_id'
[  117.621354][ T7372] fuse: Bad value for 'group_id'
[  117.876887][   T35] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  117.980352][ T7378] netlink: 12 bytes leftover after parsing attributes in process `syz.0.335'.
[  118.060275][ T7383] overlay: ./bus is not a directory
[  118.065422][ T7383] overlay: ./bus is not a directory
[  118.075006][ T7383] netlink: 'syz.3.337': attribute type 9 has an invalid length.
[  118.077048][ T7383] netlink: 244 bytes leftover after parsing attributes in process `syz.3.337'.
[  118.106863][   T35] usb 7-1: Using ep0 maxpacket: 8
[  118.236110][   T35] usb 7-1: config 0 has no interfaces?
[  118.240409][   T35] usb 7-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  118.242748][   T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.244791][   T35] usb 7-1: Product: syz
[  118.245872][   T35] usb 7-1: Manufacturer: syz
[  118.247235][   T35] usb 7-1: SerialNumber: syz
[  118.249981][   T35] usb 7-1: config 0 descriptor??
[  118.275813][ T7397] can: request_module (can-proto-0) failed.
[  118.635306][ T7404] overlay: filesystem on ./file0 not supported as upperdir
[  119.270512][ T7420] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  119.934398][ T7439] netlink: 12 bytes leftover after parsing attributes in process `syz.3.352'.
[  120.030454][ T7441] overlay: ./bus is not a directory
[  120.033319][ T7441] overlay: ./bus is not a directory
[  120.043684][ T7441] netlink: 'syz.3.353': attribute type 9 has an invalid length.
[  120.046462][ T7441] netlink: 244 bytes leftover after parsing attributes in process `syz.3.353'.
[  120.738050][ T6013] usb 7-1: USB disconnect, device number 4
[  120.891512][ T7488] netlink: 24 bytes leftover after parsing attributes in process `syz.2.359'.
[  121.057948][ T7493] netlink: 'syz.0.361': attribute type 10 has an invalid length.
[  121.060502][ T7493] netlink: 40 bytes leftover after parsing attributes in process `syz.0.361'.
[  121.063864][ T7493] batman_adv: batadv0: Adding interface: vlan1
[  121.065895][ T7493] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.077720][ T7493] batman_adv: batadv0: Interface activated: vlan1
[  121.282866][   T39] kauditd_printk_skb: 20 callbacks suppressed
[  121.291053][   T39] audit: type=1326 audit(1733391891.598:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.296450][   T39] audit: type=1326 audit(1733391891.598:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.306159][   T39] audit: type=1326 audit(1733391891.598:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.325464][   T39] audit: type=1326 audit(1733391891.598:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.333062][   T39] audit: type=1326 audit(1733391891.598:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.343407][   T39] audit: type=1326 audit(1733391891.608:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.364078][   T39] audit: type=1326 audit(1733391891.608:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.376131][   T39] audit: type=1326 audit(1733391891.608:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.382197][   T39] audit: type=1326 audit(1733391891.608:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.409609][   T39] audit: type=1326 audit(1733391891.608:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  121.608472][ T7515] fuse: Bad value for 'group_id'
[  121.609850][ T7515] fuse: Bad value for 'group_id'
[  121.849328][   T35] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  121.877317][ T7520] 9pnet: Unknown protocol version 9›YƒÞ‰f.È:{ÅŠžÝÿ©
(ƒ?ñ‘kÀq†kï1d
[  121.996880][   T35] usb 9-1: Using ep0 maxpacket: 8
[  121.999390][   T35] usb 9-1: config 0 has no interfaces?
[  122.002187][   T35] usb 9-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  122.004544][   T35] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.006742][   T35] usb 9-1: Product: syz
[  122.008268][   T35] usb 9-1: Manufacturer: syz
[  122.009933][   T35] usb 9-1: SerialNumber: syz
[  122.012855][   T35] usb 9-1: config 0 descriptor??
[  122.157009][ T7525] netlink: 'syz.0.371': attribute type 1 has an invalid length.
[  122.158985][ T7525] netlink: 60 bytes leftover after parsing attributes in process `syz.0.371'.
[  122.231628][   T25] usb 9-1: USB disconnect, device number 2
[  123.015894][ T7555] netlink: 32 bytes leftover after parsing attributes in process `syz.2.376'.
[  123.844803][ T7616] netlink: 8 bytes leftover after parsing attributes in process `syz.3.380'.
[  124.205321][ T7625] FAULT_INJECTION: forcing a failure.
[  124.205321][ T7625] name failslab, interval 1, probability 0, space 0, times 0
[  124.210050][ T7625] CPU: 3 UID: 0 PID: 7625 Comm: syz.2.382 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  124.213083][ T7625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  124.216233][ T7625] Call Trace:
[  124.217323][ T7625]  <TASK>
[  124.218090][ T7625]  dump_stack_lvl+0x16c/0x1f0
[  124.219399][ T7625]  should_fail_ex+0x497/0x5b0
[  124.220637][ T7625]  ? fs_reclaim_acquire+0xae/0x150
[  124.222237][ T7625]  should_failslab+0xc2/0x120
[  124.223732][ T7625]  __kmalloc_noprof+0xce/0x4f0
[  124.224921][ T7625]  ? __list_lru_init+0xe8/0x4c0
[  124.226143][ T7625]  __list_lru_init+0xe8/0x4c0
[  124.227345][ T7625]  alloc_super+0x909/0xbd0
[  124.228487][ T7625]  ? __pfx_test_single_super+0x10/0x10
[  124.229846][ T7625]  sget_fc+0x116/0xb90
[  124.231144][ T7625]  ? __pfx_set_anon_super_fc+0x10/0x10
[  124.232912][ T7625]  ? __pfx_gadgetfs_fill_super+0x10/0x10
[  124.234727][ T7625]  get_tree_single+0x2d/0x190
[  124.236275][ T7625]  vfs_get_tree+0x8f/0x380
[  124.237406][ T7625]  path_mount+0x6e1/0x1f10
[  124.238885][ T7625]  ? kmem_cache_free+0x152/0x4c0
[  124.240488][ T7625]  ? __pfx_path_mount+0x10/0x10
[  124.242097][ T7625]  ? putname+0x13c/0x180
[  124.243421][ T7625]  __ia32_sys_mount+0x292/0x310
[  124.244699][ T7625]  ? __pfx___ia32_sys_mount+0x10/0x10
[  124.246221][ T7625]  __do_fast_syscall_32+0x73/0x120
[  124.247585][ T7625]  do_fast_syscall_32+0x32/0x80
[  124.248792][ T7625]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  124.250348][ T7625] RIP: 0023:0xf7f13579
[  124.251355][ T7625] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  124.257071][ T7625] RSP: 002b:00000000f509657c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  124.259650][ T7625] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000200
[  124.261792][ T7625] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  124.264038][ T7625] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  124.265959][ T7625] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  124.267860][ T7625] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  124.269757][ T7625]  </TASK>
[  125.408099][ T7642] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  127.553969][ T7686] can0: slcan on ttyS3.
[  127.811205][ T7674] netlink: 24 bytes leftover after parsing attributes in process `syz.3.395'.
[  127.813611][ T7674] netlink: 24 bytes leftover after parsing attributes in process `syz.3.395'.
[  128.176919][ T7699] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  128.284090][ T7677] can0 (unregistered): slcan off ttyS3.
[  128.300163][ T7703] netlink: 4 bytes leftover after parsing attributes in process `syz.3.400'.
[  128.954769][ T7731] syzkaller0: entered allmulticast mode
[  129.080604][   T39] kauditd_printk_skb: 19 callbacks suppressed
[  129.080688][   T39] audit: type=1326 audit(1733391899.398:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.088590][   T39] audit: type=1326 audit(1733391899.398:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.094940][   T39] audit: type=1326 audit(1733391899.398:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.100556][   T39] audit: type=1326 audit(1733391899.398:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.106316][   T39] audit: type=1326 audit(1733391899.398:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.111554][   T39] audit: type=1326 audit(1733391899.398:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.116999][   T39] audit: type=1326 audit(1733391899.398:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.122135][   T39] audit: type=1326 audit(1733391899.398:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.127568][   T39] audit: type=1326 audit(1733391899.398:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.132828][   T39] audit: type=1326 audit(1733391899.398:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  129.460351][ T7744] overlay: ./bus is not a directory
[  129.508747][ T7744] overlay: ./bus is not a directory
[  129.513501][ T7744] netlink: 'syz.4.410': attribute type 9 has an invalid length.
[  129.515535][ T7744] netlink: 244 bytes leftover after parsing attributes in process `syz.4.410'.
[  130.115620][ T7765] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  130.657892][ T7763] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  130.721000][ T7776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.419'.
[  130.769961][ T7778] overlay: ./bus is not a directory
[  130.773155][ T7778] overlay: ./bus is not a directory
[  130.777836][ T7778] netlink: 'syz.3.421': attribute type 9 has an invalid length.
[  130.779807][ T7778] netlink: 244 bytes leftover after parsing attributes in process `syz.3.421'.
[  131.940403][ T7797] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  132.178494][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[  132.180239][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[  132.313766][ T7819] overlay: ./bus is not a directory
[  132.321024][ T7819] overlay: ./bus is not a directory
[  132.334372][ T7819] netlink: 'syz.0.433': attribute type 9 has an invalid length.
[  132.340269][ T7819] netlink: 244 bytes leftover after parsing attributes in process `syz.0.433'.
[  133.033716][ T7830] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  133.457125][ T7848] overlay: ./bus is not a directory
[  133.459123][ T7848] overlay: ./bus is not a directory
[  133.462783][ T7848] netlink: 'syz.3.443': attribute type 9 has an invalid length.
[  133.464932][ T7848] netlink: 244 bytes leftover after parsing attributes in process `syz.3.443'.
[  133.919571][ T7861] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  133.995576][ T7875] overlay: ./bus is not a directory
[  133.998710][ T7875] overlay: ./bus is not a directory
[  134.002151][ T7875] netlink: 'syz.0.452': attribute type 9 has an invalid length.
[  134.004130][ T7875] netlink: 244 bytes leftover after parsing attributes in process `syz.0.452'.
[  134.286928][ T5994] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  134.440148][ T5994] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  134.442859][ T5994] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  134.445322][ T5994] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  134.448337][ T5994] usb 9-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  134.454281][ T5994] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  134.457306][ T5994] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  134.459841][ T5994] usb 9-1: Product: syz
[  134.461163][ T5994] usb 9-1: Manufacturer: syz
[  134.471453][ T5994] cdc_wdm 9-1:1.0: skipping garbage
[  134.473202][ T5994] cdc_wdm 9-1:1.0: probe with driver cdc_wdm failed with error -22
[  134.751827][ T7900] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'.
