last executing test programs:

29.738236198s ago: executing program 3 (id=1588):
syz_emit_ethernet(0x5e, &(0x7f0000000300)=ANY=[], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, &(0x7f0000000280)=""/239, 0xef)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="b6", 0x1}], 0x1)
syz_usb_disconnect(0xffffffffffffffff)
ioctl$CDROMPAUSE(0xffffffffffffffff, 0x5301)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r3, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x0, 0x0, {0x0, 0x0, 0xf5ff, r6, {}, {0xfff2, 0xffff}, {0xfff3}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x2, 0xfff2}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)

28.942829719s ago: executing program 3 (id=1590):
r0 = socket$inet(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f00000001c0)={{0x2, 0x4e22, @rand_addr=0x64010100}, {0x0, @local}, 0x12, {0x2, 0x4e20, @rand_addr=0x64010101}, 'sit0\x00'})
r3 = io_uring_setup(0x177f, &(0x7f00000001c0)={0x0, 0xf2f8, 0x0, 0x1, 0x175})
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f0000000500), 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000280)={0x3, 0x19, 0x6, 0x9, 0x5, 0x9, 0x3, 0x78, 0x6, 0x0, 0x1, 0x7, 0x9, 0x2}, 0xe)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r5 = syz_io_uring_setup(0x8d2, 0x0, 0x0, &(0x7f0000000080))
io_uring_enter(r5, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000080)={0xcf, 0x0, 0x0, 0xd, 0xfa, 0x6, 0x9, 0x3, 0x9, 0xd, 0x8, 0x6, 0x29, 0x7}, 0xe)
sendto$inet6(r4, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r6=>0x0})
ioctl$BSG_GET_VERSION_NUM(0xffffffffffffffff, 0x2282, &(0x7f00000000c0))
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0xffffffffffffff15, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2c250000000c0000200012800c0001006d6163766c616e00100002800a000900000000000000000008000500", @ANYRES32=r6, @ANYBLOB="89d2e68b76a1d4bb20dbeddf5438750ac805c0e4e7cab03a293935b615f5f4723ad85c007c42fe4a7b93152559389165c5321c9146843c802d11043931d829d14b6997333cd7173a043ffb588f69f4c354763eb5901f1158ddd16c352247bb7b34d91e73782085fe3885aa96e761ba82ed446c61c67b988f556074338b86e6369eef234f01cbcac648ee4cfae0dea76156c0fcd0623a80667c9584618597ff20ba980f97fa5485c97b5f0ff5a8a891998d7003d530b4da5bdf9dea91a6cec30a05d173b2640ca9a3e9cd3566f7a2b0f221f6022c45242fa8986aa9cbd6db58a267b107abb81456dee2"], 0x48}}, 0x0)

28.872360173s ago: executing program 3 (id=1591):
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "182325", 0x8, 0x2c, 0x1, @remote, @local, {[@routing={0x2c, 0x0, 0x0, 0x1}]}}}}}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@map, 0x26, 0x0, 0xf51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3f9d00000000000008001700000008000300", @ANYRES32=r2, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c000180050002000000000008000400050000000800010002000000240003"], 0x7c}}, 0x0)

28.822403683s ago: executing program 3 (id=1592):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x800000, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket(0x2c, 0x4, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000300)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r3 = inotify_init()
inotify_add_watch(r3, 0x0, 0x20000002)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}, {0x20, '\x12~\x85\xecZ@\xb5\x18\xec\x182\xc9L\xdc\xb2\x81\xdam\xa8\xc5{\x92\x14\xce\xf2\xb8\xf7\xa9\xa7\x00X \x93t\x91!%\xff\x13\xdc\aIY\x0e\xb4zh\\\x06\r\xe8^Z\x81\xb8$:P\x83\x98_\xa1\x98\xd6\xd2g-\xefr\x14<\xd1\xb84\x94\xa09\x9f\x12I\xed\xd5dT#f\xb4\xf3\x88\xcf\xde\x00\xd4\x81WN\xca\xb5c\xbf\r\xb0Q\xa9\xbaC\xd2\xa2\x1d~\xc5D(\x92A\x12f\x83fn\xd0\xb6\x02\x116t:|\x94\xc7\xac\xf6\xbc~m\xd6\xd1\xe5\xe0\xdd\xc2\x9cl#\x85\xab\xe7\xa9\xcb\"\xd2\x97\x10\xa5\xa8\xc1\x8d@U\a]Gi^\xd2\xdf\xb0\xa5!\x836\x92\xc9\x92\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000088000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0xfffffc43)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x268, 0x0, 0x11, 0x148, 0x13c, 0x10, 0x1d4, 0x2a8, 0x2a8, 0x1d4, 0x2a8, 0xac, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'sit0\x00'}, 0x10, 0xf4, 0x13c, 0x1c, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'irc-20000\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{}, {0x140}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x2c4)
r6 = ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r6)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/power/resume', 0x88102, 0x0)
write$cgroup_int(r7, &(0x7f0000000040)=0x700, 0xfdef)
ptrace$poke(0x4, r0, &(0x7f0000000380), 0x80)

