last executing test programs:

20m26.45522657s ago: executing program 0 (id=14):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYBLOB="da2261875f58323cf5704ca92bdcc7e39a892ad9ce2e9482b397d74faa777043c79850203e844203a9e2442046"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f00000001c0))
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000580)=0x1, 0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0xfffffffe, @loopback}, {0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xfffffffd}, 0xffffffffffffffff, 0x3}}, 0x48)
r7 = msgget$private(0x0, 0x40)
msgsnd(r7, &(0x7f0000000c00)={0x2, "bc4b8e9205e5a1fc718b4242d0cee1aba4c45b4d09ec9e5174720367727d241d3c9e9481aabaf0ffda76010987d825835d18172fcb0a57f7cfedc8da12060d51c13d5621d1773978e007a882cfd0e193aa70ac56d0e514a16465c0f15987b653d4b3df0448fd75ca0896220d4afa4494e597e51ce08b127651adb7aa73d1b1bb002a89385e961de587ed88e5d7ed5ddee8d97aa0105455870c7ac68ecf9f7ab9f9c13dd9e7c68bc39f36e31f57e797379b4489bf18e081673785747fe5d33d03cb68f65d0ed253b5aba5e36f5622cf8741d61ad94cbe3070cc2cb2f074d6a9e8b75b5a7419688c392e38c4af4dbdc2d891c229b68fce51673d8a33b3fd11d5e052eacaebeedfe18832c12949337ddcac62aac8f23946cb5495872dd5d6a4afd2419d633c8f84c8fe36bb840bee450a3560cb5239f4891b3637f53934d1c7a110830bf9252866764cfc419ba83ded90b290606c35c5a978f5cc6c567cf3175f4ec5b030dc378086c9599546298b3b0a86b0dfd11a3fc09637e0f7c37915cffa3ec30efeb0334c5bf584f22e3b017398c15cea3126eb456ef0c846b7898b872b5d15f15babb40ad2d4d87fc38a60505a2b25d5bc3ff69459d999d0a01fc133f51b9d304bc4d4761d4147b52ae510dc02078144ddc5586b26ee1a73407b74a519f1ff6de8ef2fee304bbc1573a393b4f4a1786da19f8dc6edd742538864af783880d08022cd92bcd14252fe69baad91f067179f00270161c0ffc9224d5f63be70c621deb369d5224003126244e6906e7f9b9faebc0dd0d445cf0985656cbb9e1c41f2ae144324fd4009ea35c98d7b8ffb4acb41ddc01038930cc57283614688b54cfd1ef2711b67a5ea800eaf264bd4c2041320fd3ac8d5d2fa3c5cfdb8a7af59462544617cd530bf71aee2004b523b525856da3dc9bb8b432be24dcd40420ec45afeb30b039e24be4ef771c986596d1ad6cec1482b91c8ab363a99701d1117a42edf04d9053c6b5e6170bbddea1a06c7dab2834d2b50e6ed6feffe609db7c19802310a7d3c5b7551aedba3581768d18402ca790df84384753dc683a443430d6ded62b646886619898c0e2572e04b47afd3c45a3f3aae142409c7c67d4e8dea95bcd00efd0ef954176ba4ad91a3823246b29d3cb8002805920d30c453b9bd395636f6fa23d5765d0d7407cd34b22a7d76ad031c64a31276647d931ee8c69e506f4d35952ccca0f2c1c5cdefbcb7de223518f7c6112cb8e7bc3b71aee485cbfaa704a2765d8dbf90d409b6c068ebfeb1e5ba11787e5505f066f667e716d113f34bd66350ff663031d7406c7ef50b2ed2c054bb6ae8d1ad17198abb4eeebc9db9bcdf86ff9d80ac179205cc80c2fc581c9e540db11f19c5d3a33f583434f3b915448be9b1338177abdc71611d3961105082f5ec63316882c9651af4932ce49e942f99f42625c20216594ebc890d04939d3992c31ff53d1dbff2225cae45341341624d040f1e14b0cb566bbff1ac8d2b8ff21600add3557a1f4232dee42806499c23451f852be7ee59514f23a367e66db1dbcfa39899b09c633550c79032e42a62fe472d26eaf660e4b8b77cfcd896578fb887ed35bc2d2e60f18ae81a4e1f754fe956f6ab2fe74ff8ebce9eb69474f34a9646b25e842d610460de8f1b2d23891af3d86826bba35245f9512c307491610e3e17174111109fc33d9db3f0e03b93e31fbe73aedb043953019a996a74399060bdcf00843a66567f12ce62c9396aacb263c3996e2df44985445121597f862e0c6d9b66267aef0cbbd7bfbf2f5d7b70d5ab81a8f867d08d40185d8bbd198652b96afe5b3d52b78bae4d94e72da61f1c38cc18979c2532a87c2063dd3a985f3ada1c15d0513a6ffb9e3b45691f8f644fc49224217eea2ecacbce1ed537fc91d7cd9feebf2d7d6e6c649618d2c7e6abf4db9f3e85ea21ffc926ef437539707d2bda36c2a16d60980a84ee807df94b6680ec4b8895ea44b68146cb963879bed151bb018693afab58ede1061b93f16f51ae4a818d41d534fa8b6e7868abc4cd58a100c7f7f4cdc9ce19b7c38c6f15f613e2d05c73ad440eb10260880b8d6fa7bf5dc8fc168585da93ecf68f73487df03f3438655f455d11f9f72a89c88fcab4371c926c743b18c332e4b07cab38372a927a7ae2d1eb668dab20e4fb433db43a8b4e302a66eb91ca14e7a7cbd4ab797ab73f0e99f1fef9bdfecf1db31914a929ff3bba8dd9c9b6b6ea054bbb7997122d52757e6605c604d2b21ad70f9d62a381a0b4d2b97f8753e66df830e5c2b1021b9b2607679314e4ef7f85c6b253a1e0cc7a492d6e625d7b273ebebc484bf1bb6d83bf8e283ad1c081116461f0ad722a8776f673034c36693fbed6c478a97b617f076d7500210bbe969ab13e312abefad8dd028a192525da85d05dc0bf3ff8dda9f8ba9f48f41ddec32ab3d26e3f8948ab4ea29a5849a96a713d11f4eb7126db8e1c0e471ff3c1b46c298cd7c42d29dcf2e48aca7f17bdca8b73fd580818e3bcee3e510f6ad49af7bb1678de01a9dbacc98ba0b891fa13fc772c6e5d82ae341defce6f6def9e14c7950467e941643e20b30a18fcdd99763860137ee1ec15e24d14d6b19e7e2748f6aa0070499dddd216985c5fe219cc2c41f3de6df196ceccc01ff1765f536278ef2374ad118e7180cb886e549106c2d0669c7b2ed25a998148ffe8b2154505fe82add0bbdf1f26868a1ba85edba3f88b0b2f7caf9fa65acc018ed73a899724ca21980a8aa4e34ee077f257d50c63bf4f892d03ff475704f1a4a6cdb8a1c89f0f47da4ff64c033479695bd5d3f061e9617e77ceafa152ec39d4ae2c3bed23ee33ed20f383dc8a23ebe4ace0d710cdb2a26d0d590b93f2571f992ea12e0b57c0edf1c417e276c0b4dcb115903f18065ea164c6d5ce3b6a71bed1bfab5cfc2c3e3e21ad798cf7680f1ddbdc4d966b837423ef5a82faf65c89e22e60e7437d5c23f78831583d07aa7be0978530681e13ba3f0c298fb0ecf4d515fda912d641b40532b9ec14c26935d483064c6d22a0c63ff342030a1b79e53aeafb83c87ced8204bc8e656b99e2eb6f43aa483ba340ef0fbbb56db31c7658b738b4dc9026c4e16afd5ebe4a53bf3c08fd4ea243a9f4081f78b18e913b6f669550fc12195f3da077a43f09b2c9b19bf9e4be1feffa2604261b3786990c3f98f5f0e7ed1b63fb2b33a9e38fdb2f9f4ec417c04ba59f3e3a595773acf6b8fc8605846bec1a55d832d9713807be983dbdb152f876312c48317d9b73c221d7a1b6b99286a9cf2f870d243d658f79a83d7bf4b9691f6246b546d6a8b05ebe6e77688eeaacf8eb94b65e44299019e759be248666d513eab1c2951aed83fb2fb0461f8d38cfd6d63fd2f3aeb2fb23a26db296d082df894acb683cc701a9e55a7144186af172d4bbda113fda0689466bf45cdd245a9d059bc55a87f83c1ca1e34d85f7cebd5781fada2167380666b5defcb9542bcdd1103b7240900dacf13c2b3cea8e08c81c3f18a3fd56800e9b253ba2c9e1e760d96a67aa650071dd40ba3785234b1c41e4a6d204402b03a9c80841782c661e7f0b8f4bf606f4b63fd8603e7ad5f91bc6a598862e3763047aef7e369a9c4a677d77c2c226b89781639e3c0706ef41af55f9c52ed3f4e841c475c2b86edbd63022ee5b7cc091716fa2b4343e1afb29b4c967955a5069a37ac4c9a3e29bf99a5373978cd0fc626900b236ea257a4b16441f947741f60982820cb29bdea670fbfc3f4d5f16ee4631941378d0f1ded82354a1428ae547f7a77ae9af237252da533546cec06b275d8663ca610b406250e6c053bb854918217e7f816e74dfeaf701d8664287e918eddba64430f666cbf18f692877e3e77d2645c3c69905ff9571be110f148962b9693c4ac312a640b58703cbe2e3a2e7552d6abcff42ab531971928fc78a204912f34fe7b8177b24b8d1e39ed25b9bb610d871f114fd22b3fdb7def76969e9427b3656dbb50880b9a601319b64909022ffc7303bc06c5105b9a1e8266d75e8c055d71b03784a0fcff806d0c6171009be78ebc41a52319063dd69bf4075140c35998ac3faed70bf5cde22fe1fbe60b1e2a82f3cda39baf5836238fd693c96c6a38928861df5ced3727f5c2a8d82e81d8f9efc6a6ffaa2f2792e59cddcbdc1a4d19a8dcd502a486e92eaba693ee23eb9542285a2aff3e34864ff87d74c9566a5370bad3c6b037c9d25250a8539a73c18c7bc0b9c8ea168d2641861c11148b1c1af50b9ee476dacf37644addbb084e3d06474f84442d3097e9a9d92ac5e69e87f6741dd26a7d9a026f9d8113f50e74884fa6b792b564e6ef578de0cfcb170e3970df6a1e51de351285e9e8bc0a713a9818c3fd1b76576db44238287e99175cef73a88ff380e7c7ba4d62905be2a0b1347ed0181dac4cc808b87fb5e254fd1a75c00c56ca203f3b2700a39d78586e60d9b3b6cfc8f3dea6ba759f829897c968122d89a40b09f7976c1fb73a4e7536202c4999871694b93b887414e568c4d7cde65de210f6b0d232ee00d74580d9644531cf43b3d079119ce2a098b850ddcd66e0fb6b78b8655e5de08c3b016cbf7e10da79c408d2f481e9e5b43952006c4870752070deda0af07725ab03c3cb56353d39708a6f734d8f6901f465198e3217e444ff7c2fa5b0ea3df4ae1eb8353ff19ee319789bf5ca7154e8010f0daeaa5926e329de8471f708645d4c0696d76242854cb15343c64acb6e851bed05d9dcfbc9d0b3bf67c1c7a781d1bf9ab8653cc7517b64c67f3bc385128cebd47bc9485b42c5d59e1516992dc48a54359dffdf8ab6c5d6cd8365eb70116666dc218ceeeefd04f1671c3d844466b254d5a29c5ed0c26a4229fcb7c710cca7b7a9d5bca54c84bc21a71b375e295a2877f481e1ca45d859cdecae62abe3eb392be77339982ab5189b67ffe38f502d82a092b8aa4cc3d8750b8e5f366c00fda616bfbae7f088da8b031c4c7ab2517f111dba0c0ae89ada596f003785d9b52f9eb890a09197325f8a5319574475e2064220900bad7c5603899717d65a94ff2ec444968c3d0e865bf253d45c52b6023b273a51a751492e2aa36eea984d5c1d958a9ed212b7ebfd6ea031bcf2383d159aa5f956bac0d21b38c0180333abfef84f7b7b88c57e4bdb4f47ef82a8d9a95d97721a7cf860c7bce3926c8d20da7b701d1c0835056906ddb427a530ebe5441092a7405f982bfe198715c8ee829294f1f8b8ea7d543bb3bbc03612c21d7d9f8ecb0a0a47f5b86d6670f38c39b4b784163212a83dd6d6eee4bb986624a6de91d70aebecc95fcba8090468cf6b30e3c2361a9312233b5063a4d605febf89693df36d0d6d40fe201e20a524148a32e123fdd9e335f312d0d2a671284b7006e8580ca33075fe117a05dc741ede06f9d06602c4b6dae8e0e97ad3370ef50fc03ba8f2dfbaff56034bab2f50c5b66ca750d49fe7ff609c6213a9c9934b243dc4a34dc333309e529d78ed2936df2aa1203fb796278f0b02e4ece8b650283c37a8f4963cfced8a33cdf56fdace68c08b78635afe459881181b92c9eea00d60f0ff27d2dfcd5912af0c67bb9c1a758af8f726a0a2a5ae8456296527b7fa4ac530b04a3a26c3b85392d290f31537250c91fde102b20bb6ee76014e13b02c568191404de548908648462da65195aa8265f98a924eb33d71c81e464ebaa50df5dfeb98b53828e86f78c4cf9a21261f182feb774089faab24b7430da36c92dcd6cb2fc1810a7e1641e7b7e4ed26ab004f14f9d2a2cc4"}, 0x1004, 0x800)
getsockopt$sock_int(r0, 0x1, 0x12, 0x0, &(0x7f0000000200))

20m24.080217742s ago: executing program 0 (id=22):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='smaps\x00')
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001680)=ANY=[@ANYRES32=r0, @ANYRES32=0x0, @ANYRES8=r0, @ANYRES64=r1, @ANYRES32=0x0, @ANYBLOB="9c000000"], 0x144}}, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000100))
madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3011, 0x17)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file0\x00', 0xa)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r2, &(0x7f0000000080)='./file0/file0\x00', r2, &(0x7f0000000300)='./file0/../file0\x00', 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x80700a, 0x0)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb)
r3 = userfaultfd(0x0)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_WRITEPROTECT(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000c80)={&(0x7f0000000980)=@id={0x1e, 0x3, 0x0, {0x10}}, 0x10, 0x0}, 0x20008080)
r5 = fcntl$dupfd(r3, 0x0, r3)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.kill\x00', 0x275a, 0x0)
write$UHID_INPUT(r6, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000001, 0x10012, r6, 0x0)
r7 = socket(0x1e, 0x1, 0x0)
connect$tipc(r7, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}}}, 0x10)
ioctl$UFFDIO_CONTINUE(r5, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1})

20m24.008287599s ago: executing program 0 (id=23):
pipe2(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
ioctl$int_in(r1, 0x5452, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000240), 0xffffffff, 0x400000)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/xfrm_stat\x00')
preadv(r3, &(0x7f0000000040)=[{&(0x7f00000006c0)=""/144, 0x90}], 0x1, 0xffff, 0x6)
r4 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J]\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3%\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1o\xb8\x8f]\x14\x1d\x00\x00\x00\x00\x00', 0x1)
ioctl$LOOP_CLR_FD(r2, 0x4c01)
write(r2, &(0x7f00000004c0)='I', 0x1)
unshare(0x68040200)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = socket$xdp(0x2c, 0x3, 0x0)
sendmsg$xdp(r7, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, 0x20004080)
connect$pppl2tp(r5, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
getsockopt$bt_BT_SECURITY(r5, 0x111, 0x3, 0x0, 0x20000000)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0xc00, 0x0)
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r0, 0x8914, 0x0)
mq_open(&(0x7f0000000200)=':\xc2\xf4', 0x0, 0x0, 0x0)
write$tun(r8, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r1, @ANYBLOB="e535169f0041d3ee7a2a25332ebf93b05b77b60893dafc37ec45605c63a8bb64566a05065d9ba66a9a8739397dce8ade4a21cff6599502618f8adc", @ANYRESDEC, @ANYBLOB="def9ad7bce7594bb6d1a4030b59a39070a9c760935169674e8f107860032e9c51456c8e0b26c4fa713f1f3a265608b73c8a982a7641ea9273872352490db580b1620a895976dd76e783eb9e06caecda1fcd72fb676ea73e676a2f8471f04161abfa5c5feb7a1aba82f44d127c874d0709257f4cc91912943cff0bec6f8397d61da947a6d0e3dd021a11e1237d068aa3a6ada4742ae33ab8bfeba02648e203597ee3c32b36d53f28a14c99bb2fe6fa01c10c853efcde5d75168c9ab4b1bccadb220eae7c3b4d13072b81ce72cb09723f17ee1a50ca15e811eb5", @ANYRES32=r4, @ANYRES16=r9], 0x4f)
socket$inet6_udplite(0xa, 0x2, 0x88)
setrlimit(0x8, &(0x7f0000000000))
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
r10 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r10, 0x0, 0x0)
getsockopt$inet6_mptcp_buf(r10, 0x11c, 0x4, &(0x7f0000000000)=""/136, &(0x7f00000000c0)=0x88)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r10, 0x891c, &(0x7f0000000100)={'vlan0\x00', {0x2, 0x4e22, @multicast1}})
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000001680)=@raw={'raw\x00', 0x3c1, 0x3, 0x2dc, 0x0, 0x111, 0x4b4, 0xec, 0xd4feffff, 0x214, 0x202, 0x225, 0x214, 0x278, 0x3, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0xfc}, @empty, [], [], 'veth1_vlan\x00', 'team_slave_0\x00'}, 0x0, 0xa4, 0xec}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x81, 'syz1\x00'}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, [], [0x0, 0xffffffff], 'veth1_to_hsr\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x128, 0x0, {}, [@common=@unspec=@limit={{0x3c}, {0x0, 0x8000000}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xa, 'syz1\x00', {0x7f}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x338)

20m23.94610337s ago: executing program 0 (id=25):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0x10, 0x0, 0x8, 0x6, 0x0, 0x0, 0x0, 0x0, 0x9, 0x10}, {0xeeee0000, 0xeeee0000, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x7, 0x80}, {0x2000, 0x5000, 0xc, 0x0, 0x7, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x10000, 0x1, 0x9, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x38}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4, 0x4}, {0x0, 0x0, 0xe, 0xfd}, {0x8000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26}, {0x80a0000}, {0x6000}, 0xddf8ffdb, 0x0, 0x0, 0x1401b2, 0x4, 0xf801, 0x8080000, [0x200000, 0x0, 0x1]})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000440)=ANY=[@ANYBLOB="030000000000000000000000010000aa896476903b7587000100000000000000030000000000000000000000000000000100004004000000002000000300000059000000070000000800000000000000000000000000000001000000ee00000023000000a00100000600000003001800000100"/128])
recvmsg$unix(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000580)=""/47, 0x2f}], 0x1, &(0x7f0000000240)=[@cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}], 0x48}, 0x103)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240))
ioctl$SIOCSIFHWADDR(r4, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @broadcast})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x26)
mount$overlay(0x0, &(0x7f00000003c0)='./file1\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x81c0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0)
r5 = landlock_create_ruleset(&(0x7f00000002c0)={0x2101}, 0x18, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4\x00', 0x7282, 0x12)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r5, 0x1, &(0x7f0000000340)={0x2000, r6}, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f0000000600)={{0x1, 0x1, 0x18, r5, {0x5}}, './file1/file4\x00'})
linkat(0xffffffffffffff9c, &(0x7f0000000500)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000540)='./file1/file4/file7/file5\x00', 0x0)
getxattr(&(0x7f00000004c0)='./file1/file4/file7\x00', &(0x7f0000000780)=ANY=[@ANYBLOB="73797374656d2e282c7fc3eb3238448766ea0c950ccb3dc45d9fca12b3d968b92fc72eaa743e7b17a7fec823fd544735a4c57da11fcfb5efe60b0d81bba2fd74a79035a4498606153085785d3ac0d1438a17c4f426afc777d051d5caba005214e25caadd2d0c7095ec912031f23c87edcb1ea8e6a73b64c559c3551307e04e4b8945c9a00695e907e98f56eea1ad121b7e78787aef0d1ed27eeb65aac5057c42d9e526f0b2b4f543619c866162ea1f0e353dfc679f"], &(0x7f0000000700)=""/110, 0x6e)
mount$overlay(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f0000000340), 0x1004064, &(0x7f0000000680)={[{@upperdir={'upperdir', 0x3d, './file1/file4/file7/file5'}}, {@xino_auto}, {@verity_off}]})
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000000040)={0xb, 0x800, {<r7=>0x0}, {0xee01}, 0x80000001, 0x6})
prctl$PR_SCHED_CORE(0x3e, 0x4, r7, 0x2, &(0x7f0000000140))

20m23.827878837s ago: executing program 0 (id=28):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r1, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(r2, &(0x7f00000001c0)='./file0\x00', r2, &(0x7f0000000200)='./bus/file0\x00', 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000000300)=""/104, 0x68)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./bus\x00')
getdents(r2, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x14631bce9a224d9b)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @random="1a0e2c5ffd4d", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @broadcast}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x11}}}}}}, 0x0)

20m23.180947153s ago: executing program 0 (id=30):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
eventfd(0x8800a6)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r3, &(0x7f0000000800)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x9fa6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbc1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x296], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000], [0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xecd, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5d2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffeffffc]}, 0x45c)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x3)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x15)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4040040)
ioctl$UI_DEV_CREATE(r3, 0x5501)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000280)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000700000/0x1000)=nil})
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@host})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r7, 0x7a5, &(0x7f0000000080)={{@any, 0xfdfffffc}, 0x0, 0x0, 0xa4})
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x4000, 0x0, 0x0, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0xd000, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4}, {}, {}, {0xb000}, 0xddf8ffdb, 0x0, 0x0, 0x0, 0x0, 0x1800})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0xb, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$KVM_TRANSLATE(r8, 0xc018ae85, &(0x7f0000000040))
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r9, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3006}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x3c}}, 0x40)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCADDRT(r10, 0x890b, &(0x7f0000000000)={0x0, @l2tp={0x2, 0x0, @empty}, @ax25={0x2, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, @in={0x2, 0x0, @loopback}})
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

20m23.180574399s ago: executing program 32 (id=30):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
eventfd(0x8800a6)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r3, &(0x7f0000000800)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x9fa6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbc1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x296], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000], [0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xecd, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5d2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffeffffc]}, 0x45c)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x3)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x15)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4040040)
ioctl$UI_DEV_CREATE(r3, 0x5501)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000280)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000700000/0x1000)=nil})
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@host})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r7, 0x7a5, &(0x7f0000000080)={{@any, 0xfdfffffc}, 0x0, 0x0, 0xa4})
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x4000, 0x0, 0x0, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0xd000, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4}, {}, {}, {0xb000}, 0xddf8ffdb, 0x0, 0x0, 0x0, 0x0, 0x1800})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0xb, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$KVM_TRANSLATE(r8, 0xc018ae85, &(0x7f0000000040))
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r9, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3006}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x3c}}, 0x40)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCADDRT(r10, 0x890b, &(0x7f0000000000)={0x0, @l2tp={0x2, 0x0, @empty}, @ax25={0x2, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, @in={0x2, 0x0, @loopback}})
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