[  135.357014][ T5992] usb 9-1: USB disconnect, device number 3
[  135.515247][ T7910] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  135.606535][ T7916] overlay: ./bus is not a directory
[  135.615449][ T7916] overlay: ./bus is not a directory
[  136.037776][ T7935] netlink: 24 bytes leftover after parsing attributes in process `syz.4.472'.
[  136.040045][ T7935] netlink: 264 bytes leftover after parsing attributes in process `syz.4.472'.
[  136.042378][ T7935] netlink: 'syz.4.472': attribute type 5 has an invalid length.
[  136.119056][ T7947] overlay: ./bus is not a directory
[  136.121405][ T7947] overlay: ./bus is not a directory
[  136.431919][ T7956] binder: 7954:7956 ioctl c0306201 20000000 returned -22
[  136.511865][ T7950] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  136.780514][ T7982] overlay: ./bus is not a directory
[  136.783616][ T7982] overlay: ./bus is not a directory
[  136.795749][ T7985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.486'.
[  137.279202][ T7999] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  137.413227][ T8005] netlink: 'syz.4.492': attribute type 1 has an invalid length.
[  137.444544][ T8005] 8021q: adding VLAN 0 to HW filter on device bond1
[  137.475502][ T8005] 8021q: adding VLAN 0 to HW filter on device bond1
[  137.478168][ T8005] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  137.486834][ T8005] bond1: (slave vcan1): Error -95 calling set_mac_address
[  137.667320][ T8018] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  137.713127][ T8020] overlay: ./bus is not a directory
[  137.715045][ T8020] overlay: ./bus is not a directory
[  137.720664][ T8020] netlink: 'syz.0.497': attribute type 9 has an invalid length.
[  137.722773][ T8020] netlink: 244 bytes leftover after parsing attributes in process `syz.0.497'.
[  138.246923][ T8036] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  138.502078][ T8045] FAULT_INJECTION: forcing a failure.
[  138.502078][ T8045] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.505625][ T8045] CPU: 0 UID: 0 PID: 8045 Comm: syz.0.503 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  138.508355][ T8045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  138.511062][ T8045] Call Trace:
[  138.511940][ T8045]  <TASK>
[  138.512713][ T8045]  dump_stack_lvl+0x16c/0x1f0
[  138.513969][ T8045]  should_fail_ex+0x497/0x5b0
[  138.515214][ T8045]  _copy_from_user+0x2e/0xd0
[  138.516465][ T8045]  snd_seq_write+0x3ea/0x6c0
[  138.517670][ T8045]  ? __pfx_snd_seq_write+0x10/0x10
[  138.519004][ T8045]  ? bpf_lsm_file_permission+0x9/0x10
[  138.520408][ T8045]  ? security_file_permission+0x71/0x210
[  138.521857][ T8045]  ? __pfx_snd_seq_write+0x10/0x10
[  138.523196][ T8045]  vfs_write+0x24c/0x1150
[  138.524332][ T8045]  ? __fget_files+0x1fc/0x3a0
[  138.525562][ T8045]  ? __pfx_lock_release+0x10/0x10
[  138.526867][ T8045]  ? __pfx_vfs_write+0x10/0x10
[  138.528121][ T8045]  ? lock_acquire+0x2f/0xb0
[  138.529305][ T8045]  ? __fget_files+0x40/0x3a0
[  138.530516][ T8045]  ? __fget_files+0x206/0x3a0
[  138.531755][ T8045]  ksys_write+0x207/0x250
[  138.532900][ T8045]  ? __pfx_ksys_write+0x10/0x10
[  138.534185][ T8045]  __do_fast_syscall_32+0x73/0x120
[  138.535530][ T8045]  do_fast_syscall_32+0x32/0x80
[  138.536771][ T8045]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  138.538404][ T8045] RIP: 0023:0xf748e579
[  138.539466][ T8045] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  138.544403][ T8045] RSP: 002b:00000000f515557c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  138.546550][ T8045] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000000
[  138.548595][ T8045] RDX: 000000000000ffc8 RSI: 0000000000000000 RDI: 0000000000000000
[  138.550624][ T8045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  138.552659][ T8045] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  138.554728][ T8045] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  138.556778][ T8045]  </TASK>
[  138.618425][ T8048] tty tty28: ldisc open failed (-12), clearing slot 27
[  138.737717][ T5957] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  138.740560][ T5957] Bluetooth: hci4: Injecting HCI hardware error event
[  138.743359][ T5954] Bluetooth: hci4: hardware error 0x00
[  138.907499][ T8056] FAULT_INJECTION: forcing a failure.
[  138.907499][ T8056] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.912619][ T8056] CPU: 0 UID: 0 PID: 8056 Comm: syz.4.505 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  138.915208][ T8056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  138.918015][ T8056] Call Trace:
[  138.918905][ T8056]  <TASK>
[  138.919681][ T8056]  dump_stack_lvl+0x16c/0x1f0
[  138.920920][ T8056]  should_fail_ex+0x497/0x5b0
[  138.922158][ T8056]  _copy_from_user+0x2e/0xd0
[  138.923368][ T8056]  get_compat_msghdr+0xa8/0x170
[  138.924650][ T8056]  ? __pfx_get_compat_msghdr+0x10/0x10
[  138.926067][ T8056]  ___sys_sendmsg+0x1b0/0x1e0
[  138.927298][ T8056]  ? __pfx____sys_sendmsg+0x10/0x10
[  138.928667][ T8056]  ? lockdep_hardirqs_on+0x7c/0x110
[  138.930031][ T8056]  ? __pfx___might_resched+0x10/0x10
[  138.931411][ T8056]  __sys_sendmmsg+0x2fa/0x420
[  138.932651][ T8056]  ? __pfx___sys_sendmmsg+0x10/0x10
[  138.934011][ T8056]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  138.935585][ T8056]  ? fput+0x67/0x440
[  138.936621][ T8056]  ? ksys_write+0x1ba/0x250
[  138.937808][ T8056]  ? __pfx_ksys_write+0x10/0x10
[  138.939397][ T8056]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  138.940931][ T8056]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  138.942636][ T8056]  __do_fast_syscall_32+0x73/0x120
[  138.943992][ T8056]  do_fast_syscall_32+0x32/0x80
[  138.945307][ T8056]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  138.946947][ T8056] RIP: 0023:0xf7f98579
[  138.948017][ T8056] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  138.952923][ T8056] RSP: 002b:00000000f4dd457c EFLAGS: 00000292 ORIG_RAX: 0000000000000159
[  138.955074][ T8056] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000480
[  138.957116][ T8056] RDX: 00000000000002e9 RSI: 00000000000000fc RDI: 0000000000000000
[  138.959151][ T8056] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  138.961184][ T8056] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  138.963215][ T8056] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  138.965262][ T8056]  </TASK>
[  139.907008][ T5997] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  140.066898][ T5997] usb 8-1: Using ep0 maxpacket: 8
[  140.081493][ T5997] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.084449][ T5997] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.087353][ T5997] usb 8-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  140.090452][ T5997] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.094779][ T5997] usb 8-1: config 0 descriptor??
[  140.120909][ T5997] usbhid 8-1:0.0: can't add hid device: -22
[  140.122679][ T5997] usbhid 8-1:0.0: probe with driver usbhid failed with error -22
[  140.179711][ T8089] netlink: 28 bytes leftover after parsing attributes in process `syz.2.515'.
[  140.189303][ T8089] FAULT_INJECTION: forcing a failure.
[  140.189303][ T8089] name failslab, interval 1, probability 0, space 0, times 0
[  140.194061][ T8089] CPU: 1 UID: 0 PID: 8089 Comm: syz.2.515 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  140.197910][ T8089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.201778][ T8089] Call Trace:
[  140.202973][ T8089]  <TASK>
[  140.204073][ T8089]  dump_stack_lvl+0x16c/0x1f0
[  140.205812][ T8089]  should_fail_ex+0x497/0x5b0
[  140.207508][ T8089]  ? fs_reclaim_acquire+0xae/0x150
[  140.209365][ T8089]  should_failslab+0xc2/0x120
[  140.211079][ T8089]  __kmalloc_noprof+0xce/0x4f0
[  140.212834][ T8089]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  140.214860][ T8089]  ? tomoyo_realpath_from_path+0xbf/0x710
[  140.216890][ T8089]  tomoyo_realpath_from_path+0xbf/0x710
[  140.218970][ T8089]  ? tomoyo_path_number_perm+0x235/0x5b0
[  140.221011][ T8089]  tomoyo_path_number_perm+0x248/0x5b0
[  140.222985][ T8089]  ? tomoyo_path_number_perm+0x235/0x5b0
[  140.225024][ T8089]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  140.227223][ T8089]  ? __pfx_lock_release+0x10/0x10
[  140.229062][ T8089]  ? trace_lock_acquire+0x14e/0x1f0
[  140.230952][ T8089]  ? lock_acquire+0x2f/0xb0
[  140.232606][ T8089]  ? __fget_files+0x40/0x3a0
[  140.234297][ T8089]  ? __fget_files+0x206/0x3a0
[  140.236029][ T8089]  security_file_ioctl_compat+0x9b/0x240
[  140.238070][ T8089]  __do_compat_sys_ioctl+0x4e/0x2c0
[  140.239979][ T8089]  __do_fast_syscall_32+0x73/0x120
[  140.241845][ T8089]  do_fast_syscall_32+0x32/0x80
[  140.243592][ T8089]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.245353][ T8089] RIP: 0023:0xf7f13579
[  140.246420][ T8089] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  140.251391][ T8089] RSP: 002b:00000000f509657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  140.253564][ T8089] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 0000000000005423
[  140.255653][ T8089] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  140.257718][ T8089] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.259768][ T8089] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  140.261823][ T8089] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.263878][ T8089]  </TASK>
[  140.264949][ T8089] ERROR: Out of memory at tomoyo_realpath_from_path.
[  140.428542][ T5997] usb 8-1: USB disconnect, device number 3
[  140.527284][ T8099] netlink: 28 bytes leftover after parsing attributes in process `syz.4.518'.
[  140.797044][ T5994] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  140.817237][ T5954] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  140.971706][ T5994] usb 7-1: config 1 interface 0 has no altsetting 0
[  140.976317][ T5994] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  140.983204][ T5994] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.987529][ T5994] usb 7-1: Product: syz
[  140.988855][ T5994] usb 7-1: Manufacturer: syz
[  140.993020][ T5994] usb 7-1: SerialNumber: syz
[  141.046628][ T8124] netlink: 12 bytes leftover after parsing attributes in process `syz.3.522'.