27.922727416s ago: executing program 3 (id=1596):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = fsopen(&(0x7f0000000000)='jfs\x00', 0x1)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000240)='resize', 0x0, r1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0xfe98, &(0x7f0000000000)={&(0x7f0000000680)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x18, 0x10, 0x3}, @TCA_FQ_FLOW_MAX_RATE={0x2, 0x2}, @TCA_FQ_FLOW_MAX_RATE={0xfffffffffffffd87, 0x7, 0x3}]}}]}, 0x48}}, 0x0) (async)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7}, 0x1c) (async)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) (async)
r4 = fcntl$dupfd(r3, 0x0, r3)
sendmsg$NFT_BATCH(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[], 0x56c}, 0x1, 0x0, 0x0, 0x40000}, 0x8051) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="84089259aa5c0fa6f83883b99ba66533bc1427d3535477d56d12e55c61995f191468394c4dcd931d71b0e85648526d71771a8b9997453de0575d5f08c94f13694b99a720120c6b4ef0ebc3afbb19fb4cfa97cb4e2c6218dd37b2afb2f9c000d2c457bb90edda2e430a11fdbdd6d0b8254c61b491260d94086942781d17cb5bdabed9c37fb7457c2b01622795095275f98e2cc922ac780c649fe63126b6032d3a57c8727b660f389756c484fea8367e5b826355bcb92161a75df36bd5a7c04a2bba56ac3b277ef70c1910eabd12a3a635b7a81c6833fd1bbcabc29865b54f45b47cd0603b939827f3b60d", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r6}, 0x10) (async)
r7 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r7, 0x107, 0xf, &(0x7f0000000000), 0x4) (async)
sendmsg$kcm(r7, &(0x7f00000000c0)={&(0x7f0000000100)=@qipcrtr={0x2a, 0x4, 0x7fff}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590241c90000002f1eafbcf706e105000000894f000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x65}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada32bc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000dc0)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c96a7d803c797a7da950269fa645b560fabad3cf0410e81cbfe911b9890a37bef83b00c756b3973647416198520186e4bbc76048d410ba225d1872285aa059415b0dfecc1410bd1f98460dac3280ea08dc909fb5ca53de3d6d98448a501a3fbc8def92421e", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0)
mq_timedsend(r4, &(0x7f0000000280)="be43f1fc46d64d130829ac581c314e6897cabd868cfa07fd83740a420d6a2231a6bce5b308898e34b385d65d614aa3008cb225ace462f00a4756249069df12c7763e04514bacc900570dfe92602aeda70a7cdb22f81ac8f938522d5b2a43442ebfa3b91c6830d263aab0a77344fc0b7893d257685101841197c3f0", 0x7b, 0x3, &(0x7f0000000200)) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000340), r4) (async)
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r8}}) (async)
setsockopt$MRT6_ADD_MFC_PROXY(r8, 0x29, 0xd2, &(0x7f0000000040)={{0xa, 0x4e23, 0x7, @ipv4={'\x00', '\xff\xff', @empty}}, {0xa, 0x4e24, 0x4, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x5}, 0x0, {[0x2, 0x0, 0x80000000, 0xfff, 0x3ff, 0x3, 0x6, 0x802]}}, 0x5c)

27.533095239s ago: executing program 3 (id=1600):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0), 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], 0x9)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000c40)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e22, @local}], 0x20)
write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301fc00e00"/28, 0x1c)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
socket(0x2, 0x80805, 0x0)
add_key(0x0, &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x52b281, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
socket$nl_route(0x10, 0x3, 0x0)

27.532856141s ago: executing program 32 (id=1600):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0), 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], 0x9)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000c40)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e22, @local}], 0x20)
write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301fc00e00"/28, 0x1c)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
socket(0x2, 0x80805, 0x0)
add_key(0x0, &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x52b281, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
socket$nl_route(0x10, 0x3, 0x0)

6.372603061s ago: executing program 4 (id=1758):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r0, 0x0, 0x2a, 0x2, @val=@tcx}, 0x40)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000023c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004a00003c0000000000059078ac1414020a010100890fce7ee7806794998b2175650387ebd8e0000002ac1414bb00000000830200000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000090780000"], 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
move_pages(0x0, 0x0, &(0x7f0000002340), 0x0, &(0x7f0000002380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x27ec45380e07cd16, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x15)
add_key$fscrypt_v1(&(0x7f0000001500), &(0x7f0000001540)={'fscrypt:', @desc2}, &(0x7f0000001580)={0x0, "740c561c18c8d0520787a815169e2c2d38ce24ada46dfd910ebe32afb63c184f8aa7603c7eedb7c4014bc2f01d8020e3f1a9f99f55e81277b2f1e4dd09621d6f", 0x3e}, 0x48, 0xfffffffffffffffd)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)
syz_emit_ethernet(0x7e, &(0x7f0000000300)={@local, @empty, @val={@void, {0x8100, 0x0, 0x0, 0x3}}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "5f1060", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8100}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {0x8, 0x88be, 0x86ddffff}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x4}, 0x2, {0x0, 0x4}}}}}}}}}, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000e40)=0x100000001, 0x4)

5.351722086s ago: executing program 4 (id=1763):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xa, 0xb, 0x42, 0x2, 0x42, 0xffffffffffffffff, 0x10000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0xffff, r2}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000880), 0x1006, r2, 0x0, 0xd88d02a0}, 0x38)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
socket$nl_route(0x10, 0x3, 0x0)

5.212831202s ago: executing program 4 (id=1766):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000054000000030a01040000000000000000010000000900030073797a31000000000900010073797a3100000000280004800800014000000005080002401b2fd2c5140003"], 0x9c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x13, 0xfffffff5}, 0x0)