19m10.539578288s ago: executing program 2 (id=252):
inotify_init1(0x81800)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0xe)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="04040a0000000000005467920034db81e7abdddc259aee6063e57dfee0dab308ac44bd02bae33aa428c21e8527c5b32e2c96d0a0d523936e2a0c48ae51b0"], 0xd)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)=@generic={&(0x7f0000000000)='./file0\x00', r4}, 0x14)
syz_emit_vhci(0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$tty1(0xc, 0x4, 0x3)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r4, 0x111, 0x2, 0x0, 0x4)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
ioctl$TIOCL_SETSEL(r6, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x101, 0x100}})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sched_setscheduler(r1, 0x0, &(0x7f0000000200)=0x81)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)

19m10.100295172s ago: executing program 2 (id=253):
syz_emit_ethernet(0x52, &(0x7f0000000580)={@local, @random="08c82553c54d", @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010102, @local, {[@generic={0x7, 0x7, "0402000200"}, @timestamp_addr={0x44, 0x14, 0x6, 0x1, 0x0, [{@multicast1}, {@multicast2}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r1=>0x0})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000000000000bb09da393a133e1e000600000000000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32=r5, @ANYBLOB="110000000200000000000000", @ANYRES32=r4, @ANYRES64=0x0], 0x20)
recvfrom(r0, &(0x7f0000000000)=""/9, 0x9, 0x40, &(0x7f0000000080)=@can={0x1d, r1}, 0x80)

19m10.100094085s ago: executing program 2 (id=254):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000d80)=ANY=[@ANYBLOB="240000002c00010000000000000000000400008010000c"], 0x24}], 0x1}, 0x800000000000000) (fail_nth: 42)

19m9.850366346s ago: executing program 2 (id=255):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='smaps_rollup\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$FUSE(r2, &(0x7f0000000500)={0x2020}, 0x2020)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x400caed0, &(0x7f0000000180)={0x2, 0xffffffffffffffff, 0xffffffff})

19m8.885280382s ago: executing program 2 (id=257):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0xa3)
r0 = socket$inet6(0xa, 0x2, 0x0)
writev(r0, &(0x7f0000000440)=[{&(0x7f0000000040)="cdd1e033", 0x4}], 0x1)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x0, 0x0, @rand_addr, 0x147d}, 0x1c)
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@volatile}], [], 0x2c})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = io_uring_setup(0x84, &(0x7f0000000440)={0x0, 0xee81, 0x20, 0x3, 0x51})
syz_io_uring_setup(0x814172, &(0x7f0000000780)={0x0, 0x0, 0x10100, 0x4, 0x0, 0x0, r1}, &(0x7f0000000100), &(0x7f0000000140))
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xe)
syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x5, 0x5, 0x0, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r8 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x8, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0cc5605, &(0x7f0000000680)={0x1, @sliced={0x5, [0x6, 0x881c, 0x8162, 0xe24, 0x1ff, 0x3, 0x4, 0x3584, 0x0, 0x4, 0x5, 0x1ff, 0x1, 0x40, 0x6, 0x4, 0x0, 0x0, 0x1, 0x2, 0xfff8, 0xccdc, 0x2776, 0x8, 0x9, 0xfffa, 0xfff, 0x80, 0x3564, 0x7fff, 0x0, 0xe1, 0x5, 0x9, 0x49, 0x5b7a, 0x7, 0x8, 0xffff, 0xa, 0x2, 0xf00, 0x2c8, 0xe670, 0x1, 0x4, 0x8, 0x6], 0x8}})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000300), 0x0, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000000)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xa, 0x9, 0x9}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

19m8.686575056s ago: executing program 2 (id=258):
add_key$fscrypt_v1(&(0x7f0000001000), &(0x7f0000001040)={'fscrypt:', @desc3}, &(0x7f0000001080)={0x0, "ddbccf094c5457df7a3f7457a4e81d59f6bffca5bf7c026c91255969954a3cec19ae878c0ca3fce72e29df4e4dbd001eb127ffbed6cc47890c19c3edc50daa56"}, 0x48, 0xfffffffffffffffe) (async)
r0 = add_key$fscrypt_v1(&(0x7f0000001000), &(0x7f0000001040)={'fscrypt:', @desc3}, &(0x7f0000001080)={0x0, "ddbccf094c5457df7a3f7457a4e81d59f6bffca5bf7c026c91255969954a3cec19ae878c0ca3fce72e29df4e4dbd001eb127ffbed6cc47890c19c3edc50daa56"}, 0x48, 0xfffffffffffffffe)
request_key(&(0x7f00000000c0)='rxrpc\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000000)='\x00\x00\x00', r0)

19m8.676492123s ago: executing program 33 (id=258):
add_key$fscrypt_v1(&(0x7f0000001000), &(0x7f0000001040)={'fscrypt:', @desc3}, &(0x7f0000001080)={0x0, "ddbccf094c5457df7a3f7457a4e81d59f6bffca5bf7c026c91255969954a3cec19ae878c0ca3fce72e29df4e4dbd001eb127ffbed6cc47890c19c3edc50daa56"}, 0x48, 0xfffffffffffffffe) (async)
r0 = add_key$fscrypt_v1(&(0x7f0000001000), &(0x7f0000001040)={'fscrypt:', @desc3}, &(0x7f0000001080)={0x0, "ddbccf094c5457df7a3f7457a4e81d59f6bffca5bf7c026c91255969954a3cec19ae878c0ca3fce72e29df4e4dbd001eb127ffbed6cc47890c19c3edc50daa56"}, 0x48, 0xfffffffffffffffe)
request_key(&(0x7f00000000c0)='rxrpc\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000000)='\x00\x00\x00', r0)

31.66721695s ago: executing program 5 (id=3474):
mkdir(&(0x7f00000009c0)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@uuid_null}, {@upperdir={'upperdir', 0x3d, './file1'}}], [{@seclabel}, {@dont_hash}, {@smackfsdef={'smackfsdef', 0x3d, '\x00'}}, {@pcr={'pcr', 0x3d, 0x3c}}, {@subj_type={'subj_type', 0x3d, '\x00'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
lseek(r4, 0xfffffffffffffffb, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x517, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x700}, &(0x7f0000000240)={0x0, 0x989680}, &(0x7f00000002c0)={&(0x7f0000000280), 0x8})

30.693475221s ago: executing program 5 (id=3478):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000002c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x1006}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CDROM_SEND_PACKET(r1, 0x5393, &(0x7f0000000100)={"4689d4c4841a41c9e4641d9d", 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000080)=0x454e, 0x4)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0x80045515, 0x0)
bind$inet(r2, &(0x7f0000000380)={0x2, 0x0, @local}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x2000, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0xffffffff}, 0x1c)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r4, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r4, 0x8949, &(0x7f0000000000))
sendmmsg(r2, 0x0, 0x0, 0x0)
io_uring_setup(0x2e34, &(0x7f0000000300)={0x0, 0x1, 0x5851bdcbf4ad9d05, 0x3, 0x3})
r5 = socket$inet6(0xa, 0x6, 0x0)
recvmsg(r5, &(0x7f00000000c0)={&(0x7f0000000540)=@can, 0x80, &(0x7f00000008c0), 0x3, &(0x7f0000000840)=""/81, 0x5b}, 0x40)
bind$inet6(r5, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty}, 0x1c)
listen(r5, 0x20000001)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)

15.935800992s ago: executing program 1 (id=3479):
unshare(0x62040200)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f00000001c0)={{0xf}, 0x1})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$char_usb(r1, &(0x7f00000001c0)=""/4068, 0xfe4)
sendmsg$inet(r1, &(0x7f0000001340)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000000140)="acce744fe7", 0x5}, {&(0x7f00000011c0)="8ba73d26442292871bd9ac1b897410d76ee5b5c850dddbcf479b458d5d7ae32b078e216ad04ae65428f43f84c37e45b32baeda4a08a3485b8d715a28fb38c54ae022537c7704515786d8d064dd16b525c011de84bf0dfa6dbf9028f4d4aa40", 0x5f}, {&(0x7f0000001240)="827e21c9814ee6a594e16bb157148d266559eedfc9ce82132f22774c3757a0682468b13509089cb609520006bebaba3ba2c4506abe1a7332f17e011b8b712196bc950d8ec02d5fa37003919eb5d6034d19cf116036a34c5fa54871ae", 0x5c}], 0x3, &(0x7f0000001300)=[@ip_retopts={{0x2c, 0x0, 0x7, {[@ra={0x94, 0x4}, @generic={0x89, 0x7, "3573fa6f4c"}, @end, @lsrr={0x83, 0x13, 0xd2, [@remote, @empty, @private=0xa010100, @rand_addr=0x64010102]}]}}}, @ip_ttl={{0x10, 0x0, 0x2, 0x7}}], 0x3c}, 0x20000000)
r2 = socket$inet(0x2, 0x3, 0x4)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x238, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x9c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x0, 0x0, 0x0, 0x5000000}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffc}}, @TCA_HTB_INIT={0x18}, @TCA_HTB_DIRECT_QLEN={0x8}, @TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}}, {0x4}}]}, @TCA_STAB={0x14c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x6, 0xa, 0xb8, 0x0, 0x8001, 0x8001, 0x6}}, {0x10, 0x2, [0x3, 0x4, 0xd, 0x681, 0x1, 0x8001]}}, {{0x1c, 0x1, {0x4, 0xc6, 0x5, 0xc, 0x2, 0x800, 0x5, 0x3}}, {0xa, 0x2, [0x8001, 0xff, 0x2]}}, {{0x1c, 0x1, {0x6, 0x8, 0x2, 0x2, 0x1, 0xf, 0xffff, 0x2}}, {0x8, 0x2, [0x6, 0x7]}}, {{0x1c, 0x1, {0x4, 0x32, 0x56e, 0x2, 0x1, 0x5, 0x7, 0x3}}, {0xa, 0x2, [0x4, 0x2, 0x522]}}, {{0x1c, 0x1, {0x7, 0x0, 0x37b5, 0x1, 0x1, 0x8, 0x970, 0x3}}, {0xa, 0x2, [0x8, 0xf, 0x6]}}, {{0x1c, 0x1, {0xb, 0x7, 0xfffc, 0xa, 0x1, 0x1, 0xfffffff0, 0x7}}, {0x12, 0x2, [0x1, 0x1, 0x2, 0x2, 0x2, 0x800, 0xe]}}, {{0x1c, 0x1, {0x66, 0x0, 0x3, 0x6, 0x0, 0x7f, 0xda18, 0x1}}, {0x6, 0x2, [0x2]}}, {{0x1c, 0x1, {0x3, 0x5, 0x4, 0x4, 0x2, 0x4, 0x8, 0x5}}, {0xe, 0x2, [0x2, 0xe4f, 0xcc, 0x6, 0x4]}}]}]}, 0x238}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r3)
openat$drirender128(0xffffff9c, &(0x7f00000000c0), 0x100, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$IPT_SO_GET_INFO(r5, 0x0, 0x40, &(0x7f0000000180)={'filter\x00', 0x7003, [0x80000000, 0x7, 0x1, 0x0, 0xc5]}, &(0x7f0000000080)=0x54)

15.933138846s ago: executing program 5 (id=3480):
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f00000002c0)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0x4, 0x8}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0x0)
mkdirat(r0, &(0x7f0000000380)='.\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, 0x0)
lchown(&(0x7f0000000340)='./bus\x00', r4, 0x0)
r5 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x80000, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$MON_IOCX_MFETCH(r5, 0xc00c9207, &(0x7f0000000040)={&(0x7f0000000240)=[0x0, 0x0], 0x2, 0x1})
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x4, 0x0, 0x0, 0x0, {0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}}}, 0x32)
ioctl$PPPIOCGL2TPSTATS(r6, 0x80047453, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

15.931216581s ago: executing program 1 (id=3484):
ioctl$GIO_CMAP(0xffffffffffffffff, 0x4b70, &(0x7f0000000000)) (async)
r0 = openat$ttynull(0xffffff9c, &(0x7f0000000040), 0x101040, 0x0)
ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000080)=0x458)
close_range(r0, r0, 0x0)
openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x2, 0x0, 0x3b}, 0x18) (async)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r0, 0x941c, 0x0) (async)
r1 = openat$fuse(0xffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000180)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f00000021c0)={0x50, 0xfffffffffffffff5, r2, {0x7, 0x29, 0x7ff, 0x8004100, 0xcb, 0x10, 0x10, 0x4, 0x0, 0x0, 0x40, 0x3}}, 0x50) (async)
r3 = openat$vsock(0xffffff9c, &(0x7f0000002240), 0x101000, 0x0) (async)
mount$9p_fd(0x0, &(0x7f0000002280)='./file0\x00', &(0x7f00000022c0), 0x32040cc, &(0x7f0000002300)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@ignoreqv}, {@cache_mmap}], [{@permit_directio}, {@permit_directio}, {@smackfsfloor={'smackfsfloor', 0x3d, '/dev/fuse\x00'}}]}}) (async)
r4 = openat$rtc(0xffffff9c, &(0x7f00000023c0), 0x400, 0x0)
ioctl$RTC_WKALM_SET(r4, 0x4028700f, &(0x7f0000002400)={0x1, 0x0, {0x27, 0x16, 0xb, 0xa, 0xa, 0x1, 0x0, 0x112}}) (async)
ioctl$KVM_TRANSLATE(0xffffffffffffffff, 0xc018ae85, &(0x7f0000002440)={0x80008800, 0xad97c9a306599703, 0x7, 0x3, 0x96})
ioctl$sock_inet_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000002480)) (async)
r5 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000024c0)=0xc) (async)
ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000002500)) (async)
read$FUSE(r1, &(0x7f0000002540)={0x2020}, 0x2020) (async)
r6 = openat$sndtimer(0xffffff9c, &(0x7f0000004580), 0x4000)
ioctl$SNDRV_TIMER_IOCTL_INFO(r6, 0x80e05411, &(0x7f00000045c0)=""/4096) (async)
recvfrom$packet(r3, &(0x7f00000055c0)=""/218, 0xda, 0x2004, 0x0, 0x0)
openat$cgroup_root(0xffffff9c, &(0x7f00000056c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
close(r0) (async)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000005700)={0x87, @remote, 0x4e23, 0x2, 'wrr\x00', 0x28, 0x200, 0x5f}, 0x2c)
r7 = syz_open_dev$vcsa(&(0x7f0000005740), 0x40000, 0x2000)
ioctl$BTRFS_IOC_RESIZE(r7, 0x50009403, &(0x7f0000005780)={{}, {@void, @actul_num={@val=0x2b, 0x536, 0x6d}}}) (async)
ioctl$KDGETLED(r7, 0x4b31, &(0x7f00000057c0)) (async)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000005880)=@req={0x0, 0x4, 0x738d, 0xc2}, 0x10)

15.930879161s ago: executing program 1 (id=3485):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x2000}, 0x10, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)
landlock_restrict_self(r0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000280)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc0080019000200020006002c000364bc24eab556a705251e61826d28166076d50b2c9b2605a2e94b69a385ec430093541c635dd3fd9f91b765", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44004840)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x90, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x7c, 0x1, [@m_connmark={0x34, 0x2, 0x0, 0x0, {{0xd}, {0x4, 0x20}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)

15.929058519s ago: executing program 1 (id=3488):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0xfffff000, 0x0, 0x0, 0x0, 0x0}, 0x50)

15.928945721s ago: executing program 5 (id=3489):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000002c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x1006}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CDROM_SEND_PACKET(r1, 0x5393, &(0x7f0000000100)={"4689d4c4841a41c9e4641d9d", 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000080)=0x454e, 0x4)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_CLEAR_HALT(r3, 0x80045515, 0x0)
bind$inet(r2, &(0x7f0000000380)={0x2, 0x0, @local}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x2000, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0xffffffff}, 0x1c)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r4, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r4, 0x8949, &(0x7f0000000000))
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
io_uring_setup(0x2e34, 0x0)
r5 = socket$inet6(0xa, 0x6, 0x0)
recvmsg(r5, &(0x7f00000000c0)={&(0x7f0000000540)=@can, 0x80, &(0x7f00000008c0), 0x3, &(0x7f0000000840)=""/81, 0x5b}, 0x40)
bind$inet6(r5, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty}, 0x1c)
listen(r5, 0x20000001)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)

887.049623ms ago: executing program 1 (id=3492):
unshare(0x62040200)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f00000001c0)={{0xf}, 0x1})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$char_usb(r1, &(0x7f00000001c0)=""/4068, 0xfe4)
sendmsg$inet(r1, &(0x7f0000001340)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000000140)="acce744fe7", 0x5}, {&(0x7f00000011c0)="8ba73d26442292871bd9ac1b897410d76ee5b5c850dddbcf479b458d5d7ae32b078e216ad04ae65428f43f84c37e45b32baeda4a08a3485b8d715a28fb38c54ae022537c7704515786d8d064dd16b525c011de84bf0dfa6dbf9028f4d4aa40", 0x5f}, {&(0x7f0000001240)="827e21c9814ee6a594e16bb157148d266559eedfc9ce82132f22774c3757a0682468b13509089cb609520006bebaba3ba2c4506abe1a7332f17e011b8b712196bc950d8ec02d5fa37003919eb5d6034d19cf116036a34c5fa54871ae", 0x5c}], 0x3, &(0x7f0000001300)=[@ip_retopts={{0x2c, 0x0, 0x7, {[@ra={0x94, 0x4}, @generic={0x89, 0x7, "3573fa6f4c"}, @end, @lsrr={0x83, 0x13, 0xd2, [@remote, @empty, @private=0xa010100, @rand_addr=0x64010102]}]}}}, @ip_ttl={{0x10, 0x0, 0x2, 0x7}}], 0x3c}, 0x20000000)
r2 = socket$inet(0x2, 0x3, 0x4)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x238, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x9c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x0, 0x0, 0x0, 0x5000000}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffc}}, @TCA_HTB_INIT={0x18}, @TCA_HTB_DIRECT_QLEN={0x8}, @TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}, @TCA_HTB_INIT={0x18}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}}, {0x4}}]}, @TCA_STAB={0x14c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x6, 0xa, 0xb8, 0x0, 0x8001, 0x8001, 0x6}}, {0x10, 0x2, [0x3, 0x4, 0xd, 0x681, 0x1, 0x8001]}}, {{0x1c, 0x1, {0x4, 0xc6, 0x5, 0xc, 0x2, 0x800, 0x5, 0x3}}, {0xa, 0x2, [0x8001, 0xff, 0x2]}}, {{0x1c, 0x1, {0x6, 0x8, 0x2, 0x2, 0x1, 0xf, 0xffff, 0x2}}, {0x8, 0x2, [0x6, 0x7]}}, {{0x1c, 0x1, {0x4, 0x32, 0x56e, 0x2, 0x1, 0x5, 0x7, 0x3}}, {0xa, 0x2, [0x4, 0x2, 0x522]}}, {{0x1c, 0x1, {0x7, 0x0, 0x37b5, 0x1, 0x1, 0x8, 0x970, 0x3}}, {0xa, 0x2, [0x8, 0xf, 0x6]}}, {{0x1c, 0x1, {0xb, 0x7, 0xfffc, 0xa, 0x1, 0x1, 0xfffffff0, 0x7}}, {0x12, 0x2, [0x1, 0x1, 0x2, 0x2, 0x2, 0x800, 0xe]}}, {{0x1c, 0x1, {0x66, 0x0, 0x3, 0x6, 0x0, 0x7f, 0xda18, 0x1}}, {0x6, 0x2, [0x2]}}, {{0x1c, 0x1, {0x3, 0x5, 0x4, 0x4, 0x2, 0x4, 0x8, 0x5}}, {0xe, 0x2, [0x2, 0xe4f, 0xcc, 0x6, 0x4]}}]}]}, 0x238}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r3)
openat$drirender128(0xffffff9c, &(0x7f00000000c0), 0x100, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$IPT_SO_GET_INFO(r5, 0x0, 0x40, &(0x7f0000000180)={'filter\x00', 0x7003, [0x80000000, 0x7, 0x1, 0x0, 0xc5]}, &(0x7f0000000080)=0x54)

885.257368ms ago: executing program 4 (id=3494):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x11, 0x1, 0x0, "8eb8a828e93b07f1dd06da7a41bfeac48048beb159fbba176fb1de26098c68d9"})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) (async)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) (async)
sched_setaffinity(0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x50}}, 0x0) (async)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async)
setgroups(0x0, 0x0) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) (async)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000180)={0x0, 0x0}) (async)
fsopen(&(0x7f0000000040)='afs\x00', 0x0) (async)
mount$afs(&(0x7f0000000040)=@cell={0x23, 'syz1:', 'syz0', '.backup'}, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)) (async)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x70}}, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000001c0008002abd7000fddbdf2507000000", @ANYRES32, @ANYBLOB="0800020b0800cfe2b503020008000b0007000000"], 0x2c}, 0x1, 0x0, 0x0, 0xc0044}, 0x20000000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="90000000100003f4ffffff3d2e69000000000000", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r6], 0x90}}, 0x0)

884.77792ms ago: executing program 5 (id=3495):
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f00000002c0)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0x4, 0x8}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0x0)
mkdirat(r0, &(0x7f0000000380)='.\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, 0x0)
lchown(&(0x7f0000000340)='./bus\x00', r4, 0x0)
r5 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x80000, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$MON_IOCX_MFETCH(r5, 0xc00c9207, &(0x7f0000000040)={&(0x7f0000000240)=[0x0, 0x0], 0x2, 0x1})
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x4, 0x0, 0x0, 0x0, {0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}}}, 0x32)
ioctl$PPPIOCGL2TPSTATS(r6, 0x80047453, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

884.577887ms ago: executing program 4 (id=3496):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)={0x14, 0x4, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x1f000000, 0x0, 0x48840}, 0x0)

884.307654ms ago: executing program 4 (id=3497):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0)
r3 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x39565559, 0x0, 0x0, [], 0x0, 0x0, 0x0, 0x0, 0x6}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000080)=0x74000000)
write$dsp(r2, &(0x7f0000002000)='`', 0x88020)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, r3}, './file0\x00'})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r5 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r6, 0x5100)
readv(r5, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/187, 0xbb}, {0x0}], 0x2)
r7 = memfd_create(&(0x7f00000003c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3)
ftruncate(r7, 0xffff)
fcntl$addseals(r7, 0x409, 0x7)
r8 = ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f00000002c0)={r7, 0x0, 0x1000, 0x1000})
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r9})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

883.191686ms ago: executing program 3 (id=3490):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x9, @pix={0x0, 0x0, 0x44495658, 0x7}})
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='map_files\x00')
getdents64(r2, &(0x7f0000002f40)=""/4098, 0x1002)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x16, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000300)=[{0x5, 0x9, 0x4, 0x4}, {0x1, 0x5}], 0x10, 0x0, @void, @value}, 0x90)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x7})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c90012fe4c2e4d1b6bd76468000e"], 0x17)