[  141.069329][ T5954] Bluetooth: hci3: command 0x0405 tx timeout
[  141.707130][ T5994] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  141.820719][ T8137] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  141.988196][ T8142] fuse: Bad value for 'group_id'
[  141.989525][ T8142] fuse: Bad value for 'group_id'
[  142.238221][ T5997] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  142.263818][ T5994] usb 7-1: USB disconnect, device number 5
[  142.277207][ T5994] usblp0: removed
[  142.396949][ T5997] usb 8-1: Using ep0 maxpacket: 8
[  142.401609][ T5997] usb 8-1: config 0 has no interfaces?
[  142.405333][ T5997] usb 8-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  142.409899][ T5997] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.412762][ T5997] usb 8-1: Product: syz
[  142.414301][ T5997] usb 8-1: Manufacturer: syz
[  142.415823][ T5997] usb 8-1: SerialNumber: syz
[  142.427540][ T5997] usb 8-1: config 0 descriptor??
[  142.680965][ T5992] usb 8-1: USB disconnect, device number 4
[  143.219131][ T8168] netlink: 28 bytes leftover after parsing attributes in process `syz.3.536'.
[  143.398777][ T8166] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  143.442001][   T39] kauditd_printk_skb: 4 callbacks suppressed
[  143.442013][   T39] audit: type=1800 audit(1733391913.758:313): pid=8176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.539" name="bus" dev="9p" ino=38535357 res=0 errno=0
[  143.449660][ T8176] netfs: Couldn't get user pages (rc=-14)
[  143.776289][ T8194] netlink: 12 bytes leftover after parsing attributes in process `syz.2.545'.
[  143.783888][   T39] audit: type=1800 audit(1733391914.098:314): pid=8194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.545" name="bus" dev="9p" ino=38535357 res=0 errno=0
[  143.802712][ T8194] Process accounting resumed
[  143.926850][ T1012] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  144.076877][ T1012] usb 8-1: Using ep0 maxpacket: 8
[  144.080735][ T1012] usb 8-1: config 0 has no interfaces?
[  144.083528][ T1012] usb 8-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  144.085882][ T1012] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.088254][ T1012] usb 8-1: Product: syz
[  144.089358][ T1012] usb 8-1: Manufacturer: syz
[  144.090565][ T1012] usb 8-1: SerialNumber: syz
[  144.092584][ T1012] usb 8-1: config 0 descriptor??
[  144.301712][ T1012] usb 8-1: USB disconnect, device number 5
[  144.475873][ T8205] FAULT_INJECTION: forcing a failure.
[  144.475873][ T8205] name failslab, interval 1, probability 0, space 0, times 0
[  144.479889][ T8205] CPU: 2 UID: 0 PID: 8205 Comm: syz.4.549 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  144.483539][ T8205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.486559][ T8205] Call Trace:
[  144.487464][ T8205]  <TASK>
[  144.488287][ T8205]  dump_stack_lvl+0x16c/0x1f0
[  144.489840][ T8205]  should_fail_ex+0x497/0x5b0
[  144.491558][ T8205]  ? fs_reclaim_acquire+0xae/0x150
[  144.493141][ T8205]  should_failslab+0xc2/0x120
[  144.494355][ T8205]  __kmalloc_node_track_caller_noprof+0xcf/0x520
[  144.496237][ T8205]  ? p9_client_create+0x48d/0x11a0
[  144.498121][ T8205]  kstrdup+0x42/0xb0
[  144.499544][ T8205]  p9_client_create+0x48d/0x11a0
[  144.501370][ T8205]  ? __pfx_p9_client_create+0x10/0x10
[  144.502956][ T8205]  ? rcu_is_watching+0x12/0xc0
[  144.504231][ T8205]  ? __raw_spin_lock_init+0x3a/0x110
[  144.505768][ T8205]  v9fs_session_init+0x1f8/0x1a80
[  144.507442][ T8205]  ? __pfx_v9fs_session_init+0x10/0x10
[  144.509455][ T8205]  ? kasan_save_track+0x14/0x30
[  144.511235][ T8205]  v9fs_mount+0xc6/0xa30
[  144.512561][ T8205]  ? __pfx_v9fs_mount+0x10/0x10
[  144.513791][ T8205]  ? __pfx_v9fs_mount+0x10/0x10
[  144.515081][ T8205]  legacy_get_tree+0x109/0x220
[  144.516465][ T8205]  vfs_get_tree+0x8f/0x380
[  144.518070][ T8205]  path_mount+0x6e1/0x1f10
[  144.519669][ T8205]  ? kmem_cache_free+0x152/0x4c0
[  144.521446][ T8205]  ? __pfx_path_mount+0x10/0x10
[  144.522789][ T8205]  ? putname+0x13c/0x180
[  144.523940][ T8205]  __ia32_sys_mount+0x292/0x310
[  144.525206][ T8205]  ? __pfx___ia32_sys_mount+0x10/0x10
[  144.526744][ T8205]  __do_fast_syscall_32+0x73/0x120
[  144.528613][ T8205]  do_fast_syscall_32+0x32/0x80
[  144.530394][ T8205]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.532570][ T8205] RIP: 0023:0xf7f98579
[  144.533589][ T8205] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.539361][ T8205] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  144.541999][ T8205] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000000
[  144.544716][ T8205] RDX: 0000000020000240 RSI: 0000000000000000 RDI: 0000000020000440
[  144.547472][ T8205] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.550224][ T8205] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  144.553062][ T8205] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.555856][ T8205]  </TASK>
[  144.557044][    C2] vkms_vblank_simulate: vblank timer overrun
[  144.855488][ T8213] overlay: ./bus is not a directory
[  144.858591][ T8213] overlay: ./bus is not a directory
[  144.861199][ T8213] netlink: 'syz.3.552': attribute type 9 has an invalid length.
[  144.862887][ T8213] netlink: 244 bytes leftover after parsing attributes in process `syz.3.552'.
[  145.081156][   T39] audit: type=1326 audit(1733391915.398:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  145.088599][   T39] audit: type=1326 audit(1733391915.398:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  145.094405][   T39] audit: type=1326 audit(1733391915.398:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf748e579 code=0x7ffc0000
[  145.110776][   T39] audit: type=1326 audit(1733391915.398:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  145.121397][   T39] audit: type=1326 audit(1733391915.398:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf748e579 code=0x7ffc0000
[  145.141252][   T39] audit: type=1326 audit(1733391915.398:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  145.156606][   T39] audit: type=1326 audit(1733391915.398:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  145.163107][   T39] audit: type=1326 audit(1733391915.398:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  145.762711][ T8225] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  145.901843][ T8247] overlay: ./bus is not a directory
[  145.903735][ T8247] overlay: ./bus is not a directory
[  145.906271][ T8247] netlink: 'syz.2.561': attribute type 9 has an invalid length.
[  145.908629][ T8247] netlink: 244 bytes leftover after parsing attributes in process `syz.2.561'.
[  147.694352][ T8284] overlay: ./bus is not a directory
[  147.697395][ T8284] overlay: ./bus is not a directory
[  147.708283][ T8284] netlink: 'syz.2.570': attribute type 9 has an invalid length.
[  147.710408][ T8284] netlink: 244 bytes leftover after parsing attributes in process `syz.2.570'.
[  147.811002][ T8282] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  148.888273][   T39] kauditd_printk_skb: 20 callbacks suppressed
[  148.888285][   T39] audit: type=1326 audit(1733391919.208:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  148.895443][   T39] audit: type=1326 audit(1733391919.208:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  148.906922][   T39] audit: type=1326 audit(1733391919.208:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  148.913381][   T39] audit: type=1326 audit(1733391919.208:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  148.919116][   T39] audit: type=1326 audit(1733391919.208:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  148.926939][   T39] audit: type=1326 audit(1733391919.208:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  148.932573][   T39] audit: type=1326 audit(1733391919.218:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  148.938353][   T39] audit: type=1326 audit(1733391919.218:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  148.943825][   T39] audit: type=1326 audit(1733391919.218:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  148.950078][   T39] audit: type=1326 audit(1733391919.228:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8339 comm="syz.4.577" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  149.899168][ T8373] fuse: Bad value for 'rootmode'
[  149.995272][ T8368] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  151.096267][ T8397] : entered promiscuous mode
[  151.333258][ T8405] overlay: ./bus is not a directory
[  151.335401][ T8405] overlay: ./bus is not a directory
[  152.866942][ T5997] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  152.969423][ T8460] overlay: ./bus is not a directory
[  152.971933][ T8460] overlay: ./bus is not a directory
[  153.037366][ T5997] usb 9-1: Using ep0 maxpacket: 16
[  153.052836][ T5997] usb 9-1: config 0 has an invalid interface number: 214 but max is 0
[  153.056890][ T5997] usb 9-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  153.059307][ T5997] usb 9-1: config 0 has an invalid descriptor of length 52, skipping remainder of the config
[  153.061749][ T5997] usb 9-1: config 0 has no interface number 0
[  153.063303][ T5997] usb 9-1: config 0 interface 214 altsetting 0 endpoint 0x3 has an invalid bInterval 132, changing to 7
[  153.066027][ T5997] usb 9-1: config 0 interface 214 altsetting 0 endpoint 0x3 has invalid maxpacket 9241, setting to 1024
[  153.070403][ T5997] usb 9-1: New USB device found, idVendor=1e0e, idProduct=9200, bcdDevice=95.d1
[  153.072595][ T5997] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.074482][ T5997] usb 9-1: Product: syz
[  153.075520][ T5997] usb 9-1: Manufacturer: syz
[  153.076651][ T5997] usb 9-1: SerialNumber: syz
[  153.078776][ T5997] usb 9-1: config 0 descriptor??
[  153.299434][ T8446] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.301727][ T8446] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.383101][ T5997] option 9-1:0.214: GSM modem (1-port) converter detected
[  153.387616][ T5997] usb 9-1: USB disconnect, device number 4
[  153.390394][ T5997] option 9-1:0.214: device disconnected
[  153.504949][ T8481] FAULT_INJECTION: forcing a failure.