5.212541616s ago: executing program 4 (id=1767):
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_SIOCDELRT(r3, 0x890c, &(0x7f0000000140)={0x0, @in={0x2, 0x4e23, @loopback}, @vsock={0x28, 0x0, 0x2711, @local}, @phonet={0x23, 0x37, 0x0, 0x3}, 0x7ff, 0x0, 0x0, 0x0, 0x24f2, 0x0, 0x2, 0xf93, 0x5})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000f7951b000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x28, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r5 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r4])
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r6, 0x401c5504, &(0x7f0000000080)={0x3, {0xb, 0x80000000, 0x7, 0x4, 0x5, 0x80}})
ioctl$VIDIOC_SUBDEV_S_FMT(r5, 0xc0585605, &(0x7f0000000080)={0x0, 0x0, {0x0, 0x0, 0x2025, 0x7}})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000005b, 0x1000000, 0x0, 0x0}}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write(r1, &(0x7f0000000340), 0x11000)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0x11)
syz_usb_connect(0x1, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb700000001090212"], 0x0)
r9 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r9, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000a80)={0x60, 0x2, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0xb, 0x0, 0x0, 0x4f9, 0x4, 0x28, 0x8, 0x3})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r9, 0x1000)
r10 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
ioctl$HIDIOCGRAWPHYS(r10, 0x4004480d, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r10, 0x50009417, &(0x7f0000000900)={{r9}, 0x0, 0x4, @inherit={0x58, &(0x7f0000000580)=ANY=[@ANYBLOB="00885315adad7db09c71d56a00000000000000020000000000000040c3000000000000040000000000000008000000000000000700000000007ffb32812c7e8bbb22cd436d8a1ccbde0000070c0000000000000400000000000000b428b3700ae6f5b05464b6e5e43d0958040000040000000004000000000000009e470020000000000c8d887448f6c33d6bba876e8849"]}, @name="f265ffcd4b648a41895e1804dfac4b227f5f5eea64f728201f586b1eed6f146364bf6f97298a483ee2855f5bdcd845696b36d6c656383238e3e0982a29f3b8ee4a55de92bafd61bc3b61cdff5cc764206898bc5fa5907ad7c7ee7b242d6660584f88a62e0dc15271242ed67e80bcecacdf5fc470c33232a2df914f0f1fb83d18a4e1783b23afb395ae134c9e0cd658bf334e51616086ec011a1ee66c167a967574d2f9ab60338672d596c3fe31797ed4f537efd3654809dd5d37fd95ad21ec53e7ac9004a343dca73bca24511bbc5f3782087569a57d11d39522de127538acee737a270a77f24bf343915fb7592793e28b94c7ff502a564c7acff3c4c4c310de4bb8403b616d9b8ee869b805618f3da7640262f0378d877d50fcc41cf77a648cba0e5050fbf62eecc991906d21f3763fcd04a436a3c1dd99c99f01323e150b22efe361b1a7507a97514b2f4b92d040f79a582f04c6e8f5deba9821701551eee9672369dd4f4ec28111481409f75254048127deedb203136c52c18f709dbd43ddb90115172441d389a203bcf23902b1683f04f073c91ecf0271c663a756fae1b8ab128b8ce9738da8fd6094edfeff2578b6fb8de1dacaa011bd3c91c8413c2d4910868cdc42425e1a3de7acd16f3840cce265fa23a41980424b0bd792aea379d6c3b98eeab26aa7bb97e7ae14bbaa9d1e0e3cf583b0499a0593e984847d180a9beb06feff8424d578df7736e056c02553af8ae4e768bc891bff482982d6e7b63c9de215a800e8ff5418ad1f6ff062e245562b02222e9ab6e5bf4b56c1334b08ff7950fea120105f7ad02af47c60b6a4f591a2db49f823bf5057b3b0b7efcfc8325d9a257a69502a7e3cd29d001d61736e49c60dced4786fe1da7d6701780bb6b8c3f1bf0778fb42f5f1b11c6c49e327ae1490c86b505679b6693a2de5e5f2f1fbbd1e96aa712adb0b633fc6c06fba1a4a506871301d634a54967885c2535e5774015c299ba32d3bc44094bb12852ee90ca9d5f6500e75e53dab8cf6cb89ac50e4ae5ba11dd358af2f5698aae4680763ac25141bef709e6bc1d97d54c48f512011f007e755b736bc6f9b57e8b6fdfbedffd2dbd963488d0133b0dc0ce40142130cff3f8e882a4564c5e52399453e351f3844134cbb2512bb9476f7bf95a79c5056c07d367a15798df9771f02b0e9c62d9493414f4fcb765dda49c3efb9407094efaed2dd3cb793b1a7b910b812462d762d35bf8b5d08f0ce7b7b01ef957b82ed2e7c991608c4026438736aea88f5ef4b83bc672763c955940b94f3e45b825406169275416fbbcbeecb029886c0b626e98c53ed225c93660995a485b0db115ea4816dba45c17edfe55b9dab827d14a762d99cdf4adb9eb6998e86cf0559cfc80ba20ebeed1b91e1fe8741687e30ce3b158fe99ecf6a3ca25a20f5b94000de4ac00fbeb0a10462fe4768216e6a52c4b4cad60d7de9c11f574879ac2d202af32a45fd855fb71ca6a6a73f1a5cae7c1c420ef672fa6333a2ab87b0d1bdb648e9b80ce2f2d3fdfe25cccd527c250b7a3f44ba5e92b600e6c4af7e21e3fca37fc8f361199a9140d473a1ef3c5180a4457965c4437993ba45f940afb0efe3928ff9fc6a130f4b688b460744e6289a70dff75ec743597fbc44a37be82483c92b1dd4fdeec4d4bb09487329d0653688704511264998b86dbf3a927b1b467eb24f758f7e58472679678cadbde546684185cd3d85cced477b881939edc0bfd805adfa88cb6025ca5be7c2d6e1ac8a40a33c4e3df6772032d62a3d720a9867c26f4d6422bf36d3ae7f49409518aebe5fbb79afbbf894107730e1be68ac52dde1a730beb11b29cc3237188cee5b1c880e673fa558dc37eed27cafc6918ce453cc112838286c26bc511318368b51dadd487ba11f504c6432f60dc26d9d908ea7d0d1ea9acc5f56ab66790bb71d801e1979ccb2a17ab6f234f474f5886175d49f195e64a6878c71c483081be48a5e0694d48828d1c41835af265c068e9e019cbbdde72f187c48b488c190fad2be30746043857914e302928105230ad4bed10319292541b0b6a615f86b96aa76ce4422d55636c496a305ab8e07b2d76f7c7b38604858d601502ab349875e844d1c9e25332ac28da2ead44e1d8df2beb1186bed407e25febea2440d09957446e60960d69aff492f048a0b4b89c0d0dcdca79fae52430f978a0d607902cbbdf1609d4d08f0896324