883.104189ms ago: executing program 3 (id=3490):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x9, @pix={0x0, 0x0, 0x44495658, 0x7}})
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='map_files\x00')
getdents64(r2, &(0x7f0000002f40)=""/4098, 0x1002)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x16, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000300)=[{0x5, 0x9, 0x4, 0x4}, {0x1, 0x5}], 0x10, 0x0, @void, @value}, 0x90)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x7})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c90012fe4c2e4d1b6bd76468000e"], 0x17)

883.044616ms ago: executing program 3 (id=3490):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x9, @pix={0x0, 0x0, 0x44495658, 0x7}})
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='map_files\x00')
getdents64(r2, &(0x7f0000002f40)=""/4098, 0x1002)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x16, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000300)=[{0x5, 0x9, 0x4, 0x4}, {0x1, 0x5}], 0x10, 0x0, @void, @value}, 0x90)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x7})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c90012fe4c2e4d1b6bd76468000e"], 0x17)

882.989571ms ago: executing program 3 (id=3490):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x9, @pix={0x0, 0x0, 0x44495658, 0x7}})
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='map_files\x00')
getdents64(r2, &(0x7f0000002f40)=""/4098, 0x1002)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x16, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000300)=[{0x5, 0x9, 0x4, 0x4}, {0x1, 0x5}], 0x10, 0x0, @void, @value}, 0x90)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x7})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c90012fe4c2e4d1b6bd76468000e"], 0x17)

882.928943ms ago: executing program 3 (id=3490):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x9, @pix={0x0, 0x0, 0x44495658, 0x7}})
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='map_files\x00')
getdents64(r2, &(0x7f0000002f40)=""/4098, 0x1002)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x16, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000300)=[{0x5, 0x9, 0x4, 0x4}, {0x1, 0x5}], 0x10, 0x0, @void, @value}, 0x90)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x7})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c90012fe4c2e4d1b6bd76468000e"], 0x17)

86.13916ms ago: executing program 4 (id=3498):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x22041, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000040)=0x40000)
ioctl$SNDCTL_DSP_GETOPTR(r1, 0x800c5012, &(0x7f00000000c0))
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0xc0302, 0x0)
shutdown(r0, 0x0)
openat$snapshot(0xffffff9c, &(0x7f0000000140), 0x200000, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={<r2=>0x0, 0x2c, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e24, 0x68, @loopback, 0xc2}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x66, &(0x7f0000000000)={r2}, &(0x7f0000000080)=0x10)

85.815117ms ago: executing program 1 (id=3499):
r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x501b, 0x2, 0x1}, 0x18, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x19, &(0x7f0000000040)=0x3, 0x4)
syz_emit_ethernet(0x6e, &(0x7f0000000340)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], "1e520b4c951ee12e"}}}}}}}, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r2, 0xc0305615, &(0x7f00000001c0))
landlock_restrict_self(r0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r3 = syz_io_uring_setup(0x10e, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3, 0xfffffffc}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r3, 0x1b1, 0x59be, 0x1, 0x0, 0x0)
io_uring_enter(r3, 0x1d7d, 0xe00c, 0x8, 0x0, 0x0)
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4208, r5)
ptrace$getregs(0xe, r5, 0x2, 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
r7 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r7, &(0x7f0000003000)=@file={0x1}, 0x6e)
connect$unix(r6, &(0x7f0000000640)=@file={0x1}, 0x6e)
socket$key(0xf, 0x3, 0x2)

85.587486ms ago: executing program 5 (id=3500):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB="1afffff24581206b2047f315f11700d0d872fd9033998c68ff44e82e9706684c66242930a69ca6780120d47877aa40014e2589abea87d9557a9ec46ee6aac8fc7f4f22c4dbb3e52ad2042f2ae9def17ac60e9da6759530033ab1be85d56c16d0", @ANYRESHEX, @ANYBLOB="230900000000000000000100000005000700000000000800090000000900000000000000000008001700", @ANYRES32, @ANYBLOB="0600020002000000"], 0x3c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_vhci(0x0, 0x8)
syz_io_uring_setup(0x4306, &(0x7f00000004c0)={0x0, 0x2b7a, 0x400, 0x2, 0x4}, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000016e, &(0x7f0000000080)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/178, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffffda, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$inet(r2, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000003c0)="ba", 0x1}, {&(0x7f00000005c0)='0', 0xcea40}], 0x2}}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f00000000c0)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r5 = socket$qrtr(0x2a, 0x2, 0x0)
r6 = epoll_create1(0x0)
r7 = openat$sndtimer(0xffffff9c, &(0x7f0000000000), 0x101000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000580)={0x2004})
r8 = geteuid()
quotactl_fd$Q_GETNEXTQUOTA(r5, 0xffffffff80000900, r8, &(0x7f00000002c0))
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, 0xffffffffffffffff, &(0x7f000086fff4))

546.101µs ago: executing program 4 (id=3501):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000700))
ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f0000000040)={0x1, 0x1})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f00000005c0)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000600)=""/73, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$AUTOFS_IOC_SETTIMEOUT(r1, 0x80049367, &(0x7f0000000080)=0x7df)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x8c}}, 0x0)

125.671µs ago: executing program 3 (id=3490):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x9, @pix={0x0, 0x0, 0x44495658, 0x7}})
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='map_files\x00')
getdents64(r2, &(0x7f0000002f40)=""/4098, 0x1002)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x16, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000300)=[{0x5, 0x9, 0x4, 0x4}, {0x1, 0x5}], 0x10, 0x0, @void, @value}, 0x90)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x7})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c90012fe4c2e4d1b6bd76468000e"], 0x17)

0s ago: executing program 4 (id=3502):
socket$inet6(0x10, 0x3, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x101005)
r1 = socket$inet_sctp(0x2, 0x400000000001, 0x84)
sendto$inet(r1, &(0x7f0000000080)="e3", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10)
listen(r1, 0xda8c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffffffff}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x58}}, 0x0)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r5, 0x0, 0x0)
listen(r5, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
socket$alg(0x26, 0x5, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
r7 = openat$sr(0xffffffffffffff9c, &(0x7f0000005940), 0x0, 0x0)
ioctl$SG_EMULATED_HOST(r7, 0x5322, &(0x7f000000b1c0))
syz_pidfd_open(0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
accept4(r1, &(0x7f0000000100)=@nfc, 0x0, 0x0)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee", 0x15}, {&(0x7f0000000040)="aa1d484e240003000000f7c08b0e278ad10ab08ba900b92d276d720984d211fbdf23ea32", 0x24}], 0x2)

kernel console output (not intermixed with test programs):