[  153.504949][ T8481] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.509591][ T8481] CPU: 3 UID: 0 PID: 8481 Comm: syz.3.608 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  153.512293][ T8481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.515508][ T8481] Call Trace:
[  153.516715][ T8481]  <TASK>
[  153.517783][ T8481]  dump_stack_lvl+0x16c/0x1f0
[  153.519461][ T8481]  should_fail_ex+0x497/0x5b0
[  153.521155][ T8481]  copy_fpstate_to_sigframe+0x858/0xaf0
[  153.523114][ T8481]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  153.525271][ T8481]  ? lock_acquire+0x2f/0xb0
[  153.526878][ T8481]  ? posixtimer_deliver_signal+0x1ad/0x650
[  153.528961][ T8481]  get_sigframe+0x4aa/0x9c0
[  153.530622][ T8481]  ? __pfx_get_sigframe+0x10/0x10
[  153.532416][ T8481]  ? _raw_spin_unlock_irq+0x29/0x50
[  153.534264][ T8481]  ? siginfo_layout+0x177/0x290
[  153.535989][ T8481]  ia32_setup_rt_frame+0xe4/0xb30
[  153.537768][ T8481]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  153.539785][ T8481]  arch_do_signal_or_restart+0x47b/0x7e0
[  153.541783][ T8481]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  153.543996][ T8481]  syscall_exit_to_user_mode+0x150/0x2a0
[  153.545990][ T8481]  __do_fast_syscall_32+0x80/0x120
[  153.547855][ T8481]  do_fast_syscall_32+0x32/0x80
[  153.549715][ T8481]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.551949][ T8481] RIP: 0023:0xf7f31579
[  153.553384][ T8481] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  153.560050][ T8481] RSP: 002b:00000000f50b657c EFLAGS: 00000292 ORIG_RAX: 0000000000000174
[  153.562998][ T8481] RAX: 0000000000000003 RBX: 0000000000000003 RCX: 0000000020001500
[  153.565770][ T8481] RDX: 0000000000000104 RSI: 0000000000000000 RDI: 0000000000000000
[  153.568509][ T8481] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.571274][ T8481] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  153.573387][ T8481] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.575350][ T8481]  </TASK>
[  153.853931][ T8484] wireguard0: entered promiscuous mode
[  153.855376][ T8484] wireguard0: entered allmulticast mode
[  153.901382][ T8486] netlink: 8 bytes leftover after parsing attributes in process `syz.3.609'.
[  154.107057][   T39] kauditd_printk_skb: 36 callbacks suppressed
[  154.107069][   T39] audit: type=1326 audit(1733391924.398:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.114342][   T39] audit: type=1326 audit(1733391924.398:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.120093][   T39] audit: type=1326 audit(1733391924.398:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.125576][   T39] audit: type=1326 audit(1733391924.398:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.131259][   T39] audit: type=1326 audit(1733391924.398:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.137012][   T39] audit: type=1326 audit(1733391924.398:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.142679][   T39] audit: type=1326 audit(1733391924.398:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.148219][   T39] audit: type=1326 audit(1733391924.398:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.153631][   T39] audit: type=1326 audit(1733391924.398:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.159445][   T39] audit: type=1326 audit(1733391924.398:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.0.612" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf748e579 code=0x7ffc0000
[  154.279153][ T8493] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  154.453090][ T8502] overlay: ./bus is not a directory
[  154.460225][ T8502] overlay: ./bus is not a directory
[  154.472884][ T8502] netlink: 'syz.4.615': attribute type 9 has an invalid length.
[  154.475109][ T8502] netlink: 244 bytes leftover after parsing attributes in process `syz.4.615'.
[  155.608346][ T8529] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  155.802419][ T8532] Invalid logical block size (65519)
[  155.838873][ T8534] overlay: ./bus is not a directory
[  155.843472][ T8534] overlay: ./bus is not a directory
[  155.848486][ T8534] netlink: 'syz.4.624': attribute type 9 has an invalid length.
[  155.851197][ T8534] netlink: 244 bytes leftover after parsing attributes in process `syz.4.624'.
[  156.429346][ T8549] netlink: 28 bytes leftover after parsing attributes in process `syz.0.629'.
[  156.468691][ T8549] overlay: ./file0 is not a directory
[  156.544573][ T8552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.630'.
[  156.566953][ T8552] vivid-001: disconnect
[  156.571115][ T8552] vivid-001: reconnect
[  156.828686][ T8557] netlink: 'syz.4.632': attribute type 10 has an invalid length.
[  157.246930][ T5992] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  157.466942][ T5992] usb 9-1: Using ep0 maxpacket: 8
[  157.469554][ T5992] usb 9-1: config 0 has no interfaces?
[  157.472682][ T5992] usb 9-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  157.475052][ T5992] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.477221][ T5992] usb 9-1: Product: syz
[  157.478318][ T5992] usb 9-1: Manufacturer: syz
[  157.479543][ T5992] usb 9-1: SerialNumber: syz
[  157.481957][ T5992] usb 9-1: config 0 descriptor??
[  157.800501][ T5992] usb 9-1: USB disconnect, device number 5
[  158.189425][ T8575] overlay: ./bus is not a directory
[  158.192120][ T8575] overlay: ./bus is not a directory
[  158.198979][ T8575] netlink: 'syz.2.637': attribute type 9 has an invalid length.
[  158.201029][ T8575] netlink: 244 bytes leftover after parsing attributes in process `syz.2.637'.
[  158.227517][ T8572] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  158.428092][ T8581] netlink: 12 bytes leftover after parsing attributes in process `syz.4.639'.
[  160.333244][ T8612] overlay: ./bus is not a directory
[  160.335871][ T8612] overlay: ./bus is not a directory
[  160.341102][ T8612] netlink: 'syz.4.646': attribute type 9 has an invalid length.
[  160.343874][ T8612] netlink: 244 bytes leftover after parsing attributes in process `syz.4.646'.
[  160.736945][   T56] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  160.886900][   T56] usb 7-1: Using ep0 maxpacket: 8
[  160.921186][   T56] usb 7-1: config 0 has no interfaces?
[  160.925230][   T56] usb 7-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  160.928672][   T56] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.947904][   T56] usb 7-1: Product: syz
[  161.046822][   T56] usb 7-1: Manufacturer: syz
[  161.066533][   T56] usb 7-1: SerialNumber: syz
[  161.070697][   T56] usb 7-1: config 0 descriptor??
[  161.311938][ T8619] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  161.582398][   T39] kauditd_printk_skb: 35 callbacks suppressed
[  161.582415][   T39] audit: type=1326 audit(1733391931.898:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  161.591303][   T39] audit: type=1326 audit(1733391931.898:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  161.604025][   T39] audit: type=1326 audit(1733391931.898:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  161.609817][   T39] audit: type=1326 audit(1733391931.898:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  161.615758][   T39] audit: type=1326 audit(1733391931.898:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  161.624256][   T39] audit: type=1326 audit(1733391931.908:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  161.630186][   T39] audit: type=1326 audit(1733391931.908:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  161.636035][   T39] audit: type=1326 audit(1733391931.908:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  161.642142][   T39] audit: type=1326 audit(1733391931.908:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  161.647546][   T39] audit: type=1326 audit(1733391931.908:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8627 comm="syz.3.652" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  162.381066][ T8646] overlay: ./bus is not a directory
[  162.393841][ T8646] overlay: ./bus is not a directory
[  162.399796][ T8646] netlink: 'syz.4.657': attribute type 9 has an invalid length.
[  162.402339][ T8646] netlink: 244 bytes leftover after parsing attributes in process `syz.4.657'.
[  162.439900][ T8649] netlink: 4 bytes leftover after parsing attributes in process `syz.4.658'.
[  163.034935][ T8655] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  163.571901][   T63] usb 7-1: USB disconnect, device number 6
[  164.213224][ T8689] overlay: ./bus is not a directory
[  164.217589][ T8689] overlay: ./bus is not a directory
[  164.221089][ T8689] netlink: 'syz.4.667': attribute type 9 has an invalid length.
[  164.223113][ T8689] netlink: 244 bytes leftover after parsing attributes in process `syz.4.667'.
[  164.736868][ T1012] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  164.743944][ T8699] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  164.886906][ T1012] usb 9-1: Using ep0 maxpacket: 8
[  165.438681][ T1012] usb 9-1: config 0 has no interfaces?
[  165.446052][ T1012] usb 9-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  165.451039][ T1012] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.453259][ T1012] usb 9-1: Product: syz
[  165.454400][ T1012] usb 9-1: Manufacturer: syz
[  165.455675][ T1012] usb 9-1: SerialNumber: syz
[  165.458518][ T1012] usb 9-1: config 0 descriptor??
[  165.554300][ T8714] Bluetooth: MGMT ver 1.23
[  165.702233][ T1012] usb 9-1: USB disconnect, device number 6
[  165.831633][ T8722] netlink: 4 bytes leftover after parsing attributes in process `syz.3.676'.
[  166.622138][ T8734] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  167.821284][ T8758] can0: slcan on ttyS3.
[  167.967478][ T8757] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  167.969850][ T8757] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  167.978178][ T8757] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  167.980392][ T8757] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  167.987169][ T8757] geneve2: entered promiscuous mode
[  167.988492][ T8757] geneve2: entered allmulticast mode
[  168.401498][   T39] kauditd_printk_skb: 33 callbacks suppressed
[  168.401509][   T39] audit: type=1326 audit(1733391938.718:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.409452][   T39] audit: type=1326 audit(1733391938.718:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.414829][   T39] audit: type=1326 audit(1733391938.718:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.420313][   T39] audit: type=1326 audit(1733391938.718:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.425438][   T39] audit: type=1326 audit(1733391938.728:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.432266][   T39] audit: type=1326 audit(1733391938.728:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.437496][   T39] audit: type=1326 audit(1733391938.728:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.442869][   T39] audit: type=1326 audit(1733391938.728:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.450190][   T39] audit: type=1326 audit(1733391938.728:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.458226][   T39] audit: type=1326 audit(1733391938.728:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8794 comm="syz.3.690" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  168.509326][   T25] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  168.557117][ T8753] can0 (unregistered): slcan off ttyS3.
[  168.604759][ T8806] overlay: ./bus is not a directory
[  168.606715][ T8806] overlay: ./bus is not a directory
[  168.614391][ T8806] netlink: 'syz.2.691': attribute type 9 has an invalid length.
[  168.629788][ T8806] netlink: 244 bytes leftover after parsing attributes in process `syz.2.691'.
[  168.657428][   T25] usb 9-1: Using ep0 maxpacket: 8
[  168.660024][   T25] usb 9-1: config 0 has no interfaces?
[  168.662872][   T25] usb 9-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  168.665045][   T25] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.667159][   T25] usb 9-1: Product: syz
[  168.668172][   T25] usb 9-1: Manufacturer: syz
[  168.669335][   T25] usb 9-1: SerialNumber: syz
[  168.672800][   T25] usb 9-1: config 0 descriptor??