456613f5c5ab7c13b74387e9a25813c10f6e647e45acbf9740a88f1425bc4b41f7733efc0f5b217e54d9e672cf97887c8069105c23e29712246be4f9b0153b23ae4f97356428503b2b0f66facb479af6a5ccbfb47893ac909c2f09b5effcc7da81e89583e4bee63cbe8f120ed7528bd11289d1fa2782245a2b5b6b5418e0e9626e5d36a7473ec276be813c52585ce7054208451b2c1346f87e76ae0d5599ce6abb157bea8f8b25dba4b77df511b9e9c6be930d19bbd96f3d1d76c06160fab937cd5f176e0dc944a227c804c2a9fd55e062a0d89822d8963a32dbe8d123c9ee6a10e4ecdcc67654aed96124a7544c4fbfbe82e3537202275d899a8ce61794c9ddd410da4dc17e54d62a4e5d0ce1f5365ead10c639c021933fe998ef1229469461fe06e584b11cd7fd094b40f7d69509b063b7a911aa8fa461146d87a5d18b10373878fe20d453c3557ad1bec2db5745f9d4ca7863689b41dc2a862bee0832873f4f8103ae87f442722128135d820025ff02ed0e52d5f7d71dc80f6aef5652f4aa215fee03f1354492f8bce91324e9cb842eceb3e20dc14a7a943fa056cc250e8880f9fa7910a008ce59f44a4d27b3fe74f147873f6d97a70a6602bd12c999e2bb8bd7c8bc4017dffddc1f127c3f482ad1b31514a0309dc41661583d65052e776ac46432599e46e36bf903df01fb480a9e21b7f9e4485c21cb7c1d83fafe8b11e662c42e715a24d997d905d3ec2e6f6aca2dfec324d51f02a1f3c8749137a483d848815fe3c6b2e0455755852f904e4552034214ee192662bd066a21daf720c40e3b6f0332d17b6c8109b41bdae8e1229b4598f200ec914423f3c8daaf4b3e7b8b5fe8bf3d0fe4aef820b270ce471cf496aeb300495b478b831bb13c3919cd421c7241ea1eadf6762bf6af813986dece741331bb11e6884768fedcb599295f0d79d3c504170a5dfc7589fa396b9d661cb4553fad720dbc30a4fd63aa394aee8e7f5c87cb6bfe54d4669978109464546bf4455cd1ef3e65720a5847732b5d29aa992eeabc5bdef21483979daa96c1ec34b972097f5e6de43e62e1a711349bc9b2c5b49ca188706d38c582fa1294b3e751d0796fdeea4bc962f70e9a6634e7e8a6382a456dd0ed19c2296af78b1d8f8c84e579211a81bc5ded12203f27a8f87fb95536ef1fda656ed53b1e2b11752746df82911ec27535f9d8f61b959a336eb2bff6ab1fe6b37e40676f7151d5bba5829d289b2622805fa22398910fc49a14db7df29c9438b265324595ce5ba813ce237ea6d31c5294ae52588b997e5453c4971607ed12528f64aadec23abc9f90f06e59e2444c286cb34c3a27fcb4e9429e25a66b3658ee3566502f52cd11c12c3a6fee916d6bd9a063d5719d76036867e759ff8c533360c32482f76bc7425b981528add867e2ccca1c286ca8c238f377bbd075b4b26d838fff76b398562bf538e89a3da30d3bdb0e2018779fc7400cdc2e95a3dca7412c1e022ac73e162116a67c11b95a4e3ee69d6eb12f2382a75d904c06f7484aab7bb8c89fc8e716ff4122f1031dda0c30d4673786395259a1260f01392d4147bf901d9a0f91b1fbee82c9a2d97dedf56f43bbd381e25a38e5e30c5f285ae6aafa0ae8323fe77bee173f55e9592d8135b18352d8c7ef4cffef369f339231b915d64f230f1ad3613fb5593d35e6335b9fdf133e20a9cdd18a146ceacf6cfab9cb048a375161455ad96d82305e92bb541f36a2497cf2d34a03094bdafa7c8b61d2578a8797da01684cf73dee46b6ce13be0e45464b6cebf5477cdb84f823a2819e6bfad728199ef5a3fca391ddd784caf460df904c301bb1fc01653f27761a9a2ad9a7da63f57e1117d8d57130998ae93979306a84753520868a4c73cf26aae8450a9ac4908234c7c12d3d1e7d80bf6a52c90ae89d0702aa8e2733ddeba3c9d276aeb944d5704cbc4c6b36daf65309a6b125a9dce6fd069f4c622369b14811a733634031d595aa4c52c3037299e30ed407c47cc646205108ba15bf38d4a2af6470548be8c0ad030e7710655ee61215c2d7d84c851de810eff7dae8c8eff5ddde7b8593927f88183f2360cf116d6c9495e0ed84e9da75f9d66a9e07970cdc8558e857e8077bc187a1a6ac1c1afe78225f7d24ec38daf0659ae6a04b02855cbdbb25109ea9f12a2f26b2e60dccf35205e6cdc7d8ad2363409baa8d3e42b68342ba23e29646e07c83e8c2bd2e9faf1608880504790bb0d592f4157f3fbcca3026dd1c9a3c55ed7be0fc62e123629c7dff12cb12d5b7edfc2af7ffb4a4f9eff23472d7d559095e50a059d684601c772846d70e52bdd95d4d0f13fd584764709a2fb0e7dd44ac06ae3c1cc062089f7b6ba35fe61900aee305b92cf4b0544f78902c587f827c45660f076707fc37b03bf27dbc9445bbc36ffaff5cb09e1f679713545d8268f5e794ae9a0bdd79a48aa16ce2d24ebf41671361e35125066c2f3ac8533e90ead6b728c2f0e7eda9f4f0f1395dba096ba9c1cf6b0d8691dd4c50ac30313836cd48fc52ad51a5503fdd81e9b8b85d9b384fbf53befcba3a1ed1dd38ed0bd1ea57ff290f68be1a082cbd9dd472d762f1c52c1239b4c787f20d98281c3a77dadf908c11e5b13ddeec536e85739843e5ec62e088c1d97027793e661b853efe9e7ec5e9fdd18cf1cdf3a34681d074bd28d3b766a63a7a019d5a3bc4879391c371b0b52d20cfdc5f27ebd2c978fefa8369291848c8213ccec2a70dd6d8c62654e86a81de903017cc7a5931ced1cf38fb7e22896a1a4c68b9958f3bd9235405c4f46a4d8a9034bbb74bc7e67816baa0ba05822c44dce49b4ee66d01e255d3b31315368ef016fcbead361528780513489c5a020cb11cd77acaabfdade2c893a09ece0e95546a6fd2798596f63b3362c2f20911825266e4629c49803807cd76c69734e22ecacf486cfe1f1a0a303e4acd83ebbe6f40da9f083f28b810c4ca7a5acbc0b9dacda7d4c0556d330e2797a13f9af5feccc866014b4c237f3855f4e2305468f68a0bd1b2f100230e870a596d8b24cc6556730d6112289b5b32e5fd04132fe00b69fe4722bd62c45a88db739e9b1ac8762ac0ddf561d174a72b8f94a824d7a003666d3644013931a4ca707256c6381ffa3f38cb8d5a0fcc2ffd2bbec403abd3547c93c96bedc18f1aef57504c9bdcd3472727e7de43ceb4a40f4be8b0ea51a1e3c7d84b8b20b80f4976a05ec17712fa2f373cd31cb5eaa2e66978f0963fa11bdc7f51172bdee2d2a7345e1ebb105d3213ca59c3656f2f2924b65ed346b61f7572076ae6147e6e7ac224c3a9395899e6f32495dd312bbd242586396a069d0c13d69426699c8ff02cd2ad01b504d714d52c639c9c13e247e74b805fd4c7d377d0c247c81a1353f09c635db93fad9b8eefa145495e90afab3a42e0654346795c0f23658082751f2c30c818d0ba70dc7520a6377c38fbe94454d2f3b1f8ae"})
close_range(r7, 0xffffffffffffffff, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r11=>0x0)
io_submit(r11, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