17496]  ? __pfx_lock_release+0x10/0x10
[ 1030.111836][T17496]  ? trace_lock_acquire+0x14e/0x1f0
[ 1030.113189][T17496]  ? __fget_files+0x206/0x3a0
[ 1030.114641][T17496]  __sys_sendmsg+0x16e/0x220
[ 1030.115898][T17496]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1030.117254][T17496]  ? rcu_is_watching+0x12/0xc0
[ 1030.118492][T17496]  __do_fast_syscall_32+0x73/0x120
[ 1030.119828][T17496]  do_fast_syscall_32+0x32/0x80
[ 1030.121145][T17496]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1030.122870][T17496] RIP: 0023:0xf73de579
[ 1030.123936][T17496] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1030.129767][T17496] RSP: 002b:00000000f50b657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1030.132512][T17496] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[ 1030.134539][T17496] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1030.136771][T17496] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1030.138803][T17496] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1030.140842][T17496] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1030.142862][T17496]  </TASK>
[ 1031.287767][T17537] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2718'.
[ 1032.530251][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1040.577031][T17457] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1040.579244][T17457] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1040.583651][T17457] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1040.591287][T17457] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1040.593600][T17457] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1040.595527][T17457] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1040.643927][T17589] chnl_net:caif_netlink_parms(): no params data found
[ 1040.694015][T17589] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1040.694102][T17589] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1040.694153][T17589] bridge_slave_0: entered allmulticast mode
[ 1040.694461][T17589] bridge_slave_0: entered promiscuous mode
[ 1040.695163][T17589] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1040.719393][T17589] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1040.719508][T17589] bridge_slave_1: entered allmulticast mode
[ 1040.719863][T17589] bridge_slave_1: entered promiscuous mode
[ 1040.737534][T17589] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1040.739259][T17589] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1040.777684][T17589] team0: Port device team_slave_0 added
[ 1040.778832][T17589] team0: Port device team_slave_1 added
[ 1040.800661][T17601] loop9: detected capacity change from 0 to 6
[ 1040.800958][T17601] Dev loop9: unable to read RDB block 6
[ 1040.800977][T17601]  loop9: unable to read partition table
[ 1040.801024][T17601] loop9: partition table beyond EOD, truncated
[ 1040.801032][T17601] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[ 1040.801032][T17601] 
) failed (rc=-5)
[ 1040.822626][T17589] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1040.822712][T17589] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1040.822725][T17589] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1040.856757][T17589] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1040.877735][T17589] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1040.885416][T17589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1040.943071][T17589] hsr_slave_0: entered promiscuous mode
[ 1040.945882][T17589] hsr_slave_1: entered promiscuous mode
[ 1040.947923][T17589] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1040.950107][T17589] Cannot create hsr debugfs directory
[ 1041.019867][T17589] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1041.160060][T17589] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1041.280511][T17589] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1041.342097][T17589] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1041.545891][ T5952] Bluetooth: Wrong link type (-71)
[ 1041.598113][T17589] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1041.601395][T17589] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1041.604300][T17589] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1041.618357][T17589] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1041.626284][T17589] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1041.628266][T17589] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1041.630224][T17589] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1041.632082][T17589] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1041.648851][T17589] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1041.653821][T17589] 8021q: adding VLAN 0 to HW filter on device team0
[ 1041.656570][ T6920] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1041.660487][ T6920] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1041.680023][ T6917] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1041.682006][ T6917] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1041.687311][ T6920] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1041.689280][ T6920] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1041.702682][T17589] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1041.705441][T17589] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1041.789188][T17589] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1041.853703][T17589] veth0_vlan: entered promiscuous mode
[ 1041.858461][T17589] veth1_vlan: entered promiscuous mode
[ 1041.874815][T17589] veth0_macvtap: entered promiscuous mode
[ 1041.877809][T17589] veth1_macvtap: entered promiscuous mode
[ 1041.886116][T17589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1041.889359][T17589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.892005][T17589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1041.895224][T17589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.897991][T17589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1041.900918][T17589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.904144][T17589] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1041.911018][T17589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1041.913983][T17589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.918794][T17589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1041.921740][T17589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.924398][T17589] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1041.928231][T17589] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.931490][T17589] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1041.935286][T17589] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.938480][T17589] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.940896][T17589] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.943195][T17589] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.966784][ T6920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1041.969054][ T6920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1041.980497][ T6920] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1041.982555][ T6920] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1042.066024][ T5952] Bluetooth: Wrong link type (-71)
[ 1042.117828][ T5952] Bluetooth: Wrong link type (-71)
[ 1042.583309][ T5952] Bluetooth: Wrong link type (-71)
[ 1042.792603][ T5952] Bluetooth: hci1: command tx timeout
[ 1043.010578][ T5952] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 1043.184698][ T5952] Bluetooth: Wrong link type (-71)
[ 1043.186181][ T5952] Bluetooth: hci0: link tx timeout
[ 1043.187636][ T5952] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1044.242744][T17457] Bluetooth: Wrong link type (-71)
[ 1044.258593][T17723] Bluetooth: MGMT ver 1.23
[ 1044.302071][T17728] FAULT_INJECTION: forcing a failure.
[ 1044.302071][T17728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1044.305487][T17728] CPU: 2 UID: 0 PID: 17728 Comm: syz.5.2768 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1044.308219][T17728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1044.310916][T17728] Call Trace:
[ 1044.311797][T17728]  <TASK>
[ 1044.312550][T17728]  dump_stack_lvl+0x16c/0x1f0
[ 1044.313774][T17728]  should_fail_ex+0x497/0x5b0
[ 1044.314993][T17728]  _copy_to_user+0x32/0xd0
[ 1044.316144][T17728]  simple_read_from_buffer+0xd0/0x160
[ 1044.317531][T17728]  proc_fail_nth_read+0x198/0x270
[ 1044.318827][T17728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1044.320262][T17728]  ? bpf_lsm_file_permission+0x9/0x10
[ 1044.321642][T17728]  ? security_file_permission+0x71/0x210
[ 1044.323088][T17728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1044.324536][T17728]  vfs_read+0x1df/0xbe0
[ 1044.325620][T17728]  ? __fget_files+0x1fc/0x3a0
[ 1044.326814][T17728]  ? __pfx___mutex_lock+0x10/0x10
[ 1044.328120][T17728]  ? __pfx_vfs_read+0x10/0x10
[ 1044.329328][T17728]  ? __fget_files+0x206/0x3a0
[ 1044.330534][T17728]  ksys_read+0x12b/0x250
[ 1044.331632][T17728]  ? __pfx_ksys_read+0x10/0x10
[ 1044.332866][T17728]  ? rcu_is_watching+0x12/0xc0
[ 1044.334110][T17728]  __do_fast_syscall_32+0x73/0x120
[ 1044.335402][T17728]  do_fast_syscall_32+0x32/0x80
[ 1044.336606][T17728]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1044.338221][T17728] RIP: 0023:0xf7fb2579
[ 1044.339271][T17728] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1044.344061][T17728] RSP: 002b:00000000f51265b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1044.346147][T17728] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5126620
[ 1044.348134][T17728] RDX: 000000000000000f RSI: 00000000f743bff4 RDI: 0000000000000000
[ 1044.350153][T17728] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1044.352188][T17728] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1044.354207][T17728] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1044.356240][T17728]  </TASK>
[ 1044.403717][T17732] netlink: 'syz.4.2770': attribute type 12 has an invalid length.
[ 1044.469997][T17734] syzkaller0: entered allmulticast mode
[ 1044.537565][T17457] Bluetooth: Wrong link type (-71)
[ 1044.539064][T17457] Bluetooth: hci0: link tx timeout
[ 1044.540408][T17457] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1044.580520][T17745] FAULT_INJECTION: forcing a failure.
[ 1044.580520][T17745] name failslab, interval 1, probability 0, space 0, times 0
[ 1044.584218][T17745] CPU: 2 UID: 0 PID: 17745 Comm: syz.4.2776 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1044.587333][T17745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1044.591151][T17745] Call Trace:
[ 1044.592314][T17745]  <TASK>
[ 1044.593121][T17745]  dump_stack_lvl+0x16c/0x1f0
[ 1044.594481][T17745]  should_fail_ex+0x497/0x5b0
[ 1044.595714][T17745]  ? fs_reclaim_acquire+0xae/0x150
[ 1044.597035][T17745]  should_failslab+0xc2/0x120
[ 1044.598291][T17745]  __kmalloc_noprof+0xce/0x4f0
[ 1044.599577][T17745]  ? trace_lock_acquire+0x14e/0x1f0
[ 1044.600921][T17745]  ? bpf_test_init.isra.0+0xa5/0x150
[ 1044.602597][T17745]  bpf_test_init.isra.0+0xa5/0x150
[ 1044.604372][T17745]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1044.606332][T17745]  bpf_prog_test_run_skb+0x250/0x22c0
[ 1044.608221][T17745]  ? rcu_is_watching+0x12/0xc0
[ 1044.609950][T17745]  ? __fget_files+0x40/0x3a0
[ 1044.611610][T17745]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1044.613670][T17745]  ? fput+0x67/0x440
[ 1044.615045][T17745]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1044.617110][T17745]  __sys_bpf+0x1921/0x57a0
[ 1044.618688][T17745]  ? __pfx_lock_release+0x10/0x10
[ 1044.620258][T17745]  ? __pfx___sys_bpf+0x10/0x10
[ 1044.621492][T17745]  ? vfs_write+0x306/0x1150
[ 1044.622643][T17745]  ? __mutex_unlock_slowpath+0x164/0x690
[ 1044.624382][T17745]  ? fput+0x67/0x440
[ 1044.625813][T17745]  ? ksys_write+0x1ba/0x250
[ 1044.627433][T17745]  ? __pfx_ksys_write+0x10/0x10
[ 1044.629150][T17745]  __ia32_sys_bpf+0x76/0xe0
[ 1044.630720][T17745]  __do_fast_syscall_32+0x73/0x120
[ 1044.632455][T17745]  do_fast_syscall_32+0x32/0x80
[ 1044.634065][T17745]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1044.635810][T17745] RIP: 0023:0xf7fa2579
[ 1044.636823][T17745] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1044.641635][T17745] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1044.643711][T17745] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0
[ 1044.646061][T17745] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1044.648844][T17745] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1044.651004][T17745] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1044.652971][T17745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1044.654946][T17745]  </TASK>
[ 1044.843388][T17457] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1044.849670][T17765] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1044.932670][T17772] netlink: 'syz.1.2787': attribute type 4 has an invalid length.
[ 1044.932836][T17770] syzkaller0: entered allmulticast mode
[ 1045.016056][T17457] Bluetooth: hci1: command tx timeout
[ 1045.026371][T17782] FAULT_INJECTION: forcing a failure.
[ 1045.026371][T17782] name failslab, interval 1, probability 0, space 0, times 0
[ 1045.030367][T17782] CPU: 1 UID: 0 PID: 17782 Comm: syz.3.2790 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1045.034877][T17782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1045.038352][T17782] Call Trace:
[ 1045.039209][T17782]  <TASK>
[ 1045.039965][T17782]  dump_stack_lvl+0x16c/0x1f0
[ 1045.041150][T17782]  should_fail_ex+0x497/0x5b0
[ 1045.042382][T17782]  ? fs_reclaim_acquire+0xae/0x150
[ 1045.043721][T17782]  should_failslab+0xc2/0x120
[ 1045.044928][T17782]  __kmalloc_cache_noprof+0x68/0x420
[ 1045.046290][T17782]  ? net_generic+0x30/0x2a0
[ 1045.047575][T17782]  ip_set_create+0x33e/0x1400
[ 1045.048900][T17782]  ? rcu_is_watching+0x12/0xc0
[ 1045.050150][T17782]  ? __pfx_ip_set_create+0x10/0x10
[ 1045.051487][T17782]  ? __nla_parse+0x40/0x60
[ 1045.052634][T17782]  nfnetlink_rcv_msg+0x9c3/0x11e0
[ 1045.053938][T17782]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1045.055359][T17782]  netlink_rcv_skb+0x165/0x410
[ 1045.056607][T17782]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1045.058020][T17782]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1045.059373][T17782]  ? __pfx_aa_get_newest_label+0x10/0x10
[ 1045.060783][T17782]  ? bpf_lsm_capable+0x9/0x10
[ 1045.061940][T17782]  ? security_capable+0x7e/0x260
[ 1045.063215][T17782]  ? ns_capable+0xd7/0x110
[ 1045.064359][T17782]  nfnetlink_rcv+0x1b4/0x430
[ 1045.065479][T17782]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1045.066762][T17782]  ? netlink_deliver_tap+0x1ae/0xca0
[ 1045.068055][T17782]  netlink_unicast+0x53c/0x7f0
[ 1045.069225][T17782]  ? __pfx_netlink_unicast+0x10/0x10
[ 1045.070535][T17782]  ? __phys_addr_symbol+0x30/0x80
[ 1045.071871][T17782]  ? __check_object_size+0x488/0x710
[ 1045.073347][T17782]  netlink_sendmsg+0x8b8/0xd70
[ 1045.074567][T17782]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1045.075888][T17782]  ____sys_sendmsg+0x9ae/0xb40
[ 1045.077241][T17782]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1045.078727][T17782]  ? get_compat_msghdr+0x11b/0x170
[ 1045.080061][T17782]  ? rcu_is_watching+0x12/0xc0
[ 1045.081296][T17782]  ? lock_release+0x4e2/0x6f0
[ 1045.082519][T17782]  ? get_pid_task+0xfc/0x250
[ 1045.083746][T17782]  ___sys_sendmsg+0x135/0x1e0
[ 1045.084973][T17782]  ? get_pid_task+0x35/0x250
[ 1045.086191][T17782]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1045.087659][T17782]  ? lock_release+0x4e2/0x6f0
[ 1045.088903][T17782]  ? __pfx_lock_release+0x10/0x10
[ 1045.090226][T17782]  ? trace_lock_acquire+0x14e/0x1f0
[ 1045.091656][T17782]  ? __fget_files+0x206/0x3a0
[ 1045.092875][T17782]  __sys_sendmsg+0x16e/0x220
[ 1045.094081][T17782]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1045.095413][T17782]  ? rcu_is_watching+0x12/0xc0
[ 1045.096663][T17782]  __do_fast_syscall_32+0x73/0x120
[ 1045.098027][T17782]  do_fast_syscall_32+0x32/0x80
[ 1045.099240][T17782]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1045.100793][T17782] RIP: 0023:0xf7fc7579
[ 1045.101820][T17782] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1045.106682][T17782] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1045.108808][T17782] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[ 1045.110750][T17782] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1045.112733][T17782] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1045.114758][T17782] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1045.116794][T17782] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1045.119526][T17782]  </TASK>
[ 1045.138183][T17787] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2792'.
[ 1045.154608][T17457] Bluetooth: Wrong link type (-71)
[ 1045.191633][T17795] input: syz1 as /devices/virtual/input/input72
[ 1045.319967][T17808] overlayfs: failed to clone lowerpath
[ 1045.358185][T17457] Bluetooth: hci0: command 0x0406 tx timeout
[ 1045.386863][T17808] overlay: ./file0 is not a directory
[ 1045.492873][T17813] FAULT_INJECTION: forcing a failure.
[ 1045.492873][T17813] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1045.498377][T17813] CPU: 2 UID: 0 PID: 17813 Comm: syz.5.2802 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1045.501272][T17813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1045.504146][T17813] Call Trace:
[ 1045.504978][T17813]  <TASK>
[ 1045.505794][T17815] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2803'.
[ 1045.505788][T17813]  dump_stack_lvl+0x16c/0x1f0
[ 1045.509496][T17813]  should_fail_ex+0x497/0x5b0
[ 1045.510707][T17813]  _copy_from_user+0x2e/0xd0
[ 1045.511868][T17813]  __sys_bpf+0x215/0x57a0
[ 1045.512990][T17813]  ? __pfx_lock_release+0x10/0x10
[ 1045.514338][T17813]  ? __pfx___sys_bpf+0x10/0x10
[ 1045.515972][T17813]  ? vfs_write+0x306/0x1150
[ 1045.517340][T17813]  ? __mutex_unlock_slowpath+0x164/0x690
[ 1045.518951][T17813]  ? fput+0x67/0x440
[ 1045.520065][T17813]  ? ksys_write+0x1ba/0x250
[ 1045.521476][T17813]  ? __pfx_ksys_write+0x10/0x10
[ 1045.522904][T17813]  __ia32_sys_bpf+0x76/0xe0
[ 1045.524124][T17813]  __do_fast_syscall_32+0x73/0x120
[ 1045.525631][T17813]  do_fast_syscall_32+0x32/0x80
[ 1045.527036][T17813]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1045.528857][T17813] RIP: 0023:0xf7fb2579
[ 1045.530027][T17813] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1045.535194][T17813] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1045.537606][T17813] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0
[ 1045.539817][T17813] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1045.541890][T17813] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1045.544229][T17813] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1045.546506][T17813] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1045.548549][T17813]  </TASK>
[ 1045.567163][ T5952] Bluetooth: Wrong link type (-71)
[ 1045.993677][T17834] FAULT_INJECTION: forcing a failure.
[ 1045.993677][T17834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1045.996904][T17834] CPU: 1 UID: 0 PID: 17834 Comm: syz.4.2810 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1045.999583][T17834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1046.002174][T17834] Call Trace:
[ 1046.003009][T17834]  <TASK>
[ 1046.003760][T17834]  dump_stack_lvl+0x16c/0x1f0
[ 1046.004954][T17834]  should_fail_ex+0x497/0x5b0
[ 1046.006207][T17834]  _copy_from_user+0x2e/0xd0
[ 1046.007422][T17834]  __sys_bpf+0x215/0x57a0
[ 1046.008529][T17834]  ? finish_task_switch.isra.0+0x217/0xcc0
[ 1046.010029][T17834]  ? __pfx___sys_bpf+0x10/0x10
[ 1046.011259][T17834]  ? __schedule+0xe60/0x5ad0
[ 1046.012466][T17834]  ? fput+0x67/0x440
[ 1046.013486][T17834]  ? ksys_write+0x1ba/0x250
[ 1046.014656][T17834]  __ia32_sys_bpf+0x76/0xe0
[ 1046.015838][T17834]  __do_fast_syscall_32+0x73/0x120
[ 1046.017186][T17834]  do_fast_syscall_32+0x32/0x80
[ 1046.018457][T17834]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1046.020110][T17834] RIP: 0023:0xf7fa2579
[ 1046.021180][T17834] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1046.026158][T17834] RSP: 002b:00000000f50d457c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1046.028305][T17834] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000440
[ 1046.030349][T17834] RDX: 0000000000000070 RSI: 0000000000000000 RDI: 0000000000000000
[ 1046.032403][T17834] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1046.034447][T17834] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1046.036501][T17834] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1046.038541][T17834]  </TASK>
[ 1046.511113][T17848] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2814'.
[ 1046.629617][ T5952] Bluetooth: Wrong link type (-71)
[ 1046.721153][T17866] FAULT_INJECTION: forcing a failure.
[ 1046.721153][T17866] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1046.724556][T17866] CPU: 0 UID: 0 PID: 17866 Comm: syz.4.2822 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1046.727310][T17866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1046.730075][T17866] Call Trace:
[ 1046.730921][T17866]  <TASK>
[ 1046.731718][T17866]  dump_stack_lvl+0x16c/0x1f0
[ 1046.732963][T17866]  should_fail_ex+0x497/0x5b0
[ 1046.734202][T17866]  ? fs_reclaim_acquire+0xae/0x150
[ 1046.735545][T17866]  should_fail_alloc_page+0xe7/0x130
[ 1046.736919][T17866]  prepare_alloc_pages.constprop.0+0x16f/0x560
[ 1046.739110][T17866]  ? rcu_is_watching+0x12/0xc0
[ 1046.740456][T17866]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[ 1046.742309][T17866]  __alloc_pages_noprof+0x190/0x25b0
[ 1046.743605][T17867] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2820'.
[ 1046.743692][T17866]  ? tomoyo_realpath_from_path+0xbf/0x710
[ 1046.747734][T17866]  ? lock_acquire+0x2f/0xb0
[ 1046.748958][T17866]  ? rcu_is_watching+0x12/0xc0
[ 1046.750234][T17866]  ? lock_release+0x4e2/0x6f0
[ 1046.751497][T17866]  ? rcu_is_watching+0x12/0xc0
[ 1046.752773][T17866]  ? page_ext_put+0x3e/0xd0
[ 1046.753979][T17866]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 1046.755467][T17866]  ? lock_release+0x4e2/0x6f0
[ 1046.756867][T17866]  ? is_bpf_text_address+0x8a/0x1a0
[ 1046.758429][T17866]  ? __pfx_lock_release+0x10/0x10
[ 1046.759697][T17866]  ? trace_lock_acquire+0x14e/0x1f0
[ 1046.761019][T17866]  ? is_bpf_text_address+0x30/0x1a0
[ 1046.762449][T17866]  ? bpf_ksym_find+0x124/0x1c0
[ 1046.763660][T17866]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1046.765193][T17866]  ? is_bpf_text_address+0x94/0x1a0
[ 1046.766678][T17866]  ? kernel_text_address+0x8d/0x100
[ 1046.767983][T17866]  ? __kernel_text_address+0xd/0x40
[ 1046.769311][T17866]  ? unwind_get_return_address+0x59/0xa0
[ 1046.770726][T17866]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[ 1046.772364][T17866]  ___kmalloc_large_node+0x84/0x1b0
[ 1046.773656][T17866]  __kmalloc_large_node_noprof+0x1c/0x70
[ 1046.775081][T17866]  __kmalloc_noprof.cold+0xc/0x63
[ 1046.776863][T17866]  ? rcu_is_watching+0x12/0xc0
[ 1046.778287][T17866]  ? wiphy_new_nm+0x701/0x2160
[ 1046.779532][T17866]  ? lock_release+0x4e2/0x6f0
[ 1046.780756][T17866]  ? mac80211_hwsim_new_radio+0x164/0x56c0
[ 1046.782275][T17866]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[ 1046.783947][T17866]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[ 1046.785823][T17866]  wiphy_new_nm+0x701/0x2160
[ 1046.787016][T17866]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[ 1046.788678][T17866]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[ 1046.790394][T17866]  ieee80211_alloc_hw_nm+0x1b7a/0x2260
[ 1046.791801][T17866]  ? trace_irq_enable.constprop.0+0xea/0x140
[ 1046.793350][T17866]  mac80211_hwsim_new_radio+0x201/0x56c0
[ 1046.795038][T17866]  ? do_fast_syscall_32+0x32/0x80
[ 1046.796560][T17866]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1046.798239][T17866]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1046.799818][T17866]  hwsim_new_radio_nl+0xb42/0x12b0
[ 1046.801191][T17866]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1046.802627][T17866]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1046.804586][T17866]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1046.806512][T17866]  genl_family_rcv_msg_doit+0x202/0x2f0
[ 1046.807901][T17866]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1046.809417][T17866]  ? genl_get_cmd+0x195/0x580
[ 1046.810576][T17866]  ? bpf_lsm_capable+0x9/0x10
[ 1046.811762][T17866]  ? security_capable+0x7e/0x260
[ 1046.813098][T17866]  ? ns_capable+0xd7/0x110
[ 1046.814611][T17866]  genl_rcv_msg+0x565/0x800
[ 1046.815941][T17866]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1046.817235][T17866]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1046.818657][T17866]  netlink_rcv_skb+0x165/0x410
[ 1046.819906][T17866]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1046.821180][T17866]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1046.822531][T17866]  ? down_read+0xc9/0x330
[ 1046.823650][T17866]  ? __pfx_down_read+0x10/0x10
[ 1046.824888][T17866]  ? netlink_deliver_tap+0x1ae/0xca0
[ 1046.826271][T17866]  genl_rcv+0x28/0x40
[ 1046.827311][T17866]  netlink_unicast+0x53c/0x7f0
[ 1046.828570][T17866]  ? __pfx_netlink_unicast+0x10/0x10
[ 1046.829957][T17866]  ? __phys_addr_symbol+0x30/0x80
[ 1046.831271][T17866]  ? __check_object_size+0x4a1/0x710
[ 1046.832656][T17866]  netlink_sendmsg+0x8b8/0xd70
[ 1046.833918][T17866]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1046.835249][T17866]  ____sys_sendmsg+0x9ae/0xb40
[ 1046.836474][T17866]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1046.837803][T17866]  ? get_compat_msghdr+0x11b/0x170
[ 1046.839107][T17866]  ? rcu_is_watching+0x12/0xc0
[ 1046.840411][T17866]  ? lock_release+0x4e2/0x6f0
[ 1046.841642][T17866]  ? get_pid_task+0xfc/0x250
[ 1046.842853][T17866]  ___sys_sendmsg+0x135/0x1e0
[ 1046.844104][T17866]  ? get_pid_task+0x35/0x250
[ 1046.845305][T17866]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1046.846668][T17866]  ? lock_release+0x4e2/0x6f0
[ 1046.847922][T17866]  ? __pfx_lock_release+0x10/0x10
[ 1046.849235][T17866]  ? trace_lock_acquire+0x14e/0x1f0
[ 1046.850604][T17866]  ? __fget_files+0x206/0x3a0
[ 1046.852078][T17866]  __sys_sendmsg+0x16e/0x220
[ 1046.853456][T17866]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1046.854782][T17866]  ? rcu_is_watching+0x12/0xc0
[ 1046.856043][T17866]  __do_fast_syscall_32+0x73/0x120
[ 1046.857370][T17866]  do_fast_syscall_32+0x32/0x80
[ 1046.858659][T17866]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1046.860333][T17866] RIP: 0023:0xf7fa2579
[ 1046.861421][T17866] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1046.866439][T17866] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1046.868599][T17866] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[ 1046.870652][T17866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1046.872716][T17866] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1046.874744][T17866] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1046.876813][T17866] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1046.878825][T17866]  </TASK>