[  168.884672][   T35] usb 9-1: USB disconnect, device number 7
[  168.918505][ T8816] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  169.746019][ T8845] overlay: ./bus is not a directory
[  169.753055][ T8845] overlay: ./bus is not a directory
[  169.764410][ T8845] netlink: 'syz.2.701': attribute type 9 has an invalid length.
[  169.767417][ T8845] netlink: 244 bytes leftover after parsing attributes in process `syz.2.701'.
[  170.097455][   T66] Bluetooth: hci2: command 0x0406 tx timeout
[  170.100174][ T5304] Bluetooth: hci1: command 0x0406 tx timeout
[  170.239149][ T8852] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  171.014294][ T8893] overlay: ./bus is not a directory
[  171.018575][ T8893] netlink: 'syz.3.712': attribute type 9 has an invalid length.
[  171.020637][ T8893] netlink: 244 bytes leftover after parsing attributes in process `syz.3.712'.
[  171.377924][ T8899] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  171.392029][ T8911] FAULT_INJECTION: forcing a failure.
[  171.392029][ T8911] name failslab, interval 1, probability 0, space 0, times 0
[  171.395335][ T8911] CPU: 2 UID: 0 PID: 8911 Comm: syz.4.716 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  171.397952][ T8911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.400638][ T8911] Call Trace:
[  171.400655][ T8911]  <TASK>
[  171.400660][ T8911]  dump_stack_lvl+0x16c/0x1f0
[  171.400677][ T8911]  should_fail_ex+0x497/0x5b0
[  171.404739][ T8911]  ? fs_reclaim_acquire+0xae/0x150
[  171.405996][ T8911]  should_failslab+0xc2/0x120
[  171.407198][ T8911]  __kmalloc_cache_noprof+0x68/0x420
[  171.408497][ T8911]  drm_mode_duplicate+0x47/0x200
[  171.409730][ T8911]  _drm_edid_connector_add_modes.part.0+0x4f5/0x3f90
[  171.411368][ T8911]  ? __kasan_kmalloc+0xaa/0xb0
[  171.412629][ T8911]  ? drm_edid_alloc+0x93/0x130
[  171.413848][ T8911]  ? drm_edid_connector_add_modes+0x94/0x130
[  171.415364][ T8911]  ? bochs_connector_helper_get_modes+0x1f0/0x2e0
[  171.416929][ T8911]  ? drm_helper_probe_single_connector_modes+0x55e/0x15a0
[  171.418719][ T8911]  ? drm_ioctl+0x57e/0xba0
[  171.419846][ T8911]  ? __do_fast_syscall_32+0x73/0x120
[  171.421163][ T8911]  ? do_fast_syscall_32+0x32/0x80
[  171.422443][ T8911]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  171.424041][ T8911]  ? __pfx__drm_edid_connector_add_modes.part.0+0x10/0x10
[  171.425793][ T8911]  ? kasan_save_track+0x14/0x30
[  171.427009][ T8911]  ? __kasan_kmalloc+0xaa/0xb0
[  171.428334][ T8911]  drm_edid_connector_add_modes+0xac/0x130
[  171.429760][ T8911]  bochs_connector_helper_get_modes+0x1f0/0x2e0
[  171.431297][ T8911]  ? __pfx_bochs_connector_helper_get_modes+0x10/0x10
[  171.433011][ T8911]  ? drm_modeset_lock+0x60/0x90
[  171.434258][ T8911]  drm_helper_probe_single_connector_modes+0x55e/0x15a0
[  171.436014][ T8911]  ? __pfx_drm_helper_probe_single_connector_modes+0x10/0x10
[  171.437926][ T8911]  ? __mutex_lock+0x1cc/0xa60
[  171.439185][ T8911]  ? __pfx_drm_helper_probe_single_connector_modes+0x10/0x10
[  171.441029][ T8911]  drm_mode_getconnector+0x712/0x14a0
[  171.442372][ T8911]  ? __pfx_drm_mode_getconnector+0x10/0x10
[  171.443831][ T8911]  ? drm_dev_exit+0x41/0x60
[  171.444950][ T8911]  ? lock_acquire+0x2f/0xb0
[  171.446070][ T8911]  ? drm_dev_enter+0x4c/0x170
[  171.447224][ T8911]  drm_ioctl_kernel+0x1e6/0x3d0
[  171.448439][ T8911]  ? __pfx_drm_mode_getconnector+0x10/0x10
[  171.449861][ T8911]  ? __might_fault+0xe3/0x190
[  171.450997][ T8911]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  171.452321][ T8911]  ? __might_fault+0xe3/0x190
[  171.453477][ T8911]  ? __pfx_drm_mode_getconnector+0x10/0x10
[  171.454938][ T8911]  drm_ioctl+0x57e/0xba0
[  171.456026][ T8911]  ? __pfx_drm_ioctl+0x10/0x10
[  171.457214][ T8911]  drm_compat_ioctl+0x327/0x460
[  171.458440][ T8911]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  171.459759][ T8911]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  171.461046][ T8911]  __do_fast_syscall_32+0x73/0x120
[  171.462303][ T8911]  do_fast_syscall_32+0x32/0x80
[  171.463511][ T8911]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  171.465070][ T8911] RIP: 0023:0xf7f98579
[  171.466106][ T8911] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  171.470758][ T8911] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  171.472801][ T8911] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c05064a7
[  171.474740][ T8911] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  171.476662][ T8911] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  171.478589][ T8911] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  171.480496][ T8911] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  171.482403][ T8911]  </TASK>
[  171.919003][ T8931] overlay: ./bus is not a directory
[  171.923275][ T8931] netlink: 'syz.0.722': attribute type 9 has an invalid length.
[  171.925330][ T8931] netlink: 244 bytes leftover after parsing attributes in process `syz.0.722'.
[  172.335783][ T8944] tmpfs: Unknown parameter './file0'
[  173.598286][ T8976] overlay: ./bus is not a directory
[  173.602170][ T8976] netlink: 'syz.3.732': attribute type 9 has an invalid length.
[  173.604289][ T8976] netlink: 244 bytes leftover after parsing attributes in process `syz.3.732'.
[  173.720572][   T39] kauditd_printk_skb: 34 callbacks suppressed
[  173.720582][   T39] audit: type=1326 audit(1733391944.038:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.732451][   T39] audit: type=1326 audit(1733391944.038:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.739344][   T39] audit: type=1326 audit(1733391944.048:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.746651][   T39] audit: type=1326 audit(1733391944.048:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.758580][   T39] audit: type=1326 audit(1733391944.048:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.765341][   T39] audit: type=1326 audit(1733391944.048:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.771184][   T39] audit: type=1326 audit(1733391944.048:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.776322][   T39] audit: type=1326 audit(1733391944.048:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.786850][   T39] audit: type=1326 audit(1733391944.048:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.792459][   T39] audit: type=1326 audit(1733391944.048:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8977 comm="syz.3.733" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  173.809273][ T8982] overlayfs: missing 'lowerdir'
[  174.283343][ T8989] netlink: 1268 bytes leftover after parsing attributes in process `syz.4.735'.
[  174.285771][ T8989] openvswitch: netlink: Missing key (keys=40, expected=100)
[  174.866856][   T56] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  175.027114][   T56] usb 9-1: Using ep0 maxpacket: 8
[  175.507488][   T56] usb 9-1: config 0 has no interfaces?
[  175.719278][   T56] usb 9-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  175.722518][   T56] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.725352][   T56] usb 9-1: Product: syz
[  175.736833][   T56] usb 9-1: Manufacturer: syz
[  175.738927][   T56] usb 9-1: SerialNumber: syz
[  175.747876][   T56] usb 9-1: config 0 descriptor??
[  175.819872][ T9015] overlay: ./bus is not a directory
[  175.822453][ T9015] overlay: ./bus is not a directory
[  175.826307][ T9015] netlink: 'syz.2.742': attribute type 9 has an invalid length.
[  175.828523][ T9015] netlink: 244 bytes leftover after parsing attributes in process `syz.2.742'.
[  176.419649][ T5997] usb 9-1: USB disconnect, device number 8
[  176.585915][ T9024] uprobe: syz.2.746:9024 failed to unregister, leaking uprobe
[  177.633996][ T9044] overlay: ./bus is not a directory
[  177.637470][ T9044] overlay: ./bus is not a directory
[  177.646029][ T9044] netlink: 'syz.0.752': attribute type 9 has an invalid length.
[  177.653023][ T9044] netlink: 244 bytes leftover after parsing attributes in process `syz.0.752'.
[  177.933446][ T9048] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  179.221101][ T9098] overlay: ./bus is not a directory
[  179.223754][ T9098] overlay: ./bus is not a directory
[  179.229078][ T9098] netlink: 'syz.2.762': attribute type 9 has an invalid length.
[  179.231177][ T9098] netlink: 244 bytes leftover after parsing attributes in process `syz.2.762'.
[  179.619004][ T9116] FAULT_INJECTION: forcing a failure.