2.642529714s ago: executing program 1 (id=1782):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000000000000182300", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r6, 0x7000000, 0x4000, 0x4000, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x0, 0x0, 0x47, 0x50, &(0x7f0000001ac0)="9c01bd6f9a6028c80d7364240fd78867d9d62eca43c565f2c5ac65dd4a0fadceb6c65dcb07f2421e69087e0f17b4eb709e4805f2722709c46bef17c4cb9aed9fb1c342179ea349", &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x0, 0x13}, 0x22)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x28}}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0xa, 0x2)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r2)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80010000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="87f90000", @ANYRES16=r9, @ANYBLOB="020026bd7000ffdbdf25090000001c0101800d0001007564703a73797a3200000000110001006574683a70696d36726567300000000024000280080002000200000008000200ff010000080004000400000008000300130400002c00028008000200000700000800020002000000080003000100008008000400fc000000080003000500000024000280080002000800000008000300040000000800010005000000080003000900000044000400200001000a004e240000005cfe88000000000000000000000000010108000000200002000a004e2000000009fe8000000000000000000000000000aa01000000080003000100000034000280080002000100000008000400030000000800010007000000080002000200000008000400010000800800020003000000980104800c00078008000200000100000900010073797a30000000004c000780080001001800000008000200ffff00000800030007000000080001000300000008000300050b000008000200180000000800030009000000080002000600000008000300faffffff44000780080001000d0000000800030004000000080001000900000008000200040000000800040008000000080002008a050000080002000500000008000200030000000900010073797a30000000004400078008000200060000000800030008000000080002000300000008000400f3ffffff0800030003000000080003000a000000080002000700000008000200030000003c00078008000200090000000800020091f2000008000400000400000800010015000000080002000f06000008000400b007000008000200090000002400078008000100100000000800010017000000080001001200000008000400080000003c000780080001000500000008000200010000000800030051080000080003000c000000080001001c000000080004001eba00000800030007000000740006804800040067636d28616573290000000000000000000000000000000000000000000000002000000054ed1bd91c23d6c85e661bc093edcc92d2a948ef9ff2961b73920a2c4601052b08000600000000000800060000800000100003000ffa42f7fa2f61f245563505080001001cfeffff2c00098008000100fcffffff080001000600000008000200ff01000008000100ff0700000800020007000000340009800800020001800000080002000800000008000200020000000800020005000000080002000400000008000200030000000c00038008000300f60000001c000380080003000200000008000200000800000800030006000000c400048014000780080002000400000008000400000200000900010073797a30000000000900010073797a300000000044000780080001001300000008000200ff030000080002000600000008000200050000000800020009000000080001001c00000008000400849d0000080001000b0000003c0007800800020003000000080002000200000008000200fdd2000008000100180000000800030004000000080003000300000008000300960000001400078008000200faffffff08000300ff0f0000"], 0x488}, 0x1, 0x0, 0x0, 0x80}, 0x8041)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
write$tun(r7, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd0900300003003000000060ce902d9f0c2f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001120022eb"], 0xfdef)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r11, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r11, &(0x7f0000000600)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r12, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00006010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="000300000b000000140012800900010076657468000000000400028008000a00", @ANYRES32=r12], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)