[ 1046.879732][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1046.921880][T17872] FAULT_INJECTION: forcing a failure.
[ 1046.921880][T17872] name failslab, interval 1, probability 0, space 0, times 0
[ 1046.925160][T17872] CPU: 2 UID: 0 PID: 17872 Comm: syz.4.2824 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1046.927999][T17872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1046.930763][T17872] Call Trace:
[ 1046.931636][T17872]  <TASK>
[ 1046.932398][T17872]  dump_stack_lvl+0x16c/0x1f0
[ 1046.933804][T17872]  should_fail_ex+0x497/0x5b0
[ 1046.935239][T17872]  ? fs_reclaim_acquire+0xae/0x150
[ 1046.936829][T17872]  should_failslab+0xc2/0x120
[ 1046.938147][T17872]  __kmalloc_noprof+0xce/0x4f0
[ 1046.939693][T17872]  ? rcu_is_watching+0x12/0xc0
[ 1046.941111][T17872]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[ 1046.943024][T17872]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[ 1046.945136][T17872]  genl_family_rcv_msg_doit+0xbf/0x2f0
[ 1046.946792][T17872]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1046.948547][T17872]  ? genl_get_cmd+0x195/0x580
[ 1046.950114][T17872]  ? __dev_queue_xmit+0x89b/0x43e0
[ 1046.951881][T17872]  ? __radix_tree_lookup+0x21f/0x2c0
[ 1046.953389][T17872]  genl_rcv_msg+0x565/0x800
[ 1046.954568][T17872]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1046.956223][T17872]  ? __pfx_ethnl_default_doit+0x10/0x10
[ 1046.957671][T17872]  netlink_rcv_skb+0x165/0x410
[ 1046.959065][T17872]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1046.960453][T17872]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1046.961836][T17872]  ? down_read+0xc9/0x330
[ 1046.962981][T17872]  ? __pfx_down_read+0x10/0x10
[ 1046.964250][T17872]  ? netlink_deliver_tap+0x1ae/0xca0
[ 1046.965621][T17872]  genl_rcv+0x28/0x40
[ 1046.966709][T17872]  netlink_unicast+0x53c/0x7f0
[ 1046.967969][T17872]  ? __pfx_netlink_unicast+0x10/0x10
[ 1046.969349][T17872]  ? __phys_addr_symbol+0x30/0x80
[ 1046.970662][T17872]  ? __check_object_size+0x488/0x710
[ 1046.972041][T17872]  netlink_sendmsg+0x8b8/0xd70
[ 1046.973287][T17872]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1046.974651][T17872]  ____sys_sendmsg+0x9ae/0xb40
[ 1046.975910][T17872]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1046.977333][T17872]  ? get_compat_msghdr+0x11b/0x170
[ 1046.978659][T17872]  ? rcu_is_watching+0x12/0xc0
[ 1046.979917][T17872]  ? lock_release+0x4e2/0x6f0
[ 1046.981137][T17872]  ? get_pid_task+0xfc/0x250
[ 1046.982336][T17872]  ___sys_sendmsg+0x135/0x1e0
[ 1046.983560][T17872]  ? get_pid_task+0x35/0x250
[ 1046.984761][T17872]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1046.986172][T17872]  ? lock_release+0x4e2/0x6f0
[ 1046.987410][T17872]  ? __pfx_lock_release+0x10/0x10
[ 1046.988723][T17872]  ? trace_lock_acquire+0x14e/0x1f0
[ 1046.990079][T17872]  ? __fget_files+0x206/0x3a0
[ 1046.991307][T17872]  __sys_sendmsg+0x16e/0x220
[ 1046.992522][T17872]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1046.993854][T17872]  ? rcu_is_watching+0x12/0xc0
[ 1046.995093][T17872]  __do_fast_syscall_32+0x73/0x120
[ 1046.996464][T17872]  do_fast_syscall_32+0x32/0x80
[ 1046.997719][T17872]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1046.999358][T17872] RIP: 0023:0xf7fa2579
[ 1047.000411][T17872] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1047.005351][T17872] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1047.007594][T17872] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1047.009626][T17872] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1047.011684][T17872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1047.013727][T17872] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1047.015772][T17872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1047.017855][T17872]  </TASK>
[ 1047.239782][ T5952] Bluetooth: hci1: command tx timeout
[ 1047.435948][ T5952] Bluetooth: Wrong link type (-71)
[ 1047.478594][T17888] FAULT_INJECTION: forcing a failure.
[ 1047.478594][T17888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1047.482039][T17888] CPU: 3 UID: 0 PID: 17888 Comm: syz.3.2830 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1047.484802][T17888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1047.487628][T17888] Call Trace:
[ 1047.488511][T17888]  <TASK>
[ 1047.489290][T17888]  dump_stack_lvl+0x16c/0x1f0
[ 1047.490550][T17888]  should_fail_ex+0x497/0x5b0
[ 1047.491809][T17888]  _copy_from_user+0x2e/0xd0
[ 1047.493028][T17888]  get_compat_msghdr+0xa8/0x170
[ 1047.494304][T17888]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1047.495745][T17888]  ? rcu_is_watching+0x12/0xc0
[ 1047.497006][T17888]  ? lock_release+0x4e2/0x6f0
[ 1047.498248][T17888]  ? get_pid_task+0xfc/0x250
[ 1047.499468][T17888]  ___sys_sendmsg+0x1b0/0x1e0
[ 1047.500703][T17888]  ? get_pid_task+0x35/0x250
[ 1047.501920][T17888]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1047.503277][T17888]  ? lock_release+0x4e2/0x6f0
[ 1047.504536][T17888]  ? __pfx_lock_release+0x10/0x10
[ 1047.505869][T17888]  ? trace_lock_acquire+0x14e/0x1f0
[ 1047.507250][T17888]  ? __fget_files+0x206/0x3a0
[ 1047.508509][T17888]  __sys_sendmsg+0x16e/0x220
[ 1047.509719][T17888]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1047.511058][T17888]  ? rcu_is_watching+0x12/0xc0
[ 1047.512318][T17888]  __do_fast_syscall_32+0x73/0x120
[ 1047.513625][T17888]  do_fast_syscall_32+0x32/0x80
[ 1047.514904][T17888]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1047.516574][T17888] RIP: 0023:0xf7fc7579
[ 1047.517654][T17888] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1047.522645][T17888] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1047.524864][T17888] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000400
[ 1047.526943][T17888] RDX: 0000000004000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1047.529027][T17888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1047.531081][T17888] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1047.533317][T17888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1047.535511][T17888]  </TASK>
[ 1047.560990][T17891] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1047.645819][ T1199] tipc: Subscription rejected, illegal request
[ 1047.745876][T17905] netlink: 188 bytes leftover after parsing attributes in process `syz.5.2835'.
[ 1047.749671][T17905] netlink: 'syz.5.2835': attribute type 1 has an invalid length.
[ 1047.807712][T17912] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2838'.
[ 1047.815818][T17912] netlink: 'syz.3.2838': attribute type 1 has an invalid length.
[ 1047.940359][T17874] block nbd4: shutting down sockets
[ 1047.949885][T17916] overlayfs: failed to clone upperpath
[ 1048.027101][T17918] overlayfs: failed to clone lowerpath
[ 1048.038249][T17918] overlayfs: failed to clone upperpath
[ 1048.529439][T17950] FAULT_INJECTION: forcing a failure.
[ 1048.529439][T17950] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1048.532911][T17950] CPU: 3 UID: 0 PID: 17950 Comm: syz.3.2855 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1048.535714][T17950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1048.538463][T17950] Call Trace:
[ 1048.539358][T17950]  <TASK>
[ 1048.540135][T17950]  dump_stack_lvl+0x16c/0x1f0
[ 1048.541357][T17950]  should_fail_ex+0x497/0x5b0
[ 1048.542581][T17950]  _copy_from_user+0x2e/0xd0
[ 1048.543787][T17950]  get_compat_msghdr+0xa8/0x170
[ 1048.545099][T17950]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1048.546527][T17950]  ? rcu_is_watching+0x12/0xc0
[ 1048.547784][T17950]  ? lock_release+0x4e2/0x6f0
[ 1048.548983][T17950]  ? get_pid_task+0xfc/0x250
[ 1048.550160][T17950]  ___sys_sendmsg+0x1b0/0x1e0
[ 1048.551391][T17950]  ? get_pid_task+0x35/0x250
[ 1048.552555][T17950]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1048.553847][T17950]  ? lock_release+0x4e2/0x6f0
[ 1048.555070][T17950]  ? __pfx_lock_release+0x10/0x10
[ 1048.556321][T17950]  ? trace_lock_acquire+0x14e/0x1f0
[ 1048.557626][T17950]  ? __fget_files+0x206/0x3a0
[ 1048.558819][T17950]  __sys_sendmsg+0x16e/0x220
[ 1048.560010][T17950]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1048.561316][T17950]  ? rcu_is_watching+0x12/0xc0
[ 1048.562533][T17950]  __do_fast_syscall_32+0x73/0x120
[ 1048.563852][T17950]  do_fast_syscall_32+0x32/0x80
[ 1048.565082][T17950]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1048.566771][T17950] RIP: 0023:0xf7fc7579
[ 1048.567839][T17950] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1048.572688][T17950] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1048.574849][T17950] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000600
[ 1048.576956][T17950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1048.578996][T17950] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1048.581056][T17950] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1048.583108][T17950] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1048.585140][T17950]  </TASK>
[ 1048.602801][T17952] netlink: 188 bytes leftover after parsing attributes in process `syz.5.2853'.
[ 1048.605184][T17952] netlink: 'syz.5.2853': attribute type 1 has an invalid length.
[ 1048.617465][T17953] virtio-fs: tag <(null)> not found
[ 1048.640088][T17953] overlayfs: failed to clone upperpath
[ 1048.734787][T17959] netlink: 'syz.3.2859': attribute type 12 has an invalid length.
[ 1048.911136][T17974] FAULT_INJECTION: forcing a failure.
[ 1048.911136][T17974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1048.925375][T17974] CPU: 2 UID: 0 PID: 17974 Comm: syz.3.2865 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1048.928314][T17974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1048.931067][T17974] Call Trace:
[ 1048.931959][T17974]  <TASK>
[ 1048.932747][T17974]  dump_stack_lvl+0x16c/0x1f0
[ 1048.933979][T17974]  should_fail_ex+0x497/0x5b0
[ 1048.935209][T17974]  _copy_from_user+0x2e/0xd0
[ 1048.936439][T17974]  bpf_test_init.isra.0+0xf1/0x150
[ 1048.937789][T17974]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1048.939309][T17974]  bpf_prog_test_run_skb+0x250/0x22c0
[ 1048.940705][T17974]  ? rcu_is_watching+0x12/0xc0
[ 1048.941956][T17974]  ? __fget_files+0x40/0x3a0
[ 1048.943171][T17974]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1048.944688][T17974]  ? fput+0x67/0x440
[ 1048.945729][T17974]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1048.947229][T17974]  __sys_bpf+0x1921/0x57a0
[ 1048.948413][T17974]  ? __pfx_lock_release+0x10/0x10
[ 1048.949729][T17974]  ? __pfx___sys_bpf+0x10/0x10
[ 1048.951162][T17974]  ? vfs_write+0x306/0x1150
[ 1048.952413][T17974]  ? __mutex_unlock_slowpath+0x164/0x690
[ 1048.953871][T17974]  ? fput+0x67/0x440
[ 1048.954894][T17974]  ? ksys_write+0x1ba/0x250
[ 1048.956084][T17974]  ? __pfx_ksys_write+0x10/0x10
[ 1048.957368][T17974]  __ia32_sys_bpf+0x76/0xe0
[ 1048.958569][T17974]  __do_fast_syscall_32+0x73/0x120
[ 1048.959913][T17974]  do_fast_syscall_32+0x32/0x80
[ 1048.961176][T17974]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1048.962804][T17974] RIP: 0023:0xf7fc7579
[ 1048.963897][T17974] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1048.968666][T17974] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1048.970735][T17974] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0
[ 1048.972808][T17974] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1048.974904][T17974] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1048.976970][T17974] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1048.979018][T17974] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1048.981076][T17974]  </TASK>
[ 1049.335078][T17989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2872'.
[ 1049.426389][T17994] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2871'.
[ 1049.429434][T17994] netlink: 'syz.3.2871': attribute type 1 has an invalid length.
[ 1049.463703][ T5952] Bluetooth: hci1: command tx timeout
[ 1050.102481][T18025] FAULT_INJECTION: forcing a failure.
[ 1050.102481][T18025] name failslab, interval 1, probability 0, space 0, times 0
[ 1050.107220][T18025] CPU: 1 UID: 0 PID: 18025 Comm: syz.3.2886 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1050.110036][T18025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1050.112796][T18025] Call Trace:
[ 1050.113672][T18025]  <TASK>
[ 1050.114460][T18025]  dump_stack_lvl+0x16c/0x1f0
[ 1050.115703][T18025]  should_fail_ex+0x497/0x5b0
[ 1050.116945][T18025]  ? fs_reclaim_acquire+0xae/0x150
[ 1050.118325][T18025]  should_failslab+0xc2/0x120
[ 1050.119568][T18025]  __kmalloc_noprof+0xce/0x4f0
[ 1050.120824][T18025]  ? trace_lock_acquire+0x14e/0x1f0
[ 1050.122183][T18025]  ? bpf_test_init.isra.0+0xa5/0x150
[ 1050.123558][T18025]  bpf_test_init.isra.0+0xa5/0x150
[ 1050.124885][T18025]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1050.126401][T18025]  bpf_prog_test_run_skb+0x250/0x22c0
[ 1050.127801][T18025]  ? rcu_is_watching+0x12/0xc0
[ 1050.129051][T18025]  ? __fget_files+0x40/0x3a0
[ 1050.130271][T18025]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1050.131803][T18025]  ? fput+0x67/0x440
[ 1050.132835][T18025]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1050.134401][T18025]  __sys_bpf+0x1921/0x57a0
[ 1050.135616][T18025]  ? __pfx_lock_release+0x10/0x10
[ 1050.136925][T18025]  ? __pfx___sys_bpf+0x10/0x10
[ 1050.138170][T18025]  ? vfs_write+0x306/0x1150
[ 1050.139354][T18025]  ? __mutex_unlock_slowpath+0x164/0x690
[ 1050.140820][T18025]  ? fput+0x67/0x440
[ 1050.141845][T18025]  ? ksys_write+0x1ba/0x250
[ 1050.143027][T18025]  ? __pfx_ksys_write+0x10/0x10
[ 1050.144332][T18025]  __ia32_sys_bpf+0x76/0xe0
[ 1050.145514][T18025]  __do_fast_syscall_32+0x73/0x120
[ 1050.146866][T18025]  do_fast_syscall_32+0x32/0x80
[ 1050.148138][T18025]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1050.149708][T18025] RIP: 0023:0xf7fc7579
[ 1050.150756][T18025] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1050.155508][T18025] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1050.157581][T18025] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0
[ 1050.159623][T18025] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1050.161656][T18025] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1050.163695][T18025] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1050.165732][T18025] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1050.167765][T18025]  </TASK>
[ 1050.181333][T18027] tc_dump_action: action bad kind
[ 1050.581834][T18051] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2894'.
[ 1050.584331][T18051] netlink: 'syz.3.2894': attribute type 1 has an invalid length.
[ 1050.766398][T18058] FAULT_INJECTION: forcing a failure.
[ 1050.766398][T18058] name failslab, interval 1, probability 0, space 0, times 0
[ 1050.769786][T18058] CPU: 2 UID: 0 PID: 18058 Comm: syz.3.2897 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1050.772551][T18058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1050.775316][T18058] Call Trace:
[ 1050.776205][T18058]  <TASK>
[ 1050.776984][T18058]  dump_stack_lvl+0x16c/0x1f0
[ 1050.778228][T18058]  should_fail_ex+0x497/0x5b0
[ 1050.779477][T18058]  ? fs_reclaim_acquire+0xae/0x150
[ 1050.780819][T18058]  should_failslab+0xc2/0x120
[ 1050.782050][T18058]  __kmalloc_node_track_caller_noprof+0xcf/0x520
[ 1050.783689][T18058]  ? lock_release+0x4e2/0x6f0
[ 1050.784916][T18058]  ? is_bpf_text_address+0x8a/0x1a0
[ 1050.786277][T18058]  ? kvasprintf_const+0x66/0x1a0
[ 1050.787570][T18058]  kvasprintf+0xbd/0x160
[ 1050.788684][T18058]  ? __pfx_kvasprintf+0x10/0x10
[ 1050.789967][T18058]  ? __lruvec_stat_mod_folio+0xa0/0x360
[ 1050.791408][T18058]  ? lock_acquire+0x2f/0xb0
[ 1050.792596][T18058]  ? __lruvec_stat_mod_folio+0xa0/0x360
[ 1050.794037][T18058]  kvasprintf_const+0x66/0x1a0
[ 1050.795300][T18058]  kobject_set_name_vargs+0x5a/0x140
[ 1050.796678][T18058]  dev_set_name+0xc8/0x100
[ 1050.797848][T18058]  ? __pfx_dev_set_name+0x10/0x10
[ 1050.799168][T18058]  ? rcu_is_watching+0x12/0xc0
[ 1050.800421][T18058]  ? trace_kmalloc+0x2d/0xd0
[ 1050.801630][T18058]  ? __kmalloc_noprof.cold+0x5e/0x63
[ 1050.803019][T18058]  ? rcu_is_watching+0x12/0xc0
[ 1050.804278][T18058]  ? wiphy_new_nm+0x701/0x2160
[ 1050.805524][T18058]  ? lock_release+0x4e2/0x6f0
[ 1050.806759][T18058]  ? wiphy_new_nm+0x797/0x2160
[ 1050.808011][T18058]  wiphy_new_nm+0x811/0x2160
[ 1050.809218][T18058]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[ 1050.810902][T18058]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[ 1050.812655][T18058]  ieee80211_alloc_hw_nm+0x1b7a/0x2260
[ 1050.814084][T18058]  ? trace_irq_enable.constprop.0+0xea/0x140
[ 1050.815654][T18058]  mac80211_hwsim_new_radio+0x201/0x56c0
[ 1050.817120][T18058]  ? do_fast_syscall_32+0x32/0x80
[ 1050.818437][T18058]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1050.820145][T18058]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1050.821734][T18058]  hwsim_new_radio_nl+0xb42/0x12b0
[ 1050.823076][T18058]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1050.824519][T18058]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1050.826421][T18058]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1050.828328][T18058]  genl_family_rcv_msg_doit+0x202/0x2f0
[ 1050.829773][T18058]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1050.831364][T18058]  ? genl_get_cmd+0x195/0x580
[ 1050.832588][T18058]  ? bpf_lsm_capable+0x9/0x10
[ 1050.833825][T18058]  ? security_capable+0x7e/0x260
[ 1050.835120][T18058]  ? ns_capable+0xd7/0x110
[ 1050.836298][T18058]  genl_rcv_msg+0x565/0x800
[ 1050.837484][T18058]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1050.838797][T18058]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1050.840239][T18058]  netlink_rcv_skb+0x165/0x410
[ 1050.841488][T18058]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1050.842799][T18058]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1050.844175][T18058]  ? down_read+0xc9/0x330
[ 1050.845384][T18058]  ? __pfx_down_read+0x10/0x10
[ 1050.846980][T18058]  ? netlink_deliver_tap+0x1ae/0xca0
[ 1050.848392][T18058]  genl_rcv+0x28/0x40
[ 1050.849449][T18058]  netlink_unicast+0x53c/0x7f0
[ 1050.850697][T18058]  ? __pfx_netlink_unicast+0x10/0x10
[ 1050.852082][T18058]  ? __phys_addr_symbol+0x30/0x80
[ 1050.853401][T18058]  ? __check_object_size+0x4a1/0x710
[ 1050.854777][T18058]  netlink_sendmsg+0x8b8/0xd70
[ 1050.856033][T18058]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1050.857400][T18058]  ____sys_sendmsg+0x9ae/0xb40
[ 1050.858644][T18058]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1050.860028][T18058]  ? get_compat_msghdr+0x11b/0x170
[ 1050.861371][T18058]  ? rcu_is_watching+0x12/0xc0
[ 1050.862604][T18058]  ? lock_release+0x4e2/0x6f0
[ 1050.863815][T18058]  ? get_pid_task+0xfc/0x250
[ 1050.865024][T18058]  ___sys_sendmsg+0x135/0x1e0
[ 1050.866266][T18058]  ? get_pid_task+0x35/0x250
[ 1050.867482][T18058]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1050.868842][T18058]  ? lock_release+0x4e2/0x6f0
[ 1050.870080][T18058]  ? __pfx_lock_release+0x10/0x10
[ 1050.871408][T18058]  ? trace_lock_acquire+0x14e/0x1f0
[ 1050.872760][T18058]  ? __fget_files+0x206/0x3a0
[ 1050.873957][T18058]  __sys_sendmsg+0x16e/0x220
[ 1050.875123][T18058]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1050.876422][T18058]  ? rcu_is_watching+0x12/0xc0
[ 1050.877616][T18058]  __do_fast_syscall_32+0x73/0x120
[ 1050.878905][T18058]  do_fast_syscall_32+0x32/0x80
[ 1050.880141][T18058]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1050.881725][T18058] RIP: 0023:0xf7fc7579
[ 1050.882760][T18058] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1050.887692][T18058] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1050.889863][T18058] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[ 1050.891927][T18058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1050.893974][T18058] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1050.896015][T18058] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1050.897977][T18058] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1050.899943][T18058]  </TASK>
[ 1050.922217][T18060] FAULT_INJECTION: forcing a failure.
[ 1050.922217][T18060] name failslab, interval 1, probability 0, space 0, times 0
[ 1050.925640][T18060] CPU: 3 UID: 0 PID: 18060 Comm: syz.3.2898 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1050.928474][T18060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1050.931217][T18060] Call Trace:
[ 1050.932122][T18060]  <TASK>
[ 1050.932903][T18060]  dump_stack_lvl+0x16c/0x1f0
[ 1050.934119][T18060]  should_fail_ex+0x497/0x5b0
[ 1050.935379][T18060]  ? fs_reclaim_acquire+0xae/0x150
[ 1050.936721][T18060]  should_failslab+0xc2/0x120
[ 1050.938049][T18060]  __kmalloc_noprof+0xce/0x4f0
[ 1050.939433][T18060]  ? rcu_is_watching+0x12/0xc0
[ 1050.940691][T18060]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[ 1050.942608][T18060]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[ 1050.944469][T18060]  genl_family_rcv_msg_doit+0xbf/0x2f0
[ 1050.945905][T18060]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1050.947512][T18060]  ? genl_get_cmd+0x195/0x580
[ 1050.948756][T18060]  ? __dev_queue_xmit+0x89b/0x43e0
[ 1050.950094][T18060]  ? __radix_tree_lookup+0x21f/0x2c0
[ 1050.951495][T18060]  genl_rcv_msg+0x565/0x800
[ 1050.952689][T18060]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1050.954009][T18060]  ? __pfx_ethnl_default_doit+0x10/0x10
[ 1050.955473][T18060]  netlink_rcv_skb+0x165/0x410
[ 1050.956735][T18060]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1050.958055][T18060]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1050.959461][T18060]  ? down_read+0xc9/0x330
[ 1050.960599][T18060]  ? __pfx_down_read+0x10/0x10
[ 1050.961870][T18060]  ? netlink_deliver_tap+0x1ae/0xca0
[ 1050.963232][T18060]  genl_rcv+0x28/0x40
[ 1050.964261][T18060]  netlink_unicast+0x53c/0x7f0
[ 1050.965486][T18060]  ? __pfx_netlink_unicast+0x10/0x10
[ 1050.966877][T18060]  ? __phys_addr_symbol+0x30/0x80
[ 1050.968228][T18060]  ? __check_object_size+0x4a1/0x710
[ 1050.969619][T18060]  netlink_sendmsg+0x8b8/0xd70
[ 1050.970878][T18060]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1050.972298][T18060]  ____sys_sendmsg+0x9ae/0xb40
[ 1050.973558][T18060]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1050.974938][T18060]  ? get_compat_msghdr+0x11b/0x170
[ 1050.976303][T18060]  ? rcu_is_watching+0x12/0xc0
[ 1050.977567][T18060]  ? lock_release+0x4e2/0x6f0
[ 1050.978817][T18060]  ? get_pid_task+0xfc/0x250
[ 1050.980063][T18060]  ___sys_sendmsg+0x135/0x1e0
[ 1050.981304][T18060]  ? get_pid_task+0x35/0x250
[ 1050.982600][T18060]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1050.983990][T18060]  ? lock_release+0x4e2/0x6f0
[ 1050.985237][T18060]  ? __pfx_lock_release+0x10/0x10
[ 1050.986573][T18060]  ? trace_lock_acquire+0x14e/0x1f0
[ 1050.987968][T18060]  ? __fget_files+0x206/0x3a0
[ 1050.989212][T18060]  __sys_sendmsg+0x16e/0x220
[ 1050.990434][T18060]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1050.991802][T18060]  ? rcu_is_watching+0x12/0xc0
[ 1050.993070][T18060]  __do_fast_syscall_32+0x73/0x120
[ 1050.994420][T18060]  do_fast_syscall_32+0x32/0x80
[ 1050.995744][T18060]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1050.997392][T18060] RIP: 0023:0xf7fc7579
[ 1050.998460][T18060] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1051.003478][T18060] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1051.005648][T18060] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1051.007735][T18060] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1051.009790][T18060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1051.011870][T18060] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1051.013928][T18060] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1051.016001][T18060]  </TASK>
[ 1051.423811][T18081] netlink: 188 bytes leftover after parsing attributes in process `syz.4.2905'.
[ 1051.426357][T18081] netlink: 'syz.4.2905': attribute type 1 has an invalid length.
[ 1051.479733][T18091] fuse: Bad value for 'rootmode'
[ 1051.510915][T18098] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow
[ 1051.513700][T18098] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2912'.
[ 1051.518928][T18100] net_ratelimit: 186 callbacks suppressed
[ 1051.518939][T18100] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 1052.289516][T18128] unsupported nlmsg_type 40
[ 1052.690023][T18136] netlink: 188 bytes leftover after parsing attributes in process `syz.5.2925'.
[ 1052.694013][T18136] netlink: 'syz.5.2925': attribute type 1 has an invalid length.
[ 1052.849684][T18162] FAULT_INJECTION: forcing a failure.
[ 1052.849684][T18162] name failslab, interval 1, probability 0, space 0, times 0
[ 1052.853036][T18162] CPU: 1 UID: 0 PID: 18162 Comm: syz.4.2933 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1052.856006][T18162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1052.859616][T18162] Call Trace:
[ 1052.860833][T18162]  <TASK>
[ 1052.861688][T18162]  dump_stack_lvl+0x16c/0x1f0
[ 1052.862875][T18162]  should_fail_ex+0x497/0x5b0
[ 1052.864148][T18162]  ? fs_reclaim_acquire+0xae/0x150
[ 1052.865511][T18162]  should_failslab+0xc2/0x120
[ 1052.866770][T18162]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[ 1052.868434][T18162]  ? is_bpf_text_address+0x30/0x1a0
[ 1052.869775][T18162]  ? __alloc_skb+0x2b3/0x380
[ 1052.870976][T18162]  ? is_bpf_text_address+0x30/0x1a0
[ 1052.872335][T18162]  __alloc_skb+0x2b3/0x380
[ 1052.873503][T18162]  ? __pfx___alloc_skb+0x10/0x10
[ 1052.874779][T18162]  ? kernel_text_address+0x8d/0x100
[ 1052.876143][T18162]  ? kernel_text_address+0x90/0x100
[ 1052.877642][T18162]  netlink_alloc_large_skb+0x69/0x130
[ 1052.879013][T18162]  netlink_sendmsg+0x689/0xd70
[ 1052.880268][T18162]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1052.881651][T18162]  ____sys_sendmsg+0x9ae/0xb40
[ 1052.882877][T18162]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1052.884216][T18162]  ? get_compat_msghdr+0x11b/0x170
[ 1052.885540][T18162]  ? rcu_is_watching+0x12/0xc0
[ 1052.886851][T18162]  ? lock_release+0x4e2/0x6f0
[ 1052.888077][T18162]  ? get_pid_task+0xfc/0x250
[ 1052.889270][T18162]  ___sys_sendmsg+0x135/0x1e0
[ 1052.890488][T18162]  ? get_pid_task+0x35/0x250
[ 1052.891700][T18162]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1052.893033][T18162]  ? lock_release+0x4e2/0x6f0
[ 1052.894253][T18162]  ? __pfx_lock_release+0x10/0x10
[ 1052.895544][T18162]  ? trace_lock_acquire+0x14e/0x1f0
[ 1052.896929][T18162]  ? __fget_files+0x206/0x3a0
[ 1052.898622][T18162]  __sys_sendmsg+0x16e/0x220
[ 1052.900175][T18162]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1052.901552][T18162]  ? rcu_is_watching+0x12/0xc0
[ 1052.902795][T18162]  __do_fast_syscall_32+0x73/0x120
[ 1052.904170][T18162]  do_fast_syscall_32+0x32/0x80
[ 1052.905438][T18162]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1052.907096][T18162] RIP: 0023:0xf7fa2579