[  179.619004][ T9116] name failslab, interval 1, probability 0, space 0, times 0
[  179.622673][ T9116] CPU: 3 UID: 0 PID: 9116 Comm: syz.4.768 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  179.625402][ T9116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  179.628318][ T9116] Call Trace:
[  179.629202][ T9116]  <TASK>
[  179.629993][ T9116]  dump_stack_lvl+0x16c/0x1f0
[  179.631271][ T9116]  should_fail_ex+0x497/0x5b0
[  179.632597][ T9116]  ? fs_reclaim_acquire+0xae/0x150
[  179.633968][ T9116]  should_failslab+0xc2/0x120
[  179.635219][ T9116]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  179.636637][ T9116]  ? __kernfs_new_node+0xd3/0x890
[  179.637976][ T9116]  __kernfs_new_node+0xd3/0x890
[  179.639250][ T9116]  ? hlock_class+0x4e/0x130
[  179.640457][ T9116]  ? __pfx___kernfs_new_node+0x10/0x10
[  179.641890][ T9116]  ? __pfx___lock_acquire+0x10/0x10
[  179.643272][ T9116]  kernfs_new_node+0x186/0x240
[  179.644537][ T9116]  ? lock_acquire.part.0+0x11b/0x380
[  179.645921][ T9116]  kernfs_create_dir_ns+0x4c/0x150
[  179.647322][ T9116]  sysfs_create_dir_ns+0x13b/0x2b0
[  179.648689][ T9116]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  179.650172][ T9116]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  179.651606][ T9116]  ? kobject_add_internal+0x12d/0x990
[  179.653027][ T9116]  ? do_raw_spin_unlock+0x172/0x230
[  179.654409][ T9116]  kobject_add_internal+0x2c8/0x990
[  179.655791][ T9116]  kobject_init_and_add+0x11c/0x190
[  179.657181][ T9116]  ? __pfx_kobject_init_and_add+0x10/0x10
[  179.658680][ T9116]  ? up_write+0x1b2/0x520
[  179.660171][ T9116]  sysfs_slab_add+0x18e/0x1e0
[  179.661424][ T9116]  do_kmem_cache_create+0x51c/0x720
[  179.662801][ T9116]  ? kstrdup+0x8b/0xb0
[  179.663913][ T9116]  __kmem_cache_create_args+0x231/0x390
[  179.665376][ T9116]  p9_client_create+0xe43/0x11a0
[  179.666689][ T9116]  ? __pfx_p9_client_create+0x10/0x10
[  179.668123][ T9116]  ? rcu_is_watching+0x12/0xc0
[  179.669397][ T9116]  ? __raw_spin_lock_init+0x3a/0x110
[  179.670824][ T9116]  v9fs_session_init+0x1f8/0x1a80
[  179.672288][ T9116]  ? __pfx_v9fs_session_init+0x10/0x10
[  179.674322][ T9116]  ? kasan_save_track+0x14/0x30
[  179.675986][ T9116]  v9fs_mount+0xc6/0xa30
[  179.677418][ T9116]  ? __pfx_v9fs_mount+0x10/0x10
[  179.679233][ T9116]  ? __pfx_v9fs_mount+0x10/0x10
[  179.681058][ T9116]  legacy_get_tree+0x109/0x220
[  179.682831][ T9116]  vfs_get_tree+0x8f/0x380
[  179.684460][ T9116]  path_mount+0x6e1/0x1f10
[  179.686122][ T9116]  ? kmem_cache_free+0x152/0x4c0
[  179.688005][ T9116]  ? __pfx_path_mount+0x10/0x10
[  179.689758][ T9116]  ? putname+0x13c/0x180
[  179.691271][ T9116]  __ia32_sys_mount+0x292/0x310
[  179.693140][ T9116]  ? __pfx___ia32_sys_mount+0x10/0x10
[  179.695052][ T9116]  __do_fast_syscall_32+0x73/0x120
[  179.696979][ T9116]  do_fast_syscall_32+0x32/0x80
[  179.698743][ T9116]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  179.701028][ T9116] RIP: 0023:0xf7f98579
[  179.702511][ T9116] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  179.709392][ T9116] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[  179.712373][ T9116] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000000
[  179.714550][ T9116] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 00000000200005c0
[  179.716633][ T9116] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  179.719308][ T9116] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  179.721989][ T9116] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  179.724695][ T9116]  </TASK>
[  179.728884][ T9116] kobject: kobject_add_internal failed for 9p-fcall-cache-27 (error: -12 parent: slab)
[  179.731525][ T9116] SLUB: Unable to add cache 9p-fcall-cache-27 to sysfs
[  179.797166][ T5997] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  179.880057][ T9125] overlay: ./bus is not a directory
[  179.883953][ T9125] netlink: 'syz.3.771': attribute type 9 has an invalid length.
[  179.885990][ T9125] netlink: 244 bytes leftover after parsing attributes in process `syz.3.771'.
[  179.925531][   T39] kauditd_printk_skb: 34 callbacks suppressed
[  179.925547][   T39] audit: type=1326 audit(1733391950.238:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.934759][   T39] audit: type=1326 audit(1733391950.238:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.940907][   T39] audit: type=1326 audit(1733391950.248:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.946393][   T39] audit: type=1326 audit(1733391950.248:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.952167][   T39] audit: type=1326 audit(1733391950.248:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.957752][ T5997] usb 5-1: Using ep0 maxpacket: 8
[  179.959476][   T39] audit: type=1326 audit(1733391950.258:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.965553][   T39] audit: type=1326 audit(1733391950.268:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.973044][ T5997] usb 5-1: config 0 has no interfaces?
[  179.974719][   T39] audit: type=1326 audit(1733391950.268:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.982931][   T39] audit: type=1326 audit(1733391950.278:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.988980][   T39] audit: type=1326 audit(1733391950.288:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9122 comm="syz.4.769" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  179.995019][ T5997] usb 5-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  179.997590][ T5997] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.999679][ T5997] usb 5-1: Product: syz
[  180.000793][ T5997] usb 5-1: Manufacturer: syz
[  180.002003][ T5997] usb 5-1: SerialNumber: syz
[  180.004216][ T5997] usb 5-1: config 0 descriptor??
[  180.209874][ T5997] usb 5-1: USB disconnect, device number 6
[  180.714679][ T9140] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  180.717217][ T9140] overlayfs: missing 'lowerdir'
[  180.894437][ T9158] overlay: ./bus is not a directory
[  180.908699][ T9158] netlink: 'syz.4.781': attribute type 9 has an invalid length.
[  180.911350][ T9158] netlink: 244 bytes leftover after parsing attributes in process `syz.4.781'.
[  181.492316][ T9179] FAULT_INJECTION: forcing a failure.
[  181.492316][ T9179] name failslab, interval 1, probability 0, space 0, times 0
[  181.495648][ T9179] CPU: 3 UID: 0 PID: 9179 Comm: syz.4.787 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  181.498348][ T9179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  181.501120][ T9179] Call Trace:
[  181.501982][ T9179]  <TASK>
[  181.502726][ T9179]  dump_stack_lvl+0x16c/0x1f0
[  181.503940][ T9179]  should_fail_ex+0x497/0x5b0
[  181.505177][ T9179]  should_failslab+0xc2/0x120
[  181.506410][ T9179]  __kmalloc_cache_noprof+0x68/0x420
[  181.507771][ T9179]  ? __sctp_v6_cmp_addr+0x206/0x530
[  181.509136][ T9179]  sctp_add_bind_addr+0x9d/0x3e0
[  181.510428][ T9179]  sctp_copy_local_addr_list+0x39e/0x5a0
[  181.511902][ T9179]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  181.513505][ T9179]  ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360
[  181.515058][ T9179]  ? sctp_bind_addr_copy+0xe0/0x530
[  181.516417][ T9179]  sctp_bind_addr_copy+0xe0/0x530
[  181.517725][ T9179]  sctp_connect_new_asoc+0x1d8/0x790
[  181.519108][ T9179]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  181.520632][ T9179]  ? mark_held_locks+0x9f/0xe0
[  181.521874][ T9179]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  181.523281][ T9179]  sctp_sendmsg+0x162a/0x1f10
[  181.524478][ T9179]  ? __pfx___lock_acquire+0x10/0x10
[  181.525787][ T9179]  ? __pfx_sctp_sendmsg+0x10/0x10
[  181.527104][ T9179]  ? __pfx_aa_sk_perm+0x10/0x10
[  181.528597][ T9179]  ? __pfx_sctp_sendmsg+0x10/0x10
[  181.529913][ T9179]  inet_sendmsg+0x119/0x140
[  181.531101][ T9179]  __sys_sendto+0x42a/0x4f0
[  181.532298][ T9179]  ? __pfx___sys_sendto+0x10/0x10
[  181.533574][ T9179]  ? ksys_write+0x1ba/0x250
[  181.534751][ T9179]  ? __pfx_ksys_write+0x10/0x10
[  181.536031][ T9179]  __ia32_sys_sendto+0xdd/0x1b0
[  181.537304][ T9179]  ? lockdep_hardirqs_on+0x7c/0x110
[  181.538655][ T9179]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  181.540366][ T9179]  __do_fast_syscall_32+0x73/0x120
[  181.541700][ T9179]  do_fast_syscall_32+0x32/0x80
[  181.542974][ T9179]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  181.544658][ T9179] RIP: 0023:0xf7f98579
[  181.545688][ T9179] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  181.550519][ T9179] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000171
[  181.552676][ T9179] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020847fff
[  181.554739][ T9179] RDX: 000000000000fee4 RSI: 0000000000000000 RDI: 000000002005ffe4
[  181.556782][ T9179] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  181.558756][ T9179] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  181.560729][ T9179] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  181.562741][ T9179]  </TASK>
[  181.706898][   T25] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  182.156895][   T25] usb 8-1: Using ep0 maxpacket: 8
[  182.160837][   T25] usb 8-1: config 0 has no interfaces?
[  182.163713][   T25] usb 8-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  182.166117][   T25] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.168935][   T25] usb 8-1: Product: syz
[  182.170095][   T25] usb 8-1: Manufacturer: syz
[  182.171337][   T25] usb 8-1: SerialNumber: syz
[  182.174956][   T25] usb 8-1: config 0 descriptor??
[  182.250516][ T9194] overlay: ./bus is not a directory
[  182.256294][ T9194] netlink: 'syz.2.791': attribute type 9 has an invalid length.
[  182.262194][ T9194] netlink: 244 bytes leftover after parsing attributes in process `syz.2.791'.
[  182.381019][ T5997] usb 8-1: USB disconnect, device number 6
[  183.297806][ T9224] overlayfs: missing 'lowerdir'
[  183.685432][ T9218] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  183.982198][ T9243] overlay: ./bus is not a directory
[  183.984177][ T9243] overlay: ./bus is not a directory
[  183.988424][ T9243] netlink: 'syz.0.805': attribute type 9 has an invalid length.
[  183.990488][ T9243] netlink: 244 bytes leftover after parsing attributes in process `syz.0.805'.
[  184.006854][ T5997] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  184.167061][ T5997] usb 8-1: Using ep0 maxpacket: 8
[  184.170672][ T5997] usb 8-1: config 0 has no interfaces?
[  184.173666][ T5997] usb 8-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  184.175966][ T5997] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.178378][ T5997] usb 8-1: Product: syz
[  184.179552][ T5997] usb 8-1: Manufacturer: syz
[  184.180778][ T5997] usb 8-1: SerialNumber: syz
[  184.187292][ T5997] usb 8-1: config 0 descriptor??
[  184.390946][   T25] usb 8-1: USB disconnect, device number 7
[  184.639281][ T9276] overlay: ./bus is not a directory
[  184.641910][ T9276] overlay: ./bus is not a directory
[  184.649183][ T9276] netlink: 'syz.4.815': attribute type 9 has an invalid length.
[  184.651771][ T9276] netlink: 244 bytes leftover after parsing attributes in process `syz.4.815'.
[  184.838176][ T9284] input: syz1 as /devices/virtual/input/input8
[  184.847669][ T9284] FAULT_INJECTION: forcing a failure.