2.133949357s ago: executing program 1 (id=1785):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_io_uring_setup(0x48ba, &(0x7f0000000000)={0x0, 0xfffffffc, 0x800, 0x81001000, 0x333}, &(0x7f0000000080), &(0x7f0000ff4000))
close_range(r0, 0xffffffffffffffff, 0x0)

2.002576759s ago: executing program 1 (id=1786):
getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x481, &(0x7f0000000000), &(0x7f0000000040)=0xc)
r0 = accept4(0xffffffffffffffff, &(0x7f0000000080)=@hci, &(0x7f0000000100)=0x80, 0x800)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000140)={'syzkaller0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x11}}})
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r0)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x198, r1, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1000}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}]}, @TIPC_NLA_LINK={0xf8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe}]}]}, @TIPC_NLA_SOCK={0x48, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffffd}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xd}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x198}}, 0x880)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000440)={{0x1, 0x1, 0x18, <r2=>r0, {0x2}}, './file0\x00'})
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000680)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000640)={&(0x7f00000004c0)={0x174, r1, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7fffffffffffffff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}]}, @TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "933af93cb89d9197e56688866e0afa7bd6b5d1f2137ca67e52"}}]}, @TIPC_NLA_BEARER={0x7c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7f}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'ib', 0x3a, 'veth1_virt_wifi\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0xffffffff}}, {0x14, 0x2, @in={0x2, 0x4e21, @empty}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'pim6reg0\x00'}}]}, @TIPC_NLA_LINK={0x54, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}]}, 0x174}, 0x1, 0x0, 0x0, 0x40000}, 0x14)
fcntl$addseals(r0, 0x409, 0x3)
r3 = openat$binderfs(0xffffff9c, &(0x7f00000006c0)='./binderfs2/custom0\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFSLABEL(r3, 0x41009432, &(0x7f0000000700)="60be1a372dcefc6d4419270ab9d08a6778e07ebd4077b3b53cf178a66ef231670ca8edf4f6164396c5ba5e4abdbcdecfdb9068ca97d440c4a682137663d66d30175bddf6be8be7041f0a5bef4427f5c79fbb98566ddb7b1d7e34455309a62f867baf9926142705eb33892f854e6ae0f853292cf98921880fedc785a9287e912bed701beda1527830e4ff784369b6b295fe835777309e38952f5b434da9a99faaeed4e50093fa481ee3009b1f8b1dd1a0cda6fa2a75e4bb92a65e8bd214cf1c56e72d7822f79397ab7e7813eaca43687b80c6bb6cfbd63993f438cf25d523d886877bebd14b7999302956a073721a9575f6a923151b56b86d0353d4b56bad22f7")
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000880)={&(0x7f0000000800)=""/96, 0x0, 0x1000, 0x7fffffff, 0x2}, 0x1c)
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000a40)={0x800, 0x84f, &(0x7f00000008c0)="f62748946dc730e69fcc530e81c7908fed6da2515513f0edd36cedf5ecb77abe5add9ac08da651e39b7a432e55bcfc06ce0b569be8ea8a80cbfc70a5c9ad7eb8c3fa8942c196503e5f72be276958a53ee410154a88feb274b02d6bb354498aac44b6e7dacfac4821f37841acf5a063ffd70e0f30e5f02f93ad53d5f67cd9c89955adea4eba1533f62f895c90c74b0cf14f2bf382cb86fa9ed73b21679403c70ea28459a86e082ff5d7203c1eb48bbbf596fda212831337720d4086070c17d22112641a9ec4144318a60380c736b68ebf546028c66549a93bb045343f3a63c27764cd31bc67f273c79880b94f029f29d228f391", &(0x7f00000009c0)="ba3aa4460c79af8cfe3e52973e9597cef8e0cfa0f204e17b0c773d1112c91ad4b7ffdcff8a6e45af968cfd3287c95b0ee47b554b4d6cb22c2f2d7396ce1367fb99824aa82331224bd23f9d93c6b4e5a5a6684fa78cd8706181be7c697c9db8256dbd6f76ce9c1e27e48d42031a713acc26a73b4fe9", 0xf3, 0x75})
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r2, 0x3)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000a80))
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r3, 0x8008f511, &(0x7f0000000ac0))
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000b40), r0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r2, &(0x7f0000000d80)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000d40)={&(0x7f0000000b80)={0x198, r4, 0x0, 0x70bd28, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x9b3}, {0x6, 0x16, 0x3cc8}, {0x5}, {0x6, 0x11, 0x1}, {0x8, 0xb, 0xffffffff}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xfffffff9}, {0x6, 0x16, 0x3}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x10}, {0x8, 0xb, 0x400}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x5}, {0x6, 0x16, 0xd}, {0x5}, {0x6, 0x11, 0x7}, {0x8, 0xb, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0x1}, {0x5}, {0x6, 0x11, 0xff15}, {0x8, 0xb, 0xfffffffb}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x3}, {0x6, 0x16, 0xfe00}, {0x5}, {0x6, 0x11, 0x100}, {0x8, 0xb, 0x3}}]}, 0x198}, 0x1, 0x0, 0x0, 0x400c5}, 0x80044)
r5 = syz_open_dev$usbmon(&(0x7f0000000dc0), 0x9, 0x800)
ppoll(&(0x7f0000000e00)=[{r5, 0x10}, {r2, 0x29}, {r2, 0x4000}], 0x3, &(0x7f0000000e40)={0x77359400}, &(0x7f0000000e80)={[0x6]}, 0x8)
sendto$isdn(r0, &(0x7f0000000ec0)={0xd, 0x7}, 0x8, 0x4001, 0x0, 0x0)
r6 = ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000f00)={r2, 0x1, 0x1000000000000, 0xfffffffffffff000})
close_range(r6, r0, 0x2)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), r0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000fc0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000001080)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001040)={&(0x7f0000001000)={0x38, r7, 0x400, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x5, 0x1c}}}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x4}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000001100), 0xffffffffffffffff)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f0000001140)=<r11=>0x0)
sendmsg$NFC_CMD_VENDOR(r9, &(0x7f00000013c0)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001380)={&(0x7f0000001180)={0x1d8, r10, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@NFC_ATTR_VENDOR_DATA={0xcd, 0x1f, "a782e12f6cc157dead4edd8144f3c8f382acc67eee17d3ab9df519ee3a6db21e4032dcb921a4aea19debace9383bceb4883e81c9a4d6bb7f310919ea102e2afca812ff26b03626677f8f54ef55e0124287add0da1e2de2388c350e839b6118566552a02c1a8b574289abccb0eb5515061e5f720f2c8da0ccaf7d2b871f992f271295f619e715468243a1d2774513bf08630f7a4a2e369582ee33a2c51e12e0d67b2b74590f4b37c55f25b3264b6ce13e15f37bd2a412f97e5546ee4ada11cf99932b41b55a28095720"}, @NFC_ATTR_VENDOR_DATA={0x4c, 0x1f, "593b9d3053211e7209b039079a807e542ba902e6b2d0adbf506191c02761e1573d3e8635fa6087a72711c5e40e646d11ba86efbf864faa4255d4123f2fe04dda0bf34ba2f83a299c"}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_VENDOR_DATA={0x8d, 0x1f, "43f96c068aad7215e2ccece6581af23cadea00dcafc9a8335b33e90393b58f320b8e406e530f4f8ba385ba54da4df78c307f8b9b978848d198a37b9e4dca4b7b0418178ef7584820c1e870b4c024b4489a689b535e49cf7d15019ec6ca5c613a5cc75643894b14ada64fdbd0c971f2e9be2303acc8b6672cf84759f5f8501124ce2c3296e6efa67394"}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x6}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0xb}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x10000}, 0x24000090)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000001400), &(0x7f0000001440)=0x4)

2.002271445s ago: executing program 4 (id=1787):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f00000001c0)={0x0, 'vlan0\x00', {0x1}, 0x8})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x8040)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$dri(0x0, 0xd21, 0x4000)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x0)
r2 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0x40000002})
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000580)=ANY=[], 0x21e)
syz_open_dev$vbi(0x0, 0x0, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sysfs$1(0x1, &(0x7f0000000000)='ocfs2\x00')
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
gettid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r3, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x200001}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)=""/130, 0x82}, {&(0x7f0000001a00)=""/4109, 0x100d}, {&(0x7f0000006080)=""/4085, 0xff5}, {&(0x7f0000000340)=""/113, 0x71}, {0x0}, {&(0x7f0000000100)=""/98, 0x62}, {&(0x7f00000003c0)=""/100, 0x64}, {&(0x7f00000006c0)=""/200, 0xc8}, {&(0x7f0000000440)=""/67, 0x43}], 0x9}, 0x4db}, {{0x0, 0x0, 0x0}, 0x8}], 0x5, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x13}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x88}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
timer_create(0x2, 0x0, 0x0)
sendfile(r5, r4, &(0x7f0000002080)=0x64, 0x21c)

1.88275355s ago: executing program 0 (id=1788):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) (fail_nth: 43)