[ 1052.908203][T18162] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1052.913038][T18162] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1052.915383][T18162] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000600
[ 1052.917425][T18162] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1052.919526][T18162] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1052.921798][T18162] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1052.923832][T18162] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1052.925863][T18162]  </TASK>
[ 1053.017943][T18128] orangefs_mount: mount request failed with -4
[ 1053.084441][T18179] netlink: 'syz.3.2938': attribute type 12 has an invalid length.
[ 1053.212643][T18181] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2939'.
[ 1053.214991][T18181] netlink: 'syz.3.2939': attribute type 1 has an invalid length.
[ 1053.236438][T18190] FAULT_INJECTION: forcing a failure.
[ 1053.236438][T18190] name failslab, interval 1, probability 0, space 0, times 0
[ 1053.240933][T18190] CPU: 0 UID: 0 PID: 18190 Comm: syz.3.2942 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1053.244072][T18190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1053.246807][T18190] Call Trace:
[ 1053.247678][T18190]  <TASK>
[ 1053.248444][T18190]  dump_stack_lvl+0x16c/0x1f0
[ 1053.249653][T18190]  should_fail_ex+0x497/0x5b0
[ 1053.250852][T18190]  ? fs_reclaim_acquire+0xae/0x150
[ 1053.252162][T18190]  should_failslab+0xc2/0x120
[ 1053.253360][T18190]  __kmalloc_noprof+0xce/0x4f0
[ 1053.254574][T18190]  ? __might_fault+0xe3/0x190
[ 1053.255773][T18190]  ? sk_prot_alloc+0x1a8/0x2a0
[ 1053.256975][T18190]  sk_prot_alloc+0x1a8/0x2a0
[ 1053.258154][T18190]  sk_alloc+0x36/0xb90
[ 1053.259372][T18190]  bpf_prog_test_run_skb+0x335/0x22c0
[ 1053.260759][T18190]  ? rcu_is_watching+0x12/0xc0
[ 1053.261962][T18190]  ? __fget_files+0x40/0x3a0
[ 1053.263149][T18190]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1053.264696][T18190]  ? fput+0x67/0x440
[ 1053.265712][T18190]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1053.267213][T18190]  __sys_bpf+0x1921/0x57a0
[ 1053.268349][T18190]  ? __pfx_lock_release+0x10/0x10
[ 1053.269677][T18190]  ? __pfx___sys_bpf+0x10/0x10
[ 1053.270914][T18190]  ? vfs_write+0x306/0x1150
[ 1053.272068][T18190]  ? __mutex_unlock_slowpath+0x164/0x690
[ 1053.273481][T18190]  ? fput+0x67/0x440
[ 1053.274462][T18190]  ? ksys_write+0x1ba/0x250
[ 1053.275606][T18190]  ? __pfx_ksys_write+0x10/0x10
[ 1053.277146][T18190]  __ia32_sys_bpf+0x76/0xe0
[ 1053.278448][T18190]  __do_fast_syscall_32+0x73/0x120
[ 1053.279803][T18190]  do_fast_syscall_32+0x32/0x80
[ 1053.281010][T18190]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1053.282623][T18190] RIP: 0023:0xf7fc7579
[ 1053.283670][T18190] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1053.288381][T18190] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1053.290362][T18190] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0
[ 1053.292345][T18190] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1053.294223][T18190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1053.296115][T18190] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1053.298005][T18190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1053.300050][T18190]  </TASK>
[ 1053.300887][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1053.325058][T18188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2943'.
[ 1053.478748][ T5952] Bluetooth: hci0: ACL packet for unknown connection handle 200
[ 1054.178916][T18221] netlink: 188 bytes leftover after parsing attributes in process `syz.4.2951'.
[ 1054.181738][T18221] netlink: 'syz.4.2951': attribute type 1 has an invalid length.
[ 1054.417699][T18231] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2955'.
[ 1054.606858][T12676] e1000 0000:00:06.0 eth0: Reset adapter
[ 1054.733821][ T5952] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 1055.093526][T18270] netlink: 188 bytes leftover after parsing attributes in process `syz.5.2960'.
[ 1055.095981][T18270] netlink: 'syz.5.2960': attribute type 1 has an invalid length.
[ 1056.990610][ T5983] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1063.471249][T18304] FAULT_INJECTION: forcing a failure.
[ 1063.471249][T18304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1063.474342][T18304] CPU: 3 UID: 0 PID: 18304 Comm: syz.5.2966 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1063.477246][T18304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1063.480082][T18304] Call Trace:
[ 1063.480962][T18304]  <TASK>
[ 1063.481720][T18304]  dump_stack_lvl+0x16c/0x1f0
[ 1063.482936][T18304]  should_fail_ex+0x497/0x5b0
[ 1063.484325][T18304]  _copy_from_user+0x2e/0xd0
[ 1063.485579][T18304]  bpf_test_init.isra.0+0xf1/0x150
[ 1063.486919][T18304]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1063.488441][T18304]  bpf_prog_test_run_skb+0x250/0x22c0
[ 1063.489849][T18304]  ? rcu_is_watching+0x12/0xc0
[ 1063.491095][T18304]  ? __fget_files+0x40/0x3a0
[ 1063.492309][T18304]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1063.493823][T18304]  ? fput+0x67/0x440
[ 1063.494851][T18304]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1063.496367][T18304]  __sys_bpf+0x1921/0x57a0
[ 1063.497526][T18304]  ? __pfx_lock_release+0x10/0x10
[ 1063.498739][T18304]  ? __pfx___sys_bpf+0x10/0x10
[ 1063.499955][T18304]  ? vfs_write+0x306/0x1150
[ 1063.501159][T18304]  ? __mutex_unlock_slowpath+0x164/0x690
[ 1063.502607][T18304]  ? fput+0x67/0x440
[ 1063.503642][T18304]  ? ksys_write+0x1ba/0x250
[ 1063.504836][T18304]  ? __pfx_ksys_write+0x10/0x10
[ 1063.506101][T18304]  __ia32_sys_bpf+0x76/0xe0
[ 1063.507189][T18304]  __do_fast_syscall_32+0x73/0x120
[ 1063.508343][T18304]  do_fast_syscall_32+0x32/0x80
[ 1063.509555][T18304]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1063.511250][T18304] RIP: 0023:0xf7fb2579
[ 1063.512314][T18304] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1063.517267][T18304] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1063.519427][T18304] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0
[ 1063.521471][T18304] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1063.523575][T18304] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1063.525654][T18304] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1063.527711][T18304] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1063.529756][T18304]  </TASK>
[ 1063.598398][T18305] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2967'.
[ 1063.967555][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1064.233172][T18348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2980'.
[ 1064.386403][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1064.573311][T18377] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2990'.
[ 1064.575695][T18377] netlink: 'syz.3.2990': attribute type 1 has an invalid length.
[ 1064.612308][T18372] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2989'.
[ 1064.701140][T18384] loop9: detected capacity change from 0 to 6
[ 1064.717819][T18384] Dev loop9: unable to read RDB block 6
[ 1064.774480][T18384]  loop9: unable to read partition table
[ 1064.776683][T18384] loop9: partition table beyond EOD, truncated
[ 1064.778804][T18384] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[ 1064.778804][T18384] 
) failed (rc=-5)
[ 1065.284980][T18396] FAULT_INJECTION: forcing a failure.
[ 1065.284980][T18396] name failslab, interval 1, probability 0, space 0, times 0
[ 1065.288591][T18396] CPU: 1 UID: 0 PID: 18396 Comm: syz.3.2993 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1065.292308][T18396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1065.295966][T18396] Call Trace:
[ 1065.297115][T18396]  <TASK>
[ 1065.298133][T18396]  dump_stack_lvl+0x16c/0x1f0
[ 1065.299770][T18396]  should_fail_ex+0x497/0x5b0
[ 1065.301394][T18396]  ? fs_reclaim_acquire+0xae/0x150
[ 1065.303138][T18396]  should_failslab+0xc2/0x120
[ 1065.304801][T18396]  __kmalloc_noprof+0xce/0x4f0
[ 1065.306456][T18396]  ? rfkill_alloc+0xa8/0x2c0
[ 1065.308064][T18396]  rfkill_alloc+0xa8/0x2c0
[ 1065.309591][T18396]  wiphy_new_nm+0x1217/0x2160
[ 1065.311247][T18396]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[ 1065.313425][T18396]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[ 1065.315661][T18396]  ieee80211_alloc_hw_nm+0x1b7a/0x2260
[ 1065.317523][T18396]  ? trace_irq_enable.constprop.0+0xea/0x140
[ 1065.319567][T18396]  mac80211_hwsim_new_radio+0x201/0x56c0
[ 1065.321487][T18396]  ? do_fast_syscall_32+0x32/0x80
[ 1065.323280][T18396]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1065.325491][T18396]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1065.327611][T18396]  hwsim_new_radio_nl+0xb42/0x12b0
[ 1065.329420][T18396]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1065.331338][T18396]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1065.333857][T18396]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1065.336390][T18396]  genl_family_rcv_msg_doit+0x202/0x2f0
[ 1065.338275][T18396]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1065.340455][T18396]  ? genl_get_cmd+0x195/0x580
[ 1065.342071][T18396]  ? bpf_lsm_capable+0x9/0x10
[ 1065.343705][T18396]  ? security_capable+0x7e/0x260
[ 1065.345435][T18396]  ? ns_capable+0xd7/0x110
[ 1065.347002][T18396]  genl_rcv_msg+0x565/0x800
[ 1065.348591][T18396]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1065.350327][T18396]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1065.352233][T18396]  netlink_rcv_skb+0x165/0x410
[ 1065.353945][T18396]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1065.355759][T18396]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1065.357652][T18396]  ? down_read+0xc9/0x330
[ 1065.359188][T18396]  ? __pfx_down_read+0x10/0x10
[ 1065.360816][T18396]  ? netlink_deliver_tap+0x1ae/0xca0
[ 1065.362269][T18396]  genl_rcv+0x28/0x40
[ 1065.363372][T18396]  netlink_unicast+0x53c/0x7f0
[ 1065.364669][T18396]  ? __pfx_netlink_unicast+0x10/0x10
[ 1065.366114][T18396]  ? __phys_addr_symbol+0x30/0x80
[ 1065.367505][T18396]  ? __check_object_size+0x4a1/0x710
[ 1065.368962][T18396]  netlink_sendmsg+0x8b8/0xd70
[ 1065.370273][T18396]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1065.371764][T18396]  ____sys_sendmsg+0x9ae/0xb40
[ 1065.373061][T18396]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1065.374467][T18396]  ? get_compat_msghdr+0x11b/0x170
[ 1065.375846][T18396]  ? rcu_is_watching+0x12/0xc0
[ 1065.377130][T18396]  ? lock_release+0x4e2/0x6f0
[ 1065.378387][T18396]  ? get_pid_task+0xfc/0x250
[ 1065.379662][T18396]  ___sys_sendmsg+0x135/0x1e0
[ 1065.380918][T18396]  ? get_pid_task+0x35/0x250
[ 1065.382153][T18396]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1065.383544][T18396]  ? lock_release+0x4e2/0x6f0
[ 1065.384825][T18396]  ? __pfx_lock_release+0x10/0x10
[ 1065.386168][T18396]  ? trace_lock_acquire+0x14e/0x1f0
[ 1065.387564][T18396]  ? __fget_files+0x206/0x3a0
[ 1065.388814][T18396]  __sys_sendmsg+0x16e/0x220
[ 1065.390034][T18396]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1065.391384][T18396]  ? rcu_is_watching+0x12/0xc0
[ 1065.392711][T18396]  __do_fast_syscall_32+0x73/0x120
[ 1065.394051][T18396]  do_fast_syscall_32+0x32/0x80
[ 1065.395377][T18396]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1065.397083][T18396] RIP: 0023:0xf7fc7579
[ 1065.398417][T18396] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1065.403459][T18396] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1065.405708][T18396] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[ 1065.407901][T18396] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1065.409994][T18396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1065.412069][T18396] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1065.414129][T18396] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1065.416241][T18396]  </TASK>
[ 1065.435864][T18398] FAULT_INJECTION: forcing a failure.
[ 1065.435864][T18398] name failslab, interval 1, probability 0, space 0, times 0
[ 1065.439819][T18398] CPU: 2 UID: 0 PID: 18398 Comm: syz.3.2994 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1065.443405][T18398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1065.447219][T18398] Call Trace:
[ 1065.448139][T18398]  <TASK>
[ 1065.448934][T18398]  dump_stack_lvl+0x16c/0x1f0
[ 1065.450191][T18398]  should_fail_ex+0x497/0x5b0
[ 1065.451459][T18398]  ? fs_reclaim_acquire+0xae/0x150
[ 1065.452814][T18398]  should_failslab+0xc2/0x120
[ 1065.454069][T18398]  __kmalloc_noprof+0xce/0x4f0
[ 1065.455360][T18398]  ? ethnl_default_doit+0x20f/0xbd0
[ 1065.457109][T18398]  ethnl_default_doit+0x20f/0xbd0
[ 1065.458458][T18398]  ? __nla_parse+0x40/0x60
[ 1065.459668][T18398]  ? __pfx_ethnl_default_doit+0x10/0x10
[ 1065.461136][T18398]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1065.463064][T18398]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1065.465014][T18398]  genl_family_rcv_msg_doit+0x202/0x2f0
[ 1065.466473][T18398]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1065.468077][T18398]  ? genl_get_cmd+0x195/0x580
[ 1065.469658][T18398]  ? __dev_queue_xmit+0x89b/0x43e0
[ 1065.471386][T18398]  ? __radix_tree_lookup+0x21f/0x2c0
[ 1065.473190][T18398]  genl_rcv_msg+0x565/0x800
[ 1065.474383][T18398]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1065.476093][T18398]  ? __pfx_ethnl_default_doit+0x10/0x10
[ 1065.477967][T18398]  netlink_rcv_skb+0x165/0x410
[ 1065.479604][T18398]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1065.481299][T18398]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1065.483173][T18398]  ? down_read+0xc9/0x330
[ 1065.484692][T18398]  ? __pfx_down_read+0x10/0x10
[ 1065.486367][T18398]  ? netlink_deliver_tap+0x1ae/0xca0
[ 1065.488202][T18398]  genl_rcv+0x28/0x40
[ 1065.489563][T18398]  netlink_unicast+0x53c/0x7f0
[ 1065.491190][T18398]  ? __pfx_netlink_unicast+0x10/0x10
[ 1065.493135][T18398]  ? __phys_addr_symbol+0x30/0x80
[ 1065.494880][T18398]  ? __check_object_size+0x488/0x710
[ 1065.496701][T18398]  netlink_sendmsg+0x8b8/0xd70
[ 1065.498329][T18398]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1065.500129][T18398]  ____sys_sendmsg+0x9ae/0xb40
[ 1065.501757][T18398]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1065.503607][T18398]  ? get_compat_msghdr+0x11b/0x170
[ 1065.505354][T18398]  ? rcu_is_watching+0x12/0xc0
[ 1065.507017][T18398]  ? lock_release+0x4e2/0x6f0
[ 1065.508628][T18398]  ? get_pid_task+0xfc/0x250
[ 1065.510209][T18398]  ___sys_sendmsg+0x135/0x1e0
[ 1065.511819][T18398]  ? get_pid_task+0x35/0x250
[ 1065.513413][T18398]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1065.515190][T18398]  ? lock_release+0x4e2/0x6f0
[ 1065.516795][T18398]  ? __pfx_lock_release+0x10/0x10
[ 1065.518494][T18398]  ? trace_lock_acquire+0x14e/0x1f0
[ 1065.520276][T18398]  ? __fget_files+0x206/0x3a0
[ 1065.521868][T18398]  __sys_sendmsg+0x16e/0x220
[ 1065.523600][T18398]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1065.525353][T18398]  ? rcu_is_watching+0x12/0xc0
[ 1065.526997][T18398]  __do_fast_syscall_32+0x73/0x120
[ 1065.528862][T18398]  do_fast_syscall_32+0x32/0x80
[ 1065.530529][T18398]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1065.532689][T18398] RIP: 0023:0xf7fc7579
[ 1065.534088][T18398] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1065.541085][T18398] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1065.543899][T18398] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1065.546541][T18398] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1065.549461][T18398] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1065.552130][T18398] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1065.554954][T18398] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1065.557084][T18398]  </TASK>
[ 1065.648657][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1065.681276][T18411] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2999'.
[ 1065.683651][T18411] netlink: 'syz.3.2999': attribute type 1 has an invalid length.
[ 1066.143904][T18428] syzkaller0: entered allmulticast mode
[ 1066.249619][   T39] audit: type=1326 audit(1733874471.171:7067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18431 comm="syz.5.3006" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb2579 code=0x0
[ 1066.686313][ T5952] Bluetooth: hci0: ACL packet for unknown connection handle 200
[ 1066.698208][T18446] syzkaller0: entered allmulticast mode
[ 1066.711968][T18454] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3011'.
[ 1066.714348][T18454] netlink: 'syz.3.3011': attribute type 1 has an invalid length.
[ 1067.606328][T18479] block device autoloading is deprecated and will be removed.
[ 1067.686125][T18482] netlink: 188 bytes leftover after parsing attributes in process `syz.5.3021'.
[ 1067.688874][T18482] netlink: 'syz.5.3021': attribute type 1 has an invalid length.
[ 1068.099240][T18510] netlink: 188 bytes leftover after parsing attributes in process `syz.5.3030'.
[ 1068.101633][T18510] netlink: 'syz.5.3030': attribute type 1 has an invalid length.
[ 1068.583321][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1068.804127][T18527] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1069.069371][T18544] netlink: 188 bytes leftover after parsing attributes in process `syz.4.3040'.
[ 1069.073152][T18544] netlink: 'syz.4.3040': attribute type 1 has an invalid length.
[ 1069.204189][ T5952] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 1070.038838][T18571] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3051'.
[ 1070.041346][T18571] netlink: 'syz.3.3051': attribute type 1 has an invalid length.
[ 1070.315187][T18593] 9pnet_fd: Insufficient options for proto=fd
[ 1070.393515][T18605] netlink: 188 bytes leftover after parsing attributes in process `syz.4.3063'.
[ 1070.396773][T18605] netlink: 'syz.4.3063': attribute type 1 has an invalid length.
[ 1070.418673][T18608] netlink: 'syz.4.3064': attribute type 12 has an invalid length.
[ 1070.524228][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1070.769934][T18629] nbd: must specify a device to reconfigure
[ 1070.829466][T18631] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3073'.
[ 1070.832004][T18631] netlink: 'syz.3.3073': attribute type 1 has an invalid length.
[ 1070.864523][T18633] FAULT_INJECTION: forcing a failure.
[ 1070.864523][T18633] name failslab, interval 1, probability 0, space 0, times 0
[ 1070.867955][T18633] CPU: 1 UID: 0 PID: 18633 Comm: syz.3.3074 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1070.870731][T18633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1070.873536][T18633] Call Trace:
[ 1070.874426][T18633]  <TASK>
[ 1070.875236][T18633]  dump_stack_lvl+0x16c/0x1f0
[ 1070.876475][T18633]  should_fail_ex+0x497/0x5b0
[ 1070.877746][T18633]  ? fs_reclaim_acquire+0xae/0x150
[ 1070.879073][T18633]  should_failslab+0xc2/0x120
[ 1070.880305][T18633]  __kmalloc_noprof+0xce/0x4f0
[ 1070.881542][T18633]  ? lsm_blob_alloc+0x68/0x90
[ 1070.882765][T18633]  lsm_blob_alloc+0x68/0x90
[ 1070.883956][T18633]  security_sk_alloc+0x30/0x270
[ 1070.885224][T18633]  sk_prot_alloc+0x1c7/0x2a0
[ 1070.886460][T18633]  sk_alloc+0x36/0xb90
[ 1070.887538][T18633]  bpf_prog_test_run_skb+0x335/0x22c0
[ 1070.888938][T18633]  ? rcu_is_watching+0x12/0xc0
[ 1070.890195][T18633]  ? __fget_files+0x40/0x3a0
[ 1070.891449][T18633]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1070.892973][T18633]  ? fput+0x67/0x440
[ 1070.894007][T18633]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1070.895543][T18633]  __sys_bpf+0x1921/0x57a0
[ 1070.896710][T18633]  ? finish_task_switch.isra.0+0x217/0xcc0
[ 1070.898239][T18633]  ? __pfx___sys_bpf+0x10/0x10
[ 1070.899506][T18633]  ? __schedule+0xe60/0x5ad0
[ 1070.900728][T18633]  ? fput+0x67/0x440
[ 1070.901762][T18633]  ? ksys_write+0x1ba/0x250
[ 1070.902952][T18633]  __ia32_sys_bpf+0x76/0xe0
[ 1070.904165][T18633]  __do_fast_syscall_32+0x73/0x120
[ 1070.905516][T18633]  do_fast_syscall_32+0x32/0x80
[ 1070.906787][T18633]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1070.908437][T18633] RIP: 0023:0xf7fc7579
[ 1070.909499][T18633] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1070.914431][T18633] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[ 1070.916600][T18633] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0
[ 1070.918658][T18633] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1070.920712][T18633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1070.922753][T18633] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1070.924810][T18633] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1070.926878][T18633]  </TASK>
[ 1071.450403][T18654] netlink: 188 bytes leftover after parsing attributes in process `syz.5.3082'.
[ 1071.453365][T18654] netlink: 'syz.5.3082': attribute type 1 has an invalid length.
[ 1071.532599][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1071.577716][T18665] netlink: 'syz.1.3087': attribute type 10 has an invalid length.
[ 1071.582179][T18665] netlink: 55 bytes leftover after parsing attributes in process `syz.1.3087'.
[ 1071.665939][T18672] openvswitch: netlink: IP tunnel dst address not specified
[ 1071.706512][T18677] netlink: 'syz.5.3084': attribute type 10 has an invalid length.
[ 1071.720779][T18677] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 1071.988230][ T5952] Bluetooth: Wrong link type (-71)
[ 1072.397495][T18700] »»»»»»: renamed from lo (while UP)
[ 1072.401462][T18700] vxcan1: entered promiscuous mode
[ 1072.403454][T18701] vxcan1: left promiscuous mode
[ 1072.408043][T18700] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3098'.
[ 1072.433604][T18704] netlink: 'syz.3.3099': attribute type 12 has an invalid length.
[ 1072.508154][T18711] netlink: 188 bytes leftover after parsing attributes in process `syz.5.3100'.
[ 1072.510528][T18711] netlink: 'syz.5.3100': attribute type 1 has an invalid length.
[ 1072.681341][ T5952] Bluetooth: Wrong link type (-71)
[ 1072.847267][T18728] FAULT_INJECTION: forcing a failure.
[ 1072.847267][T18728] name failslab, interval 1, probability 0, space 0, times 0
[ 1072.850539][T18728] CPU: 3 UID: 0 PID: 18728 Comm: syz.3.3108 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1072.853333][T18728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1072.856145][T18728] Call Trace:
[ 1072.857026][T18728]  <TASK>
[ 1072.857808][T18728]  dump_stack_lvl+0x16c/0x1f0
[ 1072.859045][T18728]  should_fail_ex+0x497/0x5b0
[ 1072.860286][T18728]  ? fs_reclaim_acquire+0xae/0x150
[ 1072.861610][T18728]  should_failslab+0xc2/0x120
[ 1072.862811][T18728]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[ 1072.864343][T18728]  ? __rtnl_unlock+0x68/0xf0
[ 1072.865577][T18728]  ? __alloc_skb+0x2b3/0x380
[ 1072.866801][T18728]  __alloc_skb+0x2b3/0x380
[ 1072.867980][T18728]  ? __pfx___alloc_skb+0x10/0x10
[ 1072.869280][T18728]  ? ethnl_bitset32_size+0x212/0x2b0
[ 1072.870659][T18728]  ethnl_reply_init+0x45/0x210
[ 1072.871924][T18728]  ethnl_default_doit+0x411/0xbd0
[ 1072.873245][T18728]  ? __nla_parse+0x40/0x60
[ 1072.874420][T18728]  ? __pfx_ethnl_default_doit+0x10/0x10
[ 1072.875869][T18728]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1072.877786][T18728]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1072.879715][T18728]  genl_family_rcv_msg_doit+0x202/0x2f0
[ 1072.881146][T18728]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1072.882693][T18728]  ? genl_get_cmd+0x195/0x580
[ 1072.883905][T18728]  ? __dev_queue_xmit+0x89b/0x43e0
[ 1072.885228][T18728]  ? __radix_tree_lookup+0x21f/0x2c0
[ 1072.886607][T18728]  genl_rcv_msg+0x565/0x800
[ 1072.887795][T18728]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1072.889099][T18728]  ? __pfx_ethnl_default_doit+0x10/0x10
[ 1072.890542][T18728]  netlink_rcv_skb+0x165/0x410
[ 1072.891795][T18728]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1072.893106][T18728]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1072.894514][T18728]  ? down_read+0xc9/0x330
[ 1072.895645][T18728]  ? __pfx_down_read+0x10/0x10
[ 1072.896885][T18728]  ? netlink_deliver_tap+0x1ae/0xca0
[ 1072.898258][T18728]  genl_rcv+0x28/0x40
[ 1072.899302][T18728]  netlink_unicast+0x53c/0x7f0
[ 1072.900539][T18728]  ? __pfx_netlink_unicast+0x10/0x10
[ 1072.901906][T18728]  ? __phys_addr_symbol+0x30/0x80
[ 1072.903230][T18728]  ? __check_object_size+0x488/0x710
[ 1072.904608][T18728]  netlink_sendmsg+0x8b8/0xd70
[ 1072.905879][T18728]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1072.907263][T18728]  ____sys_sendmsg+0x9ae/0xb40
[ 1072.908509][T18728]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1072.909880][T18728]  ? get_compat_msghdr+0x11b/0x170
[ 1072.911219][T18728]  ? rcu_is_watching+0x12/0xc0
[ 1072.912482][T18728]  ? lock_release+0x4e2/0x6f0
[ 1072.913710][T18728]  ? get_pid_task+0xfc/0x250
[ 1072.914913][T18728]  ___sys_sendmsg+0x135/0x1e0
[ 1072.916153][T18728]  ? get_pid_task+0x35/0x250
[ 1072.917368][T18728]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1072.918725][T18728]  ? lock_release+0x4e2/0x6f0
[ 1072.919969][T18728]  ? __pfx_lock_release+0x10/0x10
[ 1072.921291][T18728]  ? trace_lock_acquire+0x14e/0x1f0
[ 1072.922648][T18728]  ? __fget_files+0x206/0x3a0
[ 1072.923876][T18728]  __sys_sendmsg+0x16e/0x220
[ 1072.925072][T18728]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1072.926410][T18728]  ? rcu_is_watching+0x12/0xc0
[ 1072.927655][T18728]  __do_fast_syscall_32+0x73/0x120
[ 1072.928984][T18728]  do_fast_syscall_32+0x32/0x80
[ 1072.930248][T18728]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1072.931889][T18728] RIP: 0023:0xf7fc7579
[ 1072.932949][T18728] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1072.937900][T18728] RSP: 002b:00000000f513657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1072.940059][T18728] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1072.942068][T18728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1072.944116][T18728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1072.946162][T18728] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1072.948204][T18728] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1072.950227][T18728]  </TASK>
[ 1072.951125][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1073.055885][ T5952] Bluetooth: Wrong link type (-71)
[ 1073.518782][ T5952] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 1073.749167][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1073.907452][T18779] 9pnet_fd: Insufficient options for proto=fd
[ 1073.911118][T18781] 9pnet_fd: Insufficient options for proto=fd
[ 1074.075877][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1074.099225][T18801] netlink: 188 bytes leftover after parsing attributes in process `syz.5.3131'.
[ 1074.101743][T18801] netlink: 'syz.5.3131': attribute type 1 has an invalid length.
[ 1074.857721][ T5952] Bluetooth: Wrong link type (-71)
[ 1074.967848][T18838] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3146'.
[ 1075.196823][ T6348] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[ 1075.302118][ T5952] Bluetooth: hci0: ACL packet for unknown connection handle 200