[  184.847669][ T9284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.851110][ T9284] CPU: 1 UID: 0 PID: 9284 Comm: syz.4.818 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  184.854686][ T9284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  184.857509][ T9284] Call Trace:
[  184.858642][ T9284]  <TASK>
[  184.859671][ T9284]  dump_stack_lvl+0x16c/0x1f0
[  184.861231][ T9284]  should_fail_ex+0x497/0x5b0
[  184.862565][ T9284]  _copy_from_user+0x2e/0xd0
[  184.863806][ T9284]  input_event_from_user+0x22d/0x3b0
[  184.865224][ T9284]  ? __pfx_input_event_from_user+0x10/0x10
[  184.866874][ T9284]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  184.868471][ T9284]  ? input_event+0x8e/0xa0
[  184.869682][ T9284]  uinput_write+0xbb6/0x12b0
[  184.870902][ T9284]  ? __pfx_uinput_write+0x10/0x10
[  184.872254][ T9284]  ? bpf_lsm_file_permission+0x9/0x10
[  184.873663][ T9284]  ? security_file_permission+0x71/0x210
[  184.875150][ T9284]  ? __pfx_uinput_write+0x10/0x10
[  184.876491][ T9284]  vfs_write+0x24c/0x1150
[  184.877807][ T9284]  ? __fget_files+0x1fc/0x3a0
[  184.879101][ T9284]  ? __pfx_lock_release+0x10/0x10
[  184.880430][ T9284]  ? __pfx_vfs_write+0x10/0x10
[  184.881690][ T9284]  ? lock_acquire+0x2f/0xb0
[  184.882881][ T9284]  ? __fget_files+0x40/0x3a0
[  184.884133][ T9284]  ? __fget_files+0x206/0x3a0
[  184.885375][ T9284]  ksys_write+0x207/0x250
[  184.886517][ T9284]  ? __pfx_ksys_write+0x10/0x10
[  184.887812][ T9284]  __do_fast_syscall_32+0x73/0x120
[  184.889158][ T9284]  do_fast_syscall_32+0x32/0x80
[  184.890438][ T9284]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  184.892099][ T9284] RIP: 0023:0xf7f98579
[  184.893177][ T9284] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  184.898284][ T9284] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  184.900472][ T9284] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  184.902527][ T9284] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000000
[  184.904599][ T9284] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  184.906657][ T9284] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  184.908752][ T9284] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  184.910800][ T9284]  </TASK>
[  185.565723][ T9306] overlay: ./bus is not a directory
[  185.569522][ T9306] overlay: ./bus is not a directory
[  185.574496][ T9306] netlink: 'syz.4.824': attribute type 9 has an invalid length.
[  185.577156][ T9306] netlink: 244 bytes leftover after parsing attributes in process `syz.4.824'.
[  185.996935][   T25] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  186.146964][   T25] usb 7-1: Using ep0 maxpacket: 8
[  186.158256][   T25] usb 7-1: config 0 has no interfaces?
[  186.161984][   T25] usb 7-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  186.165102][   T25] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.170232][   T25] usb 7-1: Product: syz
[  186.171453][   T25] usb 7-1: Manufacturer: syz
[  186.173076][   T25] usb 7-1: SerialNumber: syz
[  186.176412][   T25] usb 7-1: config 0 descriptor??
[  186.754105][ T9335] overlay: ./bus is not a directory
[  186.756624][ T9335] overlay: ./bus is not a directory
[  186.771675][ T9335] netlink: 'syz.0.833': attribute type 9 has an invalid length.
[  186.773833][ T9335] netlink: 244 bytes leftover after parsing attributes in process `syz.0.833'.
[  187.802975][ T9362] tty tty26: ldisc open failed (-12), clearing slot 25
[  188.622422][ T9379] overlay: ./bus is not a directory
[  188.624431][ T9379] overlay: ./bus is not a directory
[  188.679740][ T9379] netlink: 'syz.4.844': attribute type 9 has an invalid length.
[  188.682653][ T9379] netlink: 244 bytes leftover after parsing attributes in process `syz.4.844'.
[  188.802071][ T5994] usb 7-1: USB disconnect, device number 7
[  188.847050][   T39] kauditd_printk_skb: 5 callbacks suppressed
[  188.847061][   T39] audit: type=1326 audit(1733391959.158:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  188.855459][   T39] audit: type=1326 audit(1733391959.158:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  188.864973][   T39] audit: type=1326 audit(1733391959.158:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  188.871450][   T39] audit: type=1326 audit(1733391959.158:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  188.878836][   T39] audit: type=1326 audit(1733391959.158:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  188.885619][   T39] audit: type=1326 audit(1733391959.168:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  188.891555][   T39] audit: type=1326 audit(1733391959.168:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  188.896989][   T39] audit: type=1326 audit(1733391959.168:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  188.903095][   T39] audit: type=1326 audit(1733391959.168:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  188.909405][   T39] audit: type=1326 audit(1733391959.168:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9382 comm="syz.4.845" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  189.856048][ T9405] overlay: filesystem on ./bus not supported as upperdir
[  189.861395][ T9405] FAULT_INJECTION: forcing a failure.
[  189.861395][ T9405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.866504][ T9405] CPU: 0 UID: 0 PID: 9405 Comm: syz.2.850 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  189.870218][ T9405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  189.873960][ T9405] Call Trace:
[  189.875045][ T9405]  <TASK>
[  189.875901][ T9405]  dump_stack_lvl+0x16c/0x1f0
[  189.877129][ T9405]  should_fail_ex+0x497/0x5b0
[  189.878360][ T9405]  _copy_to_user+0x32/0xd0
[  189.879540][ T9405]  simple_read_from_buffer+0xd0/0x160
[  189.880924][ T9405]  proc_fail_nth_read+0x198/0x270
[  189.882235][ T9405]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.883691][ T9405]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.885122][ T9405]  vfs_read+0x1df/0xbe0
[  189.886432][ T9405]  ? __fget_files+0x1fc/0x3a0
[  189.887689][ T9405]  ? __pfx___mutex_lock+0x10/0x10
[  189.889003][ T9405]  ? __pfx_vfs_read+0x10/0x10
[  189.890236][ T9405]  ? __fget_files+0x206/0x3a0
[  189.891471][ T9405]  ksys_read+0x12b/0x250
[  189.892586][ T9405]  ? __pfx_ksys_read+0x10/0x10
[  189.893852][ T9405]  __do_fast_syscall_32+0x73/0x120
[  189.895190][ T9405]  do_fast_syscall_32+0x32/0x80
[  189.896784][ T9405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  189.899074][ T9405] RIP: 0023:0xf7f13579
[  189.900547][ T9405] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  189.906660][ T9405] RSP: 002b:00000000f50965b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  189.909515][ T9405] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5096620
[  189.912302][ T9405] RDX: 000000000000000f RSI: 00000000f739fff4 RDI: 0000000000000000
[  189.915113][ T9405] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  189.917862][ T9405] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  189.920290][ T9405] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  189.923105][ T9405]  </TASK>
[  190.001993][ T9414] overlay: ./bus is not a directory
[  190.004094][ T9414] overlay: ./bus is not a directory
[  190.020068][ T9414] netlink: 'syz.2.853': attribute type 9 has an invalid length.
[  190.022070][ T9414] netlink: 244 bytes leftover after parsing attributes in process `syz.2.853'.
[  192.235878][ T9461] overlay: ./bus is not a directory
[  192.254645][ T9461] overlay: ./bus is not a directory
[  192.261997][ T9461] netlink: 'syz.2.864': attribute type 9 has an invalid length.
[  192.264231][ T9461] netlink: 244 bytes leftover after parsing attributes in process `syz.2.864'.