1.822666148s ago: executing program 0 (id=1789):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000002000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[], &(0x7f0000000a40)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000004000000060000008000000042"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000080), 0x619, r1}, 0x38)

1.739186474s ago: executing program 2 (id=1790):
r0 = openat$dsp(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x2000000)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x5008, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000000580)={0x40000000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_clone3(&(0x7f0000000200)={0x800000, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0, 0xfb}, 0x58)
pidfd_send_signal(0xffffffffffffffff, 0x21, 0x0, 0x4)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0)

1.599227407s ago: executing program 0 (id=1791):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000000000), 0x242541, 0x0)
readv(r0, &(0x7f00000025c0)=[{&(0x7f0000000100)=""/62, 0x3e}], 0x1)
r1 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000005, 0x100010, r1, 0x180000000)

1.560333934s ago: executing program 2 (id=1792):
chdir(&(0x7f0000000000)='./cgroup\x00')
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000000900)={&(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000740)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x20001000}, 0x0, 0x0}}], 0x58}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001bc0), 0x0, 0x0)
ioctl$TCSBRK(r2, 0x5409, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
syz_open_dev$evdev(0x0, 0x0, 0x2002)
pselect6(0x40, &(0x7f0000002640)={0x7, 0x0, 0x2, 0x400, 0x2, 0x4, 0x6, 0xc44}, &(0x7f0000002680)={0x5, 0x3, 0x349, 0x1b, 0x0, 0x3, 0x8, 0x98e}, &(0x7f00000026c0)={0x9, 0x89, 0xc3a, 0x5, 0x8, 0x7fff0000, 0x400, 0x4}, 0x0, 0x0)
r3 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
times(0xfffffffffffffffe)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})

1.560060322s ago: executing program 0 (id=1793):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route_sched(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000940)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r5, {0xf000, 0xffff}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r7, {0xf000, 0xffff}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0x4e}]}}]}, 0x3c}, 0x1, 0xf5, 0x0, 0x80}, 0x20008800)

1.557639818s ago: executing program 2 (id=1794):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = openat$nmem0(0xffffff9c, &(0x7f0000000000), 0x4080, 0x0)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@pptp={0x18, 0x2, {0x0, @private=0xa010101}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="679138bdf26f48cf14205b1b12e088d258ca21a5e9427bc660376fb4e8e94269d2e279a2f1ecff7ed90ddd877ba9c30c3e7973764f4f34ce3c537a32154a8b79da7027e4cb44514623b59efdd3d8095551e8d61778b1e3a37e08327a93578dc6e2b83eb04ac6f652", 0x68}, {&(0x7f00000003c0)="48a21cc71ded3d5c48a4b630468707c2bcf2b86428d5881816208ef31e414a1848d181e0c52be28a40f5acfdade83ce989da1e733e828bb5f969b87eefd86bde8816b17016dd60305a736bb939a3fd82c01f1f5c60f841dd7e8187bdd07c33d309070ce1f15c45821d21ac2c316dd6148153bebac8dfe54156611f6509f0caa903fda662b74a940050a34a51c5", 0x8d}, {&(0x7f0000000500)="2d92bee34523ab2e72b1ab19d6852f9dbddc6a19cee59d46b1d099a0a1e4b4176ccba3d16f0238666879427594e8900bb12f5990d13a589774895cf5e9f0a3c288f1894f2f20d07a891afb72f62d8ce42a5289d812353c3acdcb7f4f16c9a5eb3d20b6701b3d4f0bf739b8a0d6e581e4eddbb80289b365eb2fe5cd01c2dd28964a89edc629e8ceda050c15a379edbd1d0e4111496abc545641b606f59655734ebf812fb1a5436ff069cfe646b6d5d63270d22bd2180f128d102fe2efbb91ade92cc2272e63bb4a9a445ce8d4d4a5783ed50e42e46064aade50e1e88f87530700f1e1b0ebd7d91d9b429381", 0xeb}, {&(0x7f0000000140)='*\n', 0x2}, {&(0x7f0000000600)="c502d5cd82d64efa124ee6cb1b1a5efcc156b3d9bbe20bb5e566dbaf821f48c4c2b456d7f9d74ca511a1a5460c08416bae0caf5683e7433a5921e8786d2091f99aed1b24603d2cd8476a498d0a06c327bbc80c6e4f4b0ba6740163a3d46a5165b3c2f0c3b35704a4b598b27bf65c70dbf140a36efa2d3d144e633624c0fe1da989c9e55ef4f53ab57e010e5435ccd71d21d56c2d08", 0x95}, {&(0x7f00000006c0)="4cdacfbbaf11f34cf905a25b44295540e4dfcc67ef3359cd8a23dbe4392185074c194cf37021988a84038d1a86691bb28ac5be0751c5c860f2b5d14dc3d8d625350b391ef68b4889451ba118923efb8d2f5bdc6734308e736bb9e97cc1ffdfd407d0d16b50d272c17616ba635d91ee902f5fd8ebb3e5f055d3488d8bc6ec8fcde9ebbac55332cccf129fb7e3342e4ec4ee88645e70a23fa424bbf633557a5e0a768dd4784f1415235d0b523274a5936f6bc7f7fcf9c1df4bc27ad25d7ac25c91e23735f39007ad25de055d0dbff2965c6c8dc94fd167", 0xd6}], 0x6, &(0x7f0000000880)=[{0x24, 0x1, 0x7fff, "4e918ca2ef188c024cc76e37af4967911a05652667ef5c2d"}, {0xa8, 0x1, 0xa, "427c19d61de55f25c737116bb09241bc31dfc06016b205a1d51e15be373091d808a5c1539911c021bc896f46a3f52c7ecae9a51abd7da8a5d8e71333cf697f780fb32dea7b1e9f539e061d18fa767541d7de280e3fbe7705d56b5c43202bd1012466ba86aacd2c77354704360a5c8510c26ee35b1a9bf6cf7f897a98a3f1165afa32ceea5128901722999400a2337ee423058865d4843663ed91"}, {0x18, 0x102, 0xffff2f09, "0b6ef101cedc57a44d98"}, {0xfc, 0x0, 0x9, "046f7c91de18f0caa87bc3483d4c6e192bebea00af67f7820a15be2081d3587a3d7597592d61d162041fff9eab856f22863cdc34b06289f4477e1a93f59b21c88ce130fccb7c4fad38af1331e053fc95074e056cdd8974e903db60ea8d620d031dad71832e5a43f019f038553a7f364e3a62d28b1f488e4b75a0bd98c37c6fcd499f9f55d2229a998cf2b3b7cfe3e15ccc721556892ea573e0377dd384082dcf43ccfbb90d4761447e51eeb750b442c35c8527f4d40d14e8de01fa050c87d024e602783f311ef3721b048ac2998f2f39a09f16d3e67c8f231d477d75fc34d3c1f250ddee0526d4640b6abd6235e5a7"}, {0xa4, 0x29, 0x5, "566ae35aa5e7be322becdb230e42c396a65a9a8d5783dabe160f337413463e8f960327a6adeeadbd50a6e03404e2558c80a39399d1e86e9d9b80e98ca20665d170e7f69ba5474e6e48b6ae912b24e68529b64f8786a3cfee6ae68d098a6fe60aa43cdc80b1bb25cbb126738c13ee78077e162739c634d38dc7844f6d4e250aced02351a4cb0bd83d53efd4d7e7b6c6fbbf074eb2c9e19634"}, {0x3c, 0x115, 0x4, "314913857c9f488ceb736e8eca3b1849e983164ae901228c5ccfbf4d02199c67acef81461acc02477b8ee5ce36a568"}], 0x2c0}, 0x20000000)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = dup(0xffffffffffffffff)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x1000000}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd, 0x0, 0x0, 0x0, {}, 0x1})
r5 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
getdents(r5, 0xffffffffffffffff, 0x5a)
chdir(&(0x7f00000001c0)='./file0\x00')
bind$tipc(0xffffffffffffffff, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)