[ 1075.341780][T18849] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3149'.
[ 1075.355994][ T6348] usb 10-1: Using ep0 maxpacket: 8
[ 1075.359155][ T6348] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1075.362930][ T6348] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1075.366814][ T6348] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1075.370651][ T6348] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1075.375543][ T6348] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1075.378464][ T6348] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1075.668220][ T6348] usb 10-1: usb_control_msg returned -32
[ 1075.669743][ T6348] usbtmc 10-1:16.0: can't read capabilities
[ 1075.867818][ T5952] Bluetooth: Wrong link type (-71)
[ 1076.001853][T18867] netlink: 188 bytes leftover after parsing attributes in process `syz.4.3153'.
[ 1076.004231][T18867] netlink: 'syz.4.3153': attribute type 1 has an invalid length.
[ 1076.344810][T18858] orangefs_mount: mount request failed with -4
[ 1076.781896][T18879] netlink: 'syz.3.3157': attribute type 12 has an invalid length.
[ 1077.387591][T14915] e1000 0000:00:06.0 eth0: Reset adapter
[ 1077.417304][T18890] xt_TCPMSS: Only works on TCP SYN packets
[ 1077.433923][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1077.851007][T18914] netlink: 188 bytes leftover after parsing attributes in process `syz.4.3164'.
[ 1077.853481][T18914] netlink: 'syz.4.3164': attribute type 1 has an invalid length.
[ 1078.062757][T18916] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3165'.
[ 1078.141305][ T6348] usb 10-1: USB disconnect, device number 26
[ 1079.740013][ T6001] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1086.505847][T18942] xt_time: unknown flags 0xf0
[ 1086.508863][T18942] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3166'.
[ 1086.532210][T18942] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3166'.
[ 1086.704943][T18947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3171'.
[ 1086.725185][T18939] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3169'.
[ 1086.855938][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1086.860881][T18964] siw: device registration error -23
[ 1087.028280][T18968] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3174'.
[ 1087.322548][T18979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3176'.
[ 1087.854988][T19000] netlink: 260 bytes leftover after parsing attributes in process `syz.3.3181'.
[ 1088.104689][T19002] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3182'.
[ 1088.419976][ T5983] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[ 1089.435591][ T6348] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[ 1089.606974][ T6348] usb 9-1: too many configurations: 9, using maximum allowed: 8
[ 1089.609767][ T6348] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1089.612115][ T6348] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1089.615051][ T6348] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1089.618005][ T6348] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1089.620380][ T6348] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1089.623236][ T6348] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1089.638665][ T6348] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1089.641012][ T6348] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1089.643851][ T6348] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1089.650887][ T6348] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1089.653248][ T6348] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1089.656044][ T6348] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1089.671168][ T6348] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1089.673657][ T6348] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1089.676564][ T6348] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1089.679544][ T6348] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1089.682136][ T6348] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1089.686652][ T6348] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1089.689154][ T6348] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1089.692073][ T6348] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1089.694973][ T6348] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1089.697528][ T6348] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1089.699859][ T6348] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1089.704708][ T6348] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1089.708145][ T6348] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1089.710699][ T6348] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1089.712888][ T6348] usb 9-1: Product: syz
[ 1089.714131][ T6348] usb 9-1: Manufacturer: syz
[ 1089.715485][ T6348] usb 9-1: SerialNumber: syz
[ 1089.717841][ T6348] usb 9-1: config 0 descriptor??
[ 1089.721507][ T6348] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[ 1090.344244][T17457] Bluetooth: hci1: command 0x0405 tx timeout
[ 1090.656221][T19061] netlink: 260 bytes leftover after parsing attributes in process `syz.3.3192'.
[ 1092.140485][    C3] usb 9-1: yurex_control_callback - control failed: -2
[ 1092.143943][ T6348] usb 9-1: USB disconnect, device number 24
[ 1092.146334][ T6348] yurex 9-1:0.0: USB YUREX #0 now disconnected
[ 1093.103210][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1101.759467][T19084] xt_time: unknown flags 0xf0
[ 1101.761957][T19084] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3198'.
[ 1102.832238][T19123] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3202'.
[ 1103.140879][T14915] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[ 1103.301620][T14915] usb 9-1: too many configurations: 9, using maximum allowed: 8
[ 1103.304455][T14915] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1103.306755][T14915] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1103.309557][T14915] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1103.312782][T14915] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1103.315112][T14915] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1103.317929][T14915] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1103.320391][T14915] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1103.323009][T14915] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1103.325843][T14915] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1103.328361][T14915] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1103.330662][T14915] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1103.333702][T14915] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1103.336158][T14915] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1103.338466][T14915] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1103.341249][T14915] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1103.343662][T14915] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1103.346113][T14915] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1103.348836][T14915] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1103.351431][T14915] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1103.353704][T14915] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1103.356609][T14915] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1103.359056][T14915] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1103.361303][T14915] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1103.364048][T14915] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1103.367274][T14915] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1103.369772][T14915] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1103.371930][T14915] usb 9-1: Product: syz
[ 1103.373025][T14915] usb 9-1: Manufacturer: syz
[ 1103.374248][T14915] usb 9-1: SerialNumber: syz
[ 1103.376224][T14915] usb 9-1: config 0 descriptor??
[ 1103.378918][T14915] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[ 1104.456814][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1105.738893][    C2] usb 9-1: yurex_control_callback - control failed: -2
[ 1105.742587][T14915] usb 9-1: USB disconnect, device number 25
[ 1105.744759][T14915] yurex 9-1:0.0: USB YUREX #0 now disconnected
[ 1112.519151][   T39] audit: type=1326 audit(1733874514.452:7068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.528306][   T39] audit: type=1326 audit(1733874514.452:7069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.535273][   T39] audit: type=1326 audit(1733874514.452:7070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=77 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.542266][   T39] audit: type=1326 audit(1733874514.452:7071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.549281][   T39] audit: type=1326 audit(1733874514.452:7072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.556284][   T39] audit: type=1326 audit(1733874514.452:7073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.563198][   T39] audit: type=1326 audit(1733874514.452:7074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.570854][   T39] audit: type=1326 audit(1733874514.452:7075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.576454][   T39] audit: type=1326 audit(1733874514.452:7076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.581863][   T39] audit: type=1326 audit(1733874514.452:7077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19152 comm="syz.4.3208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000
[ 1112.594621][T19161] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3212'.
[ 1113.132797][T19156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3209'.
[ 1113.792575][T19201] netlink: 260 bytes leftover after parsing attributes in process `syz.5.3217'.
[ 1115.072455][ T6186] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1127.940990][   T39] kauditd_printk_skb: 16 callbacks suppressed
[ 1127.941008][   T39] audit: type=1326 audit(1733874528.866:7094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1127.948329][T19231] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3221'.
[ 1127.951923][   T39] audit: type=1326 audit(1733874528.866:7095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1127.958975][   T39] audit: type=1326 audit(1733874528.866:7096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=77 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1127.965000][   T39] audit: type=1326 audit(1733874528.866:7097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1127.971618][   T39] audit: type=1326 audit(1733874528.866:7098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1127.979744][   T39] audit: type=1326 audit(1733874528.866:7099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1127.986124][   T39] audit: type=1326 audit(1733874528.866:7100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1127.992188][   T39] audit: type=1326 audit(1733874528.866:7101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1127.998840][   T39] audit: type=1326 audit(1733874528.866:7102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1128.004619][   T39] audit: type=1326 audit(1733874528.866:7103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19227 comm="syz.1.3222" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f66579 code=0x7ffc0000
[ 1128.782190][T19279] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3233'.
[ 1128.959052][T19291] FAULT_INJECTION: forcing a failure.
[ 1128.959052][T19291] name failslab, interval 1, probability 0, space 0, times 0
[ 1128.971431][T19291] CPU: 0 UID: 0 PID: 19291 Comm: syz.4.3238 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1128.974235][T19291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1128.976996][T19291] Call Trace:
[ 1128.977874][T19291]  <TASK>
[ 1128.978662][T19291]  dump_stack_lvl+0x16c/0x1f0
[ 1128.979897][T19291]  should_fail_ex+0x497/0x5b0
[ 1128.981130][T19291]  should_failslab+0xc2/0x120
[ 1128.982371][T19291]  kmem_cache_alloc_noprof+0x6e/0x3b0
[ 1128.983797][T19291]  ? skb_clone+0x190/0x3f0
[ 1128.984983][T19291]  skb_clone+0x190/0x3f0
[ 1128.986095][T19291]  netlink_deliver_tap+0xafd/0xca0
[ 1128.987443][T19291]  netlink_unicast+0x6b4/0x7f0
[ 1128.988715][T19291]  ? __pfx_netlink_unicast+0x10/0x10
[ 1128.990093][T19291]  ? kfree+0x14f/0x4b0
[ 1128.991166][T19291]  ? ethnl_default_doit+0x65d/0xbd0
[ 1128.992518][T19291]  ethnl_default_doit+0x6f0/0xbd0
[ 1128.993821][T19291]  ? __pfx_ethnl_default_doit+0x10/0x10
[ 1128.995272][T19291]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1128.997182][T19291]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1128.999080][T19291]  genl_family_rcv_msg_doit+0x202/0x2f0
[ 1129.000519][T19291]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1129.002101][T19291]  ? genl_get_cmd+0x195/0x580
[ 1129.003340][T19291]  ? __dev_queue_xmit+0x89b/0x43e0
[ 1129.004681][T19291]  ? __radix_tree_lookup+0x21f/0x2c0
[ 1129.006089][T19291]  genl_rcv_msg+0x565/0x800
[ 1129.007259][T19291]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1129.008546][T19291]  ? __pfx_ethnl_default_doit+0x10/0x10
[ 1129.009986][T19291]  netlink_rcv_skb+0x165/0x410
[ 1129.011243][T19291]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1129.012559][T19291]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1129.013932][T19291]  ? down_read+0xc9/0x330
[ 1129.015066][T19291]  ? __pfx_down_read+0x10/0x10
[ 1129.016317][T19291]  ? netlink_deliver_tap+0x1ae/0xca0
[ 1129.017690][T19291]  genl_rcv+0x28/0x40
[ 1129.018779][T19291]  netlink_unicast+0x53c/0x7f0
[ 1129.020025][T19291]  ? __pfx_netlink_unicast+0x10/0x10
[ 1129.021393][T19291]  ? __phys_addr_symbol+0x30/0x80
[ 1129.022715][T19291]  ? __check_object_size+0x488/0x710
[ 1129.024073][T19291]  netlink_sendmsg+0x8b8/0xd70
[ 1129.025340][T19291]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1129.026726][T19291]  ____sys_sendmsg+0x9ae/0xb40
[ 1129.027964][T19291]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1129.029335][T19291]  ? get_compat_msghdr+0x11b/0x170
[ 1129.030662][T19291]  ? rcu_is_watching+0x12/0xc0
[ 1129.031886][T19291]  ? lock_release+0x4e2/0x6f0
[ 1129.033070][T19291]  ? get_pid_task+0xfc/0x250
[ 1129.034233][T19291]  ___sys_sendmsg+0x135/0x1e0
[ 1129.035440][T19291]  ? get_pid_task+0x35/0x250
[ 1129.036621][T19291]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1129.037905][T19291]  ? lock_release+0x4e2/0x6f0
[ 1129.039067][T19291]  ? __pfx_lock_release+0x10/0x10
[ 1129.040325][T19291]  ? trace_lock_acquire+0x14e/0x1f0
[ 1129.041731][T19291]  ? __fget_files+0x206/0x3a0
[ 1129.043150][T19291]  __sys_sendmsg+0x16e/0x220
[ 1129.044334][T19291]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1129.045651][T19291]  ? rcu_is_watching+0x12/0xc0
[ 1129.046896][T19291]  __do_fast_syscall_32+0x73/0x120
[ 1129.048156][T19291]  do_fast_syscall_32+0x32/0x80
[ 1129.049377][T19291]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1129.051022][T19291] RIP: 0023:0xf7fa2579
[ 1129.052108][T19291] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1129.057144][T19291] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1129.059322][T19291] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[ 1129.061342][T19291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1129.063274][T19291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1129.065268][T19291] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1129.067245][T19291] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1129.069210][T19291]  </TASK>
[ 1129.105608][T19294] netlink: 'syz.1.3236': attribute type 10 has an invalid length.
[ 1129.120718][T19294] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1129.122983][T19294] team0: Port device batadv0 added
[ 1130.541862][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1143.640782][ T5952] Bluetooth: Wrong link type (-71)
[ 1143.642213][ T5952] Bluetooth: hci0: link tx timeout
[ 1143.643571][ T5952] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1143.726751][T19323] 9pnet_fd: Insufficient options for proto=fd
[ 1143.914930][ T6186] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[ 1144.075932][ T6186] usb 10-1: too many configurations: 9, using maximum allowed: 8
[ 1144.081599][ T6186] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1144.084786][ T6186] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1144.094699][ T6186] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1144.100006][ T6186] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1144.102663][ T6186] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1144.105613][ T6186] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1144.117270][ T6186] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1144.120917][ T6186] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1144.128273][ T6186] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1144.133245][ T6186] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1144.136875][ T6186] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1144.143881][ T6186] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1144.147368][ T6186] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1144.151211][ T6186] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1144.154941][ T6186] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1144.157334][ T6186] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1144.159675][ T6186] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1144.162931][ T6186] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1144.165378][ T6186] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1144.167593][ T6186] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1144.170300][ T6186] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1144.173142][ T6186] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1144.175558][ T6186] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1144.178316][ T6186] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1144.181665][ T6186] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1144.184640][ T6186] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1144.186921][ T6186] usb 10-1: Product: syz
[ 1144.188116][ T6186] usb 10-1: Manufacturer: syz
[ 1144.189431][ T6186] usb 10-1: SerialNumber: syz
[ 1144.192373][ T6186] usb 10-1: config 0 descriptor??
[ 1144.195558][ T6186] yurex 10-1:0.0: USB YUREX device now attached to Yurex #0
[ 1144.744358][ T5952] Bluetooth: Wrong link type (-71)
[ 1144.746019][ T5952] Bluetooth: hci4: link tx timeout
[ 1144.747400][ T5952] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1144.825705][T19360] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3252'.
[ 1145.850074][T19365] Bluetooth: hci0: command 0x0406 tx timeout
[ 1146.619901][    C2] usb 10-1: yurex_control_callback - control failed: -2
[ 1146.622549][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1146.627715][T14915] usb 10-1: USB disconnect, device number 28
[ 1146.632446][T14915] yurex 10-1:0.0: USB YUREX #0 now disconnected
[ 1146.961797][T19365] Bluetooth: hci4: command 0x0406 tx timeout
[ 1154.551314][ T5952] Bluetooth: Wrong link type (-71)
[ 1154.552735][ T5952] Bluetooth: hci1: link tx timeout
[ 1154.554107][ T5952] Bluetooth: hci1: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1154.556577][ T5952] Bluetooth: hci1: link tx timeout
[ 1154.557967][ T5952] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1155.639474][T19425] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3266'.
[ 1155.708249][T19441] random: crng reseeded on system resumption
[ 1155.745029][T19365] Bluetooth: hci4: ACL packet for unknown connection handle 201
[ 1156.797189][T19365] Bluetooth: hci1: command 0x0405 tx timeout
[ 1157.065495][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1159.020799][ T5952] Bluetooth: hci1: command 0x0405 tx timeout
[ 1165.777804][   T39] kauditd_printk_skb: 17 callbacks suppressed
[ 1165.777838][   T39] audit: type=1326 audit(1733874564.271:7121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19480 comm="syz.5.3276" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb2579 code=0x0
[ 1166.387180][T19496] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3278'.
[ 1166.589879][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1166.638134][ T5952] Bluetooth: hci0: ACL packet for unknown connection handle 200
[ 1166.732000][T14456] libceph: connect (1)[c::]:6789 error -101
[ 1166.733895][T14456] libceph: mon0 (1)[c::]:6789 connect error
[ 1166.736517][T14456] libceph: connect (1)[c::]:6789 error -101
[ 1166.738339][T14456] libceph: mon0 (1)[c::]:6789 connect error
[ 1166.845057][T19526] syz.5.3285: attempt to access beyond end of device
[ 1166.845057][T19526] nbd5: rw=4096, sector=0, nr_sectors = 2 limit=0
[ 1166.905706][T19521] ceph: No mds server is up or the cluster is laggy
[ 1167.269644][T19565] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3287'.
[ 1167.384372][T19586] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3296'.
[ 1167.546720][T19607] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3299'.
[ 1167.579907][ T5952] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1167.603982][T19532] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1167.605992][T19532] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1167.632828][T19532] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1167.634711][T19532] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1167.649593][T19532] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1167.651241][T19532] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1167.666089][T19532] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1167.667710][T19532] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1168.021784][   T39] audit: type=1326 audit(1733874566.357:7122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.4.3293" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa2579 code=0x0
[ 1169.017707][T19677] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3301'.
[ 1170.631124][T14456] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[ 1170.770529][T14456] usb 9-1: device descriptor read/64, error -71
[ 1170.924694][T19710] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[ 1170.928013][T19710] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3311'.
[ 1170.931615][T19710] syzkaller0: entered allmulticast mode
[ 1171.047703][T14456] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[ 1171.197342][T14456] usb 9-1: device descriptor read/64, error -71
[ 1171.265431][T19718] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3313'.
[ 1171.318517][T14456] usb usb9-port1: attempt power cycle
[ 1171.678713][T14456] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[ 1171.700731][T14456] usb 9-1: device descriptor read/8, error -71
[ 1172.009863][T14456] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[ 1172.052827][T14915] e1000 0000:00:06.0 eth0: Reset adapter
[ 1172.140506][T14456] usb 9-1: device descriptor read/8, error -71
[ 1172.172035][T14915] e1000 0000:00:06.0 eth0: Reset adapter
[ 1172.267093][T14456] usb usb9-port1: unable to enumerate USB device
[ 1172.270065][T19757] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3323'.
[ 1172.358346][T19766] syz.5.3325: attempt to access beyond end of device
[ 1172.358346][T19766] nbd5: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1172.360707][T19771] netlink: 172 bytes leftover after parsing attributes in process `syz.1.3326'.
[ 1172.361749][T19766] syz.5.3325: attempt to access beyond end of device
[ 1172.361749][T19766] nbd5: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1172.373104][T19766] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1172.377138][T19766] syz.5.3325: attempt to access beyond end of device
[ 1172.377138][T19766] nbd5: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1172.380649][T19766] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1172.383561][T19766] syz.5.3325: attempt to access beyond end of device
[ 1172.383561][T19766] nbd5: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1172.387652][T19766] syz.5.3325: attempt to access beyond end of device
[ 1172.387652][T19766] nbd5: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1172.392188][T19766] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1172.395941][T19766] syz.5.3325: attempt to access beyond end of device
[ 1172.395941][T19766] nbd5: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1172.403487][T19766] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1172.407427][T19766] syz.5.3325: attempt to access beyond end of device
[ 1172.407427][T19766] nbd5: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1172.410997][T19766] syz.5.3325: attempt to access beyond end of device
[ 1172.410997][T19766] nbd5: rw=0, sector=2048, nr_sectors = 8 limit=0
[ 1172.415192][T19766] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1172.419049][T19766] syz.5.3325: attempt to access beyond end of device
[ 1172.419049][T19766] nbd5: rw=0, sector=4096, nr_sectors = 8 limit=0
[ 1172.428045][T19766] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1172.431438][T19766] UDF-fs: warning (device nbd5): udf_fill_super: No partition found (1)
[ 1174.501583][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1182.154479][T19805] bridge0: port 3(macvlan2) entered blocking state
[ 1182.169015][T19805] bridge0: port 3(macvlan2) entered disabled state
[ 1182.184702][T19805] macvlan2: entered allmulticast mode
[ 1182.186140][T19805] mac80211_hwsim hwsim90 wlan1: entered allmulticast mode
[ 1182.236653][T19805] macvlan2: entered promiscuous mode
[ 1183.092199][T19818] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3334'.
[ 1185.106422][   T39] audit: type=1326 audit(1733874582.352:7123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19872 comm="syz.3.3349" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x0
[ 1185.491144][ T5983] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1186.178485][T19927] netlink: 'syz.4.3359': attribute type 10 has an invalid length.
[ 1186.193865][T19927] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 1187.400962][    C2] vcan0: j1939_tp_rxtimer: 0xffff88804ba26c00: rx timeout, send abort
[ 1187.403727][    C2] vcan0: j1939_xtp_rx_abort_one: 0xffff88804ba26c00: 0x10000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1192.669043][T19954] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3364'.
[ 1192.672303][T19954] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3364'.
[ 1192.675977][T19954] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3364'.
[ 1192.679483][T19954] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3364'.
[ 1192.682901][T19954] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3364'.
[ 1192.776992][T19948] program syz.4.3362 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1193.669382][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1194.042063][T20003] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3374'.
[ 1200.677704][T20049] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3384'.