[  192.688988][ T9469] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  193.153647][ T9458] ==================================================================
[  193.156092][ T9458] BUG: KASAN: vmalloc-out-of-bounds in push_insn_history+0x615/0x690
[  193.158570][ T9458] Write of size 4 at addr ffffc90002d9e010 by task syz.3.863/9458
[  193.161246][ T9458] 
[  193.162399][ T9458] CPU: 2 UID: 0 PID: 9458 Comm: syz.3.863 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  193.165424][ T9458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.168296][ T9458] Call Trace:
[  193.169180][ T9458]  <TASK>
[  193.169954][ T9458]  dump_stack_lvl+0x116/0x1f0
[  193.171260][ T9458]  print_report+0xc3/0x620
[  193.172457][ T9458]  ? __virt_addr_valid+0x5e/0x590
[  193.173781][ T9458]  kasan_report+0xd9/0x110
[  193.175021][ T9458]  ? push_insn_history+0x615/0x690
[  193.176535][ T9458]  ? push_insn_history+0x615/0x690
[  193.177988][ T9458]  push_insn_history+0x615/0x690
[  193.179296][ T9458]  do_check_common+0xb78/0xd540
[  193.180567][ T9458]  ? lockdep_hardirqs_on+0x7c/0x110
[  193.181980][ T9458]  ? __pfx_do_check_common+0x10/0x10
[  193.183370][ T9458]  ? kvfree+0x47/0x50
[  193.184413][ T9458]  ? check_cfg+0x403/0x840
[  193.185646][ T9458]  bpf_check+0x77c2/0xc9b0
[  193.186835][ T9458]  ? hlock_class+0x4e/0x130
[  193.188033][ T9458]  ? __pfx_bpf_check+0x10/0x10
[  193.189364][ T9458]  ? find_held_lock+0x2d/0x110
[  193.190615][ T9458]  ? bpf_prog_load+0xd45/0x2670
[  193.191898][ T9458]  ? __pfx_lock_release+0x10/0x10
[  193.193207][ T9458]  ? trace_lock_acquire+0x14e/0x1f0
[  193.194573][ T9458]  ? bpf_prog_load+0xd45/0x2670
[  193.195854][ T9458]  ? lockdep_hardirqs_on+0x7c/0x110
[  193.197403][ T9458]  ? read_tsc+0x9/0x20
[  193.198525][ T9458]  ? ktime_get_with_offset+0x20f/0x3a0
[  193.200136][ T9458]  ? bpf_obj_name_cpy+0x156/0x1b0
[  193.201557][ T9458]  bpf_prog_load+0xe3f/0x2670
[  193.202853][ T9458]  ? __pfx_bpf_prog_load+0x10/0x10
[  193.204211][ T9458]  ? find_held_lock+0x2d/0x110
[  193.205524][ T9458]  ? __might_fault+0x13b/0x190
[  193.206798][ T9458]  ? __might_fault+0xe3/0x190
[  193.208040][ T9458]  __sys_bpf+0x5677/0x57a0
[  193.209274][ T9458]  ? __pfx_futex_wake+0x10/0x10
[  193.210534][ T9458]  ? finish_task_switch.isra.0+0x217/0xcc0
[  193.212088][ T9458]  ? __pfx___sys_bpf+0x10/0x10
[  193.213330][ T9458]  ? __schedule+0xe60/0x5ad0
[  193.214627][ T9458]  ? do_futex+0x123/0x350
[  193.215784][ T9458]  ? __pfx_do_futex+0x10/0x10
[  193.217339][ T9458]  ? xfd_validate_state+0x5d/0x180
[  193.218784][ T9458]  ? rcu_is_watching+0x12/0xc0
[  193.220119][ T9458]  __ia32_sys_bpf+0x76/0xe0
[  193.221297][ T9458]  __do_fast_syscall_32+0x73/0x120
[  193.222622][ T9458]  do_fast_syscall_32+0x32/0x80
[  193.223902][ T9458]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.225607][ T9458] RIP: 0023:0xf7f31579
[  193.226704][ T9458] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  193.231755][ T9458] RSP: 002b:00000000f509557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  193.233917][ T9458] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0
[  193.236059][ T9458] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  193.238072][ T9458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  193.240237][ T9458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  193.242269][ T9458] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  193.244384][ T9458]  </TASK>
[  193.245189][ T9458] 
[  193.245822][ T9458] The buggy address belongs to the virtual mapping at
[  193.245822][ T9458]  [ffffc90002d7e000, ffffc90002da0000) created by:
[  193.245822][ T9458]  kvrealloc_noprof+0xfc/0x150
[  193.250468][ T9458] 
[  193.251098][ T9458] The buggy address belongs to the physical page:
[  193.252762][ T9458] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x67 pfn:0x7117a
[  193.255118][ T9458] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  193.257228][ T9458] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  193.259588][ T9458] raw: 0000000000000067 0000000000000000 00000001ffffffff 0000000000000000
[  193.261790][ T9458] page dumped because: kasan: bad access detected
[  193.263479][ T9458] page_owner tracks the page as allocated
[  193.264951][ T9458] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 9458, tgid 9456 (syz.3.863), ts 193153569006, free_ts 193017022971
[  193.269371][ T9458]  post_alloc_hook+0x2d1/0x350
[  193.270614][ T9458]  get_page_from_freelist+0xfce/0x2f80
[  193.272029][ T9458]  __alloc_pages_noprof+0x6a6/0x25b0
[  193.273411][ T9458]  alloc_pages_mpol_noprof+0x2c9/0x610
[  193.274854][ T9458]  __vmalloc_node_range_noprof+0x724/0x1530
[  193.276633][ T9458]  __kvmalloc_node_noprof+0x14f/0x1a0
[  193.278381][ T9458]  kvrealloc_noprof+0xfc/0x150
[  193.279646][ T9458]  push_insn_history+0x2ac/0x690
[  193.280946][ T9458]  do_check_common+0xb78/0xd540
[  193.282273][ T9458]  bpf_check+0x77c2/0xc9b0
[  193.283560][ T9458]  bpf_prog_load+0xe3f/0x2670
[  193.284810][ T9458]  __sys_bpf+0x5677/0x57a0
[  193.285985][ T9458]  __ia32_sys_bpf+0x76/0xe0
[  193.287309][ T9458]  __do_fast_syscall_32+0x73/0x120
[  193.288634][ T9458]  do_fast_syscall_32+0x32/0x80
[  193.289938][ T9458]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.291623][ T9458] page last free pid 9481 tgid 9481 stack trace:
[  193.293330][ T9458]  free_unref_page+0x661/0x1080
[  193.294634][ T9458]  __folio_put+0x32a/0x450
[  193.295961][ T9458]  free_page_and_swap_cache+0x249/0x2c0
[  193.297429][ T9458]  tlb_remove_table_rcu+0x89/0xe0
[  193.298725][ T9458]  rcu_core+0x79d/0x14d0
[  193.299826][ T9458]  handle_softirqs+0x213/0x8f0
[  193.301286][ T9458]  __irq_exit_rcu+0x109/0x170
[  193.302504][ T9458]  irq_exit_rcu+0x9/0x30
[  193.303628][ T9458]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  193.305151][ T9458]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  193.307035][ T9458] 
[  193.307717][ T9458] Memory state around the buggy address:
[  193.309233][ T9458]  ffffc90002d9df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  193.311295][ T9458]  ffffc90002d9df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  193.313432][ T9458] >ffffc90002d9e000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  193.315650][ T9458]                          ^
[  193.316875][ T9458]  ffffc90002d9e080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  193.319011][ T9458]  ffffc90002d9e100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  193.321110][ T9458] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  193.364108][ T9458] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  193.366070][ T9458] CPU: 2 UID: 0 PID: 9458 Comm: syz.3.863 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  193.368878][ T9458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.371640][ T9458] Call Trace:
[  193.372516][ T9458]  <TASK>
[  193.373317][ T9458]  dump_stack_lvl+0x3d/0x1f0
[  193.374596][ T9458]  panic+0x71d/0x800
[  193.375644][ T9458]  ? __pfx_panic+0x10/0x10
[  193.377057][ T9458]  ? preempt_schedule_thunk+0x1a/0x30
[  193.378475][ T9458]  ? preempt_schedule_common+0x44/0xc0
[  193.379916][ T9458]  check_panic_on_warn+0xab/0xb0
[  193.381199][ T9458]  end_report+0x117/0x180
[  193.382319][ T9458]  kasan_report+0xe9/0x110
[  193.383490][ T9458]  ? push_insn_history+0x615/0x690
[  193.384888][ T9458]  ? push_insn_history+0x615/0x690
[  193.386242][ T9458]  push_insn_history+0x615/0x690
[  193.387539][ T9458]  do_check_common+0xb78/0xd540
[  193.388818][ T9458]  ? lockdep_hardirqs_on+0x7c/0x110
[  193.390175][ T9458]  ? __pfx_do_check_common+0x10/0x10
[  193.391574][ T9458]  ? kvfree+0x47/0x50
[  193.392619][ T9458]  ? check_cfg+0x403/0x840
[  193.393823][ T9458]  bpf_check+0x77c2/0xc9b0
[  193.394993][ T9458]  ? hlock_class+0x4e/0x130
[  193.396296][ T9458]  ? __pfx_bpf_check+0x10/0x10
[  193.397716][ T9458]  ? find_held_lock+0x2d/0x110
[  193.398971][ T9458]  ? bpf_prog_load+0xd45/0x2670
[  193.400239][ T9458]  ? __pfx_lock_release+0x10/0x10
[  193.401648][ T9458]  ? trace_lock_acquire+0x14e/0x1f0
[  193.402998][ T9458]  ? bpf_prog_load+0xd45/0x2670
[  193.404276][ T9458]  ? lockdep_hardirqs_on+0x7c/0x110
[  193.405698][ T9458]  ? read_tsc+0x9/0x20
[  193.406797][ T9458]  ? ktime_get_with_offset+0x20f/0x3a0
[  193.408253][ T9458]  ? bpf_obj_name_cpy+0x156/0x1b0
[  193.409637][ T9458]  bpf_prog_load+0xe3f/0x2670
[  193.410880][ T9458]  ? __pfx_bpf_prog_load+0x10/0x10
[  193.412229][ T9458]  ? find_held_lock+0x2d/0x110
[  193.413471][ T9458]  ? __might_fault+0x13b/0x190
[  193.414738][ T9458]  ? __might_fault+0xe3/0x190
[  193.416001][ T9458]  __sys_bpf+0x5677/0x57a0
[  193.417392][ T9458]  ? __pfx_futex_wake+0x10/0x10
[  193.418721][ T9458]  ? finish_task_switch.isra.0+0x217/0xcc0
[  193.420242][ T9458]  ? __pfx___sys_bpf+0x10/0x10
[  193.421476][ T9458]  ? __schedule+0xe60/0x5ad0
[  193.422673][ T9458]  ? do_futex+0x123/0x350
[  193.423810][ T9458]  ? __pfx_do_futex+0x10/0x10
[  193.425040][ T9458]  ? xfd_validate_state+0x5d/0x180
[  193.426468][ T9458]  ? rcu_is_watching+0x12/0xc0
[  193.427738][ T9458]  __ia32_sys_bpf+0x76/0xe0
[  193.428917][ T9458]  __do_fast_syscall_32+0x73/0x120
[  193.430331][ T9458]  do_fast_syscall_32+0x32/0x80
[  193.431619][ T9458]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.433276][ T9458] RIP: 0023:0xf7f31579
[  193.434369][ T9458] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  193.439522][ T9458] RSP: 002b:00000000f509557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  193.441577][ T9458] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0
[  193.443596][ T9458] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  193.445597][ T9458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  193.447684][ T9458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  193.449598][ T9458] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  193.451609][ T9458]  </TASK>
[  193.452994][ T9458] Kernel Offset: disabled
[  193.454155][ T9458] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:46:03  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000001 RBX=ffff88802b43ed00 RCX=0000000000000100 RDX=0000000000000001
RSI=0000000000000004 RDI=ffff88802b43ed02 RBP=dffffc0000000000 RSP=ffffc90000007c68
R8 =0000000000000001 R9 =ffffed1005687da0 R10=ffff88802b43ed03 R11=0000000000000002
R12=0000000000000000 R13=0000000000007f92 R14=ffff88802b43fc40 R15=ffffed1005687da0
RIP=ffffffff8b1d4e35 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c281dfa CR3=000000005ff84000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000bbc713 RBX=0000000000000001 RCX=ffffffff8b1ab889 RDX=0000000000000000
RSI=ffffffff8b4cd0e0 RDI=ffffffff8bb13700 RBP=ffffed1003a52910 RSP=ffffc9000047fe08
R8 =0000000000000001 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801d294880 R14=ffffffff901cb190 R15=0000000000000000
RIP=ffffffff8b1acc6f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020029000 CR3=000000005ff84000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85153210 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc9000e2cefa0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000035343954
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34cd0aa R15=dffffc0000000000
RIP=ffffffff85153237 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020001ec0 CR3=000000004f6e2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffffea00014f55c8 RCX=ffffffff81d6a349 RDX=ffff88801f914880
RSI=ffffffff81d6a3e7 RDI=0000000000000001 RBP=ffffea00014f55c0 RSP=ffffc900012af240
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffffc900012af690 R13=dffffc0000000000 R14=0000000000000000 R15=ffffea00014f55d0
RIP=ffffffff819940c1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fde2ddf3440 CR3=000000006f8e6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000