[ 1200.867681][T20067] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3389'.
[ 1200.870857][T20067] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3389'.
[ 1200.873794][T20067] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3389'.
[ 1200.877087][T20067] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3389'.
[ 1200.879634][T20067] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3389'.
[ 1201.021127][T20070] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3393'.
[ 1201.525255][T20080] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3395'.
[ 1201.563742][T20082] gretap0: entered promiscuous mode
[ 1201.565843][T20082] gretap0: entered allmulticast mode
[ 1202.142193][T20103] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3402'.
[ 1202.172324][T20109] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3403'.
[ 1203.674647][T20177] FAULT_INJECTION: forcing a failure.
[ 1203.674647][T20177] name failslab, interval 1, probability 0, space 0, times 0
[ 1203.678412][T20177] CPU: 0 UID: 0 PID: 20177 Comm: syz.5.3425 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1203.681356][T20177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1203.684309][T20177] Call Trace:
[ 1203.685318][T20177]  <TASK>
[ 1203.686144][T20177]  dump_stack_lvl+0x16c/0x1f0
[ 1203.687378][T20177]  should_fail_ex+0x497/0x5b0
[ 1203.688751][T20177]  ? fs_reclaim_acquire+0xae/0x150
[ 1203.690112][T20177]  should_failslab+0xc2/0x120
[ 1203.691359][T20177]  __kmalloc_cache_noprof+0x68/0x420
[ 1203.692929][T20177]  ? lock_acquire+0x2f/0xb0
[ 1203.694126][T20177]  binder_get_thread+0x223/0x8c0
[ 1203.695420][T20177]  binder_ioctl+0x1f4/0x7080
[ 1203.696779][T20177]  ? lock_release+0x4e2/0x6f0
[ 1203.698034][T20177]  ? kfree+0x14f/0x4b0
[ 1203.699128][T20177]  ? tomoyo_path_number_perm+0x46d/0x5b0
[ 1203.700742][T20177]  ? tomoyo_path_number_perm+0x190/0x5b0
[ 1203.702222][T20177]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1203.704039][T20177]  ? __pfx_binder_ioctl+0x10/0x10
[ 1203.705368][T20177]  ? do_vfs_ioctl+0x513/0x1950
[ 1203.706650][T20177]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1203.707963][T20177]  ? preempt_count_add+0x76/0x150
[ 1203.709279][T20177]  ? __pfx_lock_release+0x10/0x10
[ 1203.710609][T20177]  ? trace_lock_acquire+0x14e/0x1f0
[ 1203.711964][T20177]  ? __fget_files+0x40/0x3a0
[ 1203.713190][T20177]  ? __fget_files+0x206/0x3a0
[ 1203.714432][T20177]  ? __pfx_binder_ioctl+0x10/0x10
[ 1203.715766][T20177]  compat_ptr_ioctl+0x6b/0xa0
[ 1203.717170][T20177]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[ 1203.718600][T20177]  __do_compat_sys_ioctl+0x1cb/0x2c0
[ 1203.720142][T20177]  __do_fast_syscall_32+0x73/0x120
[ 1203.721479][T20177]  do_fast_syscall_32+0x32/0x80
[ 1203.722775][T20177]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1203.724633][T20177] RIP: 0023:0xf7fb2579
[ 1203.725704][T20177] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1203.730965][T20177] RSP: 002b:00000000f510557c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1203.733095][T20177] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0306201
[ 1203.735356][T20177] RDX: 00000000200003c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1203.737398][T20177] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1203.739646][T20177] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1203.741657][T20177] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1203.744012][T20177]  </TASK>
[ 1203.745892][T20177] binder: 20175:20177 ioctl c0306201 200003c0 returned -12
[ 1205.717591][ T5983] e1000 0000:00:06.0 eth0: Reset adapter
[ 1208.124485][ T5983] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1218.532736][T20310] __nla_validate_parse: 10 callbacks suppressed
[ 1218.532747][T20310] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3458'.
[ 1219.123586][ T5983] e1000 0000:00:06.0 eth0: Reset adapter
[ 1219.329346][T20342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3465'.
[ 1219.387345][   T39] audit: type=1326 audit(1733874614.409:7124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.5.3468" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[ 1219.393022][   T39] audit: type=1326 audit(1733874614.409:7125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.5.3468" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[ 1219.398457][   T39] audit: type=1326 audit(1733874614.409:7126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.5.3468" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[ 1219.404876][   T39] audit: type=1326 audit(1733874614.409:7127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.5.3468" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[ 1219.410208][   T39] audit: type=1326 audit(1733874614.409:7128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.5.3468" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[ 1219.417793][   T39] audit: type=1326 audit(1733874614.409:7129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.5.3468" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[ 1219.419183][T20361] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3470'.
[ 1219.423909][   T39] audit: type=1326 audit(1733874614.409:7130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.5.3468" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[ 1219.430809][   T39] audit: type=1326 audit(1733874614.409:7131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.5.3468" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[ 1219.436255][   T39] audit: type=1326 audit(1733874614.409:7132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20353 comm="syz.5.3468" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fb2579 code=0x7ffc0000
[ 1221.540373][ T5983] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1233.964060][T20389] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3475'.
[ 1234.028658][T20389] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1234.175764][T20397] overlay: Unknown parameter 'seclabel'
[ 1234.294145][T20389] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1234.415826][T20389] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1234.491349][T20389] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1234.546967][T20389] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.552106][T20389] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.556648][T20389] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.561294][T20389] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1235.028340][T20407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3479'.
[ 1235.041987][T14915] e1000 0000:00:06.0 eth0: Reset adapter
[ 1235.143290][T20416] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3482'.
[ 1235.163203][T20421] netlink: 'syz.4.3483': attribute type 12 has an invalid length.
[ 1235.212958][T20433] netlink: 'syz.1.3485': attribute type 25 has an invalid length.
[ 1235.214983][T20433] netlink: 'syz.1.3485': attribute type 44 has an invalid length.
[ 1235.230978][T20436] binder: 20435:20436 unknown command 1074553621
[ 1235.232671][T20436] binder: 20435:20436 ioctl c0306201 200003c0 returned -22
[ 1237.373482][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1249.795472][T20471] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3493'.
[ 1249.816423][T14915] e1000 0000:00:06.0 eth0: Reset adapter
[ 1249.906570][T20469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3492'.
[ 1252.072826][T14915] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[ 1266.813130][   T43] ==================================================================
[ 1266.815876][   T43] BUG: KASAN: slab-use-after-free in move_to_new_folio+0x12e/0x700
[ 1266.818525][   T43] Read of size 8 at addr ffff888022ee9860 by task kcompactd0/43
[ 1266.821735][   T43] 
[ 1266.822828][   T43] CPU: 3 UID: 0 PID: 43 Comm: kcompactd0 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1266.825478][   T43] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1266.828167][   T43] Call Trace:
[ 1266.829034][   T43]  <TASK>
[ 1266.829795][   T43]  dump_stack_lvl+0x116/0x1f0
[ 1266.830967][   T43]  print_report+0xc3/0x620
[ 1266.832049][   T43]  ? __virt_addr_valid+0x5e/0x590
[ 1266.833319][   T43]  ? __phys_addr+0xc6/0x150
[ 1266.834470][   T43]  kasan_report+0xd9/0x110
[ 1266.835600][   T43]  ? move_to_new_folio+0x12e/0x700
[ 1266.836941][   T43]  ? move_to_new_folio+0x12e/0x700
[ 1266.838299][   T43]  kasan_check_range+0xef/0x1a0
[ 1266.839579][   T43]  move_to_new_folio+0x12e/0x700
[ 1266.840900][   T43]  migrate_pages_batch+0x200c/0x3150
[ 1266.842295][   T43]  ? __pfx_compaction_free+0x10/0x10
[ 1266.843678][   T43]  ? __pfx_migrate_pages_batch+0x10/0x10
[ 1266.845151][   T43]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1266.846703][   T43]  ? arch_stack_walk+0x95/0x100
[ 1266.847950][   T43]  migrate_pages_sync+0x109/0x8f0
[ 1266.849282][   T43]  ? __pfx_compaction_alloc+0x10/0x10
[ 1266.850693][   T43]  ? __pfx_compaction_free+0x10/0x10
[ 1266.852080][   T43]  ? z3fold_page_isolate+0x23b/0x510
[ 1266.853477][   T43]  ? rcu_is_watching+0x12/0xc0
[ 1266.854735][   T43]  ? __pfx_migrate_pages_sync+0x10/0x10
[ 1266.856187][   T43]  ? __pfx_lock_release+0x10/0x10
[ 1266.857475][   T43]  ? __pfx_lock_release+0x10/0x10
[ 1266.858680][   T43]  ? isolate_movable_page+0x3b/0x7f0
[ 1266.860016][   T43]  ? lock_acquire+0x2f/0xb0
[ 1266.861185][   T43]  ? isolate_movable_page+0x3b/0x7f0
[ 1266.862586][   T43]  migrate_pages+0x1a46/0x21f0
[ 1266.863859][   T43]  ? __pfx_compaction_alloc+0x10/0x10
[ 1266.865264][   T43]  ? __pfx_compaction_free+0x10/0x10
[ 1266.866654][   T43]  ? __pfx_migrate_pages+0x10/0x10
[ 1266.868066][   T43]  ? __pfx_isolate_migratepages_block+0x10/0x10
[ 1266.869645][   T43]  compact_zone+0x1f68/0x4280
[ 1266.870869][   T43]  ? rcu_is_watching+0x12/0xc0
[ 1266.872139][   T43]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1266.873558][   T43]  ? trace_irq_enable.constprop.0+0xea/0x140
[ 1266.875133][   T43]  ? __pfx_compact_zone+0x10/0x10
[ 1266.876460][   T43]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1266.877877][   T43]  ? __try_to_del_timer_sync+0x116/0x170
[ 1266.879356][   T43]  ? rcu_is_watching+0x12/0xc0
[ 1266.880661][   T43]  ? trace_irq_enable.constprop.0+0xea/0x140
[ 1266.882179][   T43]  compact_node+0x1a2/0x2d0
[ 1266.883335][   T43]  ? __pfx_compact_node+0x10/0x10
[ 1266.884665][   T43]  ? __pfx_extfrag_for_order+0x10/0x10
[ 1266.886103][   T43]  ? rcu_is_watching+0x12/0xc0
[ 1266.887365][   T43]  kcompactd+0x779/0xdf0
[ 1266.888491][   T43]  ? __pfx_kcompactd+0x10/0x10
[ 1266.889765][   T43]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1266.891391][   T43]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1266.892742][   T43]  ? __kthread_parkme+0x148/0x220
[ 1266.894025][   T43]  ? __pfx_kcompactd+0x10/0x10
[ 1266.895284][   T43]  kthread+0x2c1/0x3a0
[ 1266.896358][   T43]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1266.897745][   T43]  ? __pfx_kthread+0x10/0x10
[ 1266.898969][   T43]  ret_from_fork+0x45/0x80
[ 1266.900174][   T43]  ? __pfx_kthread+0x10/0x10
[ 1266.901484][   T43]  ret_from_fork_asm+0x1a/0x30
[ 1266.902742][   T43]  </TASK>
[ 1266.903521][   T43] 
[ 1266.904150][   T43] Allocated by task 37:
[ 1266.905195][   T43]  kasan_save_stack+0x33/0x60
[ 1266.906411][   T43]  kasan_save_track+0x14/0x30
[ 1266.907652][   T43]  __kasan_slab_alloc+0x89/0x90
[ 1266.908930][   T43]  kmem_cache_alloc_lru_noprof+0x1c8/0x3b0
[ 1266.910487][   T43]  shmem_alloc_inode+0x25/0x50
[ 1266.911744][   T43]  alloc_inode+0x5d/0x230
[ 1266.912882][   T43]  new_inode+0x22/0x210
[ 1266.913982][   T43]  shmem_get_inode+0x194/0xf00
[ 1266.915170][   T43]  shmem_mknod+0x1a8/0x450
[ 1266.916335][   T43]  vfs_mknod+0x5d7/0x8e0
[ 1266.917451][   T43]  devtmpfs_work_loop+0x1a8/0x7d0
[ 1266.918770][   T43]  devtmpfsd+0x4c/0x50
[ 1266.919843][   T43]  kthread+0x2c1/0x3a0
[ 1266.920945][   T43]  ret_from_fork+0x45/0x80
[ 1266.922116][   T43]  ret_from_fork_asm+0x1a/0x30
[ 1266.923379][   T43] 
[ 1266.924030][   T43] Freed by task 34:
[ 1266.925122][   T43]  kasan_save_stack+0x33/0x60
[ 1266.926378][   T43]  kasan_save_track+0x14/0x30
[ 1266.927577][   T43]  kasan_save_free_info+0x3b/0x60
[ 1266.928852][   T43]  __kasan_slab_free+0x51/0x70
[ 1266.930092][   T43]  kmem_cache_free+0x152/0x4c0
[ 1266.931358][   T43]  i_callback+0x43/0x70
[ 1266.932436][   T43]  rcu_core+0x79d/0x14d0
[ 1266.933532][   T43]  handle_softirqs+0x213/0x8f0
[ 1266.934767][   T43]  run_ksoftirqd+0x3a/0x60
[ 1266.935907][   T43]  smpboot_thread_fn+0x661/0xa30
[ 1266.937142][   T43]  kthread+0x2c1/0x3a0
[ 1266.938193][   T43]  ret_from_fork+0x45/0x80
[ 1266.939350][   T43]  ret_from_fork_asm+0x1a/0x30
[ 1266.940540][   T43] 
[ 1266.941137][   T43] Last potentially related work creation:
[ 1266.942555][   T43]  kasan_save_stack+0x33/0x60
[ 1266.943739][   T43]  __kasan_record_aux_stack+0xba/0xd0
[ 1266.945077][   T43]  __call_rcu_common.constprop.0+0x99/0x7a0
[ 1266.946571][   T43]  destroy_inode+0x12c/0x1b0
[ 1266.947747][   T43]  evict+0x5ed/0x960
[ 1266.948762][   T43]  iput+0x52a/0x890
[ 1266.949730][   T43]  do_unlinkat+0x5c3/0x760
[ 1266.950850][   T43]  __ia32_sys_unlink+0xc4/0x110
[ 1266.952080][   T43]  __do_fast_syscall_32+0x73/0x120
[ 1266.953399][   T43]  do_fast_syscall_32+0x32/0x80
[ 1266.954657][   T43]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1266.956230][   T43] 
[ 1266.956840][   T43] The buggy address belongs to the object at ffff888022ee9398
[ 1266.956840][   T43]  which belongs to the cache shmem_inode_cache of size 1544
[ 1266.960402][   T43] The buggy address is located 1224 bytes inside of
[ 1266.960402][   T43]  freed 1544-byte region [ffff888022ee9398, ffff888022ee99a0)
[ 1266.963754][   T43] 
[ 1266.964359][   T43] The buggy address belongs to the physical page:
[ 1266.965950][   T43] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888022eef590 pfn:0x22ee8
[ 1266.968425][   T43] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1266.970516][   T43] memcg:ffff888024773501
[ 1266.971564][   T43] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1266.973659][   T43] page_type: f5(slab)
[ 1266.974658][   T43] raw: 00fff00000000240 ffff888040489cc0 ffffea0000a4cc10 ffffea0000a1ba10
[ 1266.976801][   T43] raw: ffff888022eef590 0000000000130002 00000001f5000000 ffff888024773501
[ 1266.978924][   T43] head: 00fff00000000240 ffff888040489cc0 ffffea0000a4cc10 ffffea0000a1ba10
[ 1266.981091][   T43] head: ffff888022eef590 0000000000130002 00000001f5000000 ffff888024773501
[ 1266.983338][   T43] head: 00fff00000000003 ffffea00008bba01 ffffffffffffffff 0000000000000000
[ 1266.985605][   T43] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 1266.987828][   T43] page dumped because: kasan: bad access detected
[ 1266.989490][   T43] page_owner tracks the page as allocated
[ 1266.990956][   T43] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 37, tgid 37 (kdevtmpfs), ts 5629596523, free_ts 0
[ 1266.995973][   T43]  post_alloc_hook+0x2d1/0x350
[ 1266.997227][   T43]  get_page_from_freelist+0xfce/0x2f80
[ 1266.998657][   T43]  __alloc_pages_noprof+0x223/0x25b0
[ 1267.000033][   T43]  alloc_pages_mpol_noprof+0x2c9/0x610
[ 1267.001458][   T43]  new_slab+0x2c9/0x410
[ 1267.002544][   T43]  ___slab_alloc+0xce2/0x1650
[ 1267.003784][   T43]  __slab_alloc.constprop.0+0x56/0xb0
[ 1267.005181][   T43]  kmem_cache_alloc_lru_noprof+0xf0/0x3b0
[ 1267.006641][   T43]  shmem_alloc_inode+0x25/0x50
[ 1267.007854][   T43]  alloc_inode+0x5d/0x230
[ 1267.008926][   T43]  new_inode+0x22/0x210
[ 1267.009994][   T43]  shmem_get_inode+0x194/0xf00
[ 1267.011268][   T43]  shmem_mknod+0x1a8/0x450
[ 1267.012421][   T43]  shmem_mkdir+0x31/0x60
[ 1267.013495][   T43]  vfs_mkdir+0x57d/0x860
[ 1267.014566][   T43]  devtmpfs_work_loop+0x58b/0x7d0
[ 1267.015805][   T43] page_owner free stack trace missing
[ 1267.017163][   T43] 
[ 1267.017790][   T43] Memory state around the buggy address:
[ 1267.019202][   T43]  ffff888022ee9700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1267.021237][   T43]  ffff888022ee9780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1267.023229][   T43] >ffff888022ee9800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1267.025212][   T43]                                                        ^
[ 1267.027003][   T43]  ffff888022ee9880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1267.029055][   T43]  ffff888022ee9900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1267.031111][   T43] ==================================================================
[ 1267.033887][   T43] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1267.035851][   T43] CPU: 3 UID: 0 PID: 43 Comm: kcompactd0 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[ 1267.038551][   T43] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1267.041281][   T43] Call Trace:
[ 1267.042163][   T43]  <TASK>
[ 1267.042938][   T43]  dump_stack_lvl+0x3d/0x1f0
[ 1267.044160][   T43]  panic+0x71d/0x800
[ 1267.045188][   T43]  ? __pfx_panic+0x10/0x10
[ 1267.046361][   T43]  ? rcu_is_watching+0x12/0xc0
[ 1267.047610][   T43]  ? preempt_schedule_thunk+0x1a/0x30
[ 1267.049004][   T43]  ? preempt_schedule_common+0x44/0xc0
[ 1267.050425][   T43]  ? check_panic_on_warn+0x1f/0xb0
[ 1267.051751][   T43]  check_panic_on_warn+0xab/0xb0
[ 1267.053186][   T43]  end_report+0x117/0x180
[ 1267.054335][   T43]  kasan_report+0xe9/0x110
[ 1267.055503][   T43]  ? move_to_new_folio+0x12e/0x700
[ 1267.056842][   T43]  ? move_to_new_folio+0x12e/0x700
[ 1267.058206][   T43]  kasan_check_range+0xef/0x1a0
[ 1267.059467][   T43]  move_to_new_folio+0x12e/0x700
[ 1267.060730][   T43]  migrate_pages_batch+0x200c/0x3150
[ 1267.062085][   T43]  ? __pfx_compaction_free+0x10/0x10
[ 1267.063382][   T43]  ? __pfx_migrate_pages_batch+0x10/0x10
[ 1267.064802][   T43]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1267.066360][   T43]  ? arch_stack_walk+0x95/0x100
[ 1267.067561][   T43]  migrate_pages_sync+0x109/0x8f0
[ 1267.068837][   T43]  ? __pfx_compaction_alloc+0x10/0x10
[ 1267.070234][   T43]  ? __pfx_compaction_free+0x10/0x10
[ 1267.071606][   T43]  ? z3fold_page_isolate+0x23b/0x510
[ 1267.072923][   T43]  ? rcu_is_watching+0x12/0xc0
[ 1267.074130][   T43]  ? __pfx_migrate_pages_sync+0x10/0x10
[ 1267.075533][   T43]  ? __pfx_lock_release+0x10/0x10
[ 1267.076840][   T43]  ? __pfx_lock_release+0x10/0x10
[ 1267.078167][   T43]  ? isolate_movable_page+0x3b/0x7f0
[ 1267.079529][   T43]  ? lock_acquire+0x2f/0xb0
[ 1267.080691][   T43]  ? isolate_movable_page+0x3b/0x7f0
[ 1267.082059][   T43]  migrate_pages+0x1a46/0x21f0
[ 1267.083321][   T43]  ? __pfx_compaction_alloc+0x10/0x10
[ 1267.084726][   T43]  ? __pfx_compaction_free+0x10/0x10
[ 1267.086096][   T43]  ? __pfx_migrate_pages+0x10/0x10
[ 1267.087373][   T43]  ? __pfx_isolate_migratepages_block+0x10/0x10
[ 1267.088943][   T43]  compact_zone+0x1f68/0x4280
[ 1267.090181][   T43]  ? rcu_is_watching+0x12/0xc0
[ 1267.091533][   T43]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1267.092936][   T43]  ? trace_irq_enable.constprop.0+0xea/0x140
[ 1267.094523][   T43]  ? __pfx_compact_zone+0x10/0x10
[ 1267.095829][   T43]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1267.097226][   T43]  ? __try_to_del_timer_sync+0x116/0x170
[ 1267.098684][   T43]  ? rcu_is_watching+0x12/0xc0
[ 1267.099939][   T43]  ? trace_irq_enable.constprop.0+0xea/0x140
[ 1267.101505][   T43]  compact_node+0x1a2/0x2d0
[ 1267.102685][   T43]  ? __pfx_compact_node+0x10/0x10
[ 1267.104004][   T43]  ? __pfx_extfrag_for_order+0x10/0x10
[ 1267.105427][   T43]  ? rcu_is_watching+0x12/0xc0
[ 1267.106658][   T43]  kcompactd+0x779/0xdf0
[ 1267.107768][   T43]  ? __pfx_kcompactd+0x10/0x10
[ 1267.109013][   T43]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1267.110593][   T43]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1267.111943][   T43]  ? __kthread_parkme+0x148/0x220
[ 1267.113250][   T43]  ? __pfx_kcompactd+0x10/0x10
[ 1267.114502][   T43]  kthread+0x2c1/0x3a0
[ 1267.115574][   T43]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1267.116935][   T43]  ? __pfx_kthread+0x10/0x10
[ 1267.118151][   T43]  ret_from_fork+0x45/0x80
[ 1267.119326][   T43]  ? __pfx_kthread+0x10/0x10
[ 1267.120574][   T43]  ret_from_fork_asm+0x1a/0x30
[ 1267.121904][   T43]  </TASK>
[ 1267.123296][   T43] Kernel Offset: disabled
[ 1267.124437][   T43] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:47:55  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000003 RBX=ffff8880464e8000 RCX=ffffffff821702f4 RDX=0000000000000000
RSI=ffffffff82170301 RDI=ffff8880464e8350 RBP=0000000000000000 RSP=ffffc90006d07de0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=00000000000a2001
R12=0000000000000000 R13=00000000fffffffe R14=0000000000000000 R15=0000000000000000
RIP=ffffffff82170338 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fb5a184e280 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c2ae546 CR3=00000000251c6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000044000001 Opmask01=0000000000006007 Opmask02=000000007f7f6f7f Opmask03=0000000000040000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4341435f45544952 575f4154415f4449
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe3e195370 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe3e194d00 0000003000000010
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7b4da8921dcebc07 737326dce016ac4b
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373e2 7373737373737373
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055aac9d01c60 000055aac9c946c0 000055aac9c99be0 000055aac9caab10
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d25203a7325206b 6e696c6d79732065 7461657263206f74 2064656c69614600
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800051f5600054e 4b4c49485c560540 5144405746054a51 054140494c444600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3278099afbb12b00 3278099fa11dd774 3a4687d15cc59344 3278099fa11d8308
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055aac9c96e50 000055af93658b65 000055aac9c97ff0 000055af93658b64
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3278099afbb13260 3278099fa11dd755 3278099afbb123c0 3278099fa11dd754
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 383a3a263d383a3a 263c383a3a263f38 3a3a263e383a3a26 39383a3a2638383a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030 0000000000000030 083e6f6f6c2f6b63 0000552f6c004538
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030 0000000000000030 0000556f6c2f6b63 0000552f6c004538
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000001f84864 RBX=0000000000000001 RCX=ffffffff8b19d7a9 RDX=ffffed10056a6fee
RSI=ffffffff8bb15660 RDI=ffffffff81701db9 RBP=ffffed10039dd910 RSP=ffffc9000047fe08
R8 =0000000000000000 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801ceec880 R14=ffffffff901cc310 R15=0000000000000000
RIP=ffffffff8b19eb8f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000251c6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000044000001 Opmask01=0000000000006007 Opmask02=000000007f7f6f7f Opmask03=0000000000040000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4341435f45544952 575f4154415f4449
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe3e195370 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe3e194d00 0000003000000010
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7b4da8921dcebc07 737326dce016ac4b
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373e2 7373737373737373
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055aac9d01c60 000055aac9c946c0 000055aac9c99be0 000055aac9caab10
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d25203a7325206b 6e696c6d79732065 7461657263206f74 2064656c69614600
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800051f5600054e 4b4c49485c560540 5144405746054a51 054140494c444600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3278099afbb12b00 3278099fa11dd774 3a4687d15cc59344 3278099fa11d8308
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055aac9c96e50 000055af93658b65 000055aac9c97ff0 000055af93658b64
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3278099afbb13260 3278099fa11dd755 3278099afbb123c0 3278099fa11dd754
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 383a3a263d383a3a 263c383a3a263f38 3a3a263e383a3a26 39383a3a2638383a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030 0000000000000030 083e6f6f6c2f6b63 0000552f6c004538
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030 0000000000000030 0000556f6c2f6b63 0000552f6c004538
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000d95e6c RBX=0000000000000002 RCX=ffffffff8b19d7a9 RDX=ffffed10056c6fee
RSI=ffffffff8bb15660 RDI=ffffffff81701db9 RBP=ffffed10036ee000 RSP=ffffc9000048fe08
R8 =0000000000000000 R9 =ffffed10056c6fed R10=ffff88802b637f6b R11=0000000000000000
R12=0000000000000002 R13=ffff88801b770000 R14=ffffffff901cc310 R15=0000000000000000
RIP=ffffffff8b19eb8f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055e3e5d2f280 CR3=00000000489d6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008220202 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc62f69e30 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4154414600544549 55510029646c253d 646970282064253a 29287338342e253a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4154414600544549 5551000c41490018 414c550d0541001f 0c0d561d110b001f
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=a8ec6df0a8ec6df0 a8ec6df0a8ec6df0 a8ec6df0a8ec6df0 a8ec6df0a8ec6df0 a8ec6df0a8ec6df0 a8ec6df0a8ec6df0 a8ec6df0a8ec6df0 a8ec6df0a8ec6df0
ZMM22=22c1441f22c1441f 22c1441f22c1441f 22c1441f22c1441f 22c1441f22c1441f 22c1441f22c1441f 22c1441f22c1441f 22c1441f22c1441f 22c1441f22c1441f
ZMM23=816e4f9d816e4f9d 816e4f9d816e4f9d 816e4f9d816e4f9d 816e4f9d816e4f9d 816e4f9d816e4f9d 816e4f9d816e4f9d 816e4f9d816e4f9d 816e4f9d816e4f9d
ZMM24=fd227552fd227552 fd227552fd227552 fd227552fd227552 fd227552fd227552 fd227552fd227552 fd227552fd227552 fd227552fd227552 fd227552fd227552
ZMM25=34c7290a34c7290a 34c7290a34c7290a 34c7290a34c7290a 34c7290a34c7290a 34c7290a34c7290a 34c7290a34c7290a 34c7290a34c7290a 34c7290a34c7290a
ZMM26=83cf9bfe83cf9bfe 83cf9bfe83cf9bfe 83cf9bfe83cf9bfe 83cf9bfe83cf9bfe 83cf9bfe83cf9bfe 83cf9bfe83cf9bfe 83cf9bfe83cf9bfe 83cf9bfe83cf9bfe
ZMM27=0da8b9420da8b942 0da8b9420da8b942 0da8b9420da8b942 0da8b9420da8b942 0da8b9420da8b942 0da8b9420da8b942 0da8b9420da8b942 0da8b9420da8b942
ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=b7150000b7150000 b7150000b7150000 b7150000b7150000 b7150000b7150000 b7150000b7150000 b7150000b7150000 b7150000b7150000 b7150000b7150000
info registers vcpu 3

CPU#3
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85142bd5 RDI=ffffffff9a662300 RBP=ffffffff9a6622c0 RSP=ffffc900006a6f08
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000020 R14=ffffffff85142b70 R15=0000000000000000
RIP=ffffffff85142bff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f743e994 CR3=0000000071e0c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000005f000000000 0000001300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000