1.492664512s ago: executing program 0 (id=1795):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001180)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa10000000000000701", @ANYRES32=r4, @ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r5, 0x7000000, 0xfe, 0x4c, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd5771", &(0x7f0000001c40)=""/76, 0x0, 0x0, 0x3f, 0x0, &(0x7f0000001ac0)="9c01bd6f9a6028c80d7364240fd78867d9d62eca43c565f2c5ac65dd4a0fadceb6c65dcb07f2421e69087e0f17b4eb709e4805f2722709c46bef17c4cb9aed", &(0x7f0000001a40), 0x1, 0x0, 0x13}, 0x4c)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x28}}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
r7 = socket$kcm(0x2, 0xa, 0x2)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r2)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80010000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000940)=ANY=[], 0x488}, 0x1, 0x0, 0x0, 0x80}, 0x8041)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
write$tun(r6, &(0x7f0000000240)=ANY=[@ANYBLOB], 0xfdef)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r9, &(0x7f0000000600)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r10, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00c3ff10000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="000300000b000000140012800900010076657468000000000400028008000a00", @ANYRES32=r10], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)

1.352647185s ago: executing program 2 (id=1796):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xa, 0xb, 0x42, 0x2, 0x42, 0xffffffffffffffff, 0x10000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000280), 0xffff, r2}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
socket$nl_route(0x10, 0x3, 0x0)

1.151102594s ago: executing program 1 (id=1797):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
ioctl$EXT4_IOC_MIGRATE(r2, 0xff06)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000180)={0x200000, 0x200000})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000000000)=""/27, 0x1b)
fchmodat(r3, &(0x7f0000000000)='./file0\x00', 0x1d9)
madvise(&(0x7f0000092000/0x400000)=nil, 0x400000, 0x9)
clock_getres(0x3, 0x0)
setresuid(0x0, 0x0, 0xee00)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bond0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x2000000, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff)
recvmmsg(r0, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000540)=""/143, 0x8f}, {&(0x7f00000000c0)=""/183, 0xb7}, {&(0x7f0000000280)=""/144, 0x90}, {&(0x7f0000000600)=""/200, 0xc8}, {&(0x7f00000007c0)=""/4078, 0xfee}], 0x5}, 0xc}], 0x80000000000017b, 0x40010080, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000640)={[&(0x7f0000000440)='\"\xc9\xfc', &(0x7f0000000480)='*3-\x00']})
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[], 0x18}}, 0x0)

1.060326511s ago: executing program 4 (id=1798):
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000), 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1703c59f0000464fe3c4c48c0600400084437efd26e230a07248557fc9b80000d9bc011500"/46, @ANYRES32=r0, @ANYRESDEC=r0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000000000000100"/20, @ANYRES32, @ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRESDEC=0x0], 0x50)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x4, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc0f8565c, &(0x7f0000000200)={0x1ff, 0x8000, 0x2, {0x1, @sliced={0x7, [0x1000, 0x6, 0xaa, 0x47, 0x6, 0x3ff, 0x0, 0x7, 0x10, 0x6, 0xa0, 0x9, 0x4, 0x0, 0x9, 0x220, 0x5, 0x6, 0x1, 0x7, 0xd68a, 0x9, 0x3, 0x0, 0x0, 0xfffb, 0x1004, 0x200, 0x3, 0x1c, 0x81, 0x0, 0x5, 0xffff, 0x9, 0x0, 0x101, 0xfff, 0x3, 0x25f, 0xffff, 0x200, 0x9d5, 0x2, 0x9, 0x2, 0x5, 0x7fb], 0x9}}, 0x1ff})
syz_usb_disconnect(r2)
syz_usb_connect(0x4, 0x65, &(0x7f0000000500)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r2, 0xc0085508, &(0x7f00000000c0)=0x7)
openat$cgroup_ro(r1, &(0x7f00000000c0)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000080)={'vlan0\x00', {0x2, 0x4e20, @private=0xa010102}})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0xa)
socket(0x10, 0x3, 0x0)
ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f00000003c0)=""/222)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
r8 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9, 0x8, 0x3, 0x3d4}, &(0x7f0000000040)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
read$FUSE(0xffffffffffffffff, &(0x7f0000003480)={0x2020}, 0x2020)
io_uring_enter(r8, 0xdb4, 0x0, 0x0, 0x0, 0x0)
exit(0x7)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r8, 0x18, &(0x7f0000000000)={0x8, 0xffffffffffffffff, 0x4, {0x4, 0x1}, 0x8}, 0x1)

952.558172ms ago: executing program 2 (id=1799):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f00000001c0)={0x0, 'vlan0\x00', {0x1}, 0x8})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x8040)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$dri(0x0, 0xd21, 0x4000)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x0)
r2 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0x40000002})
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000580)=ANY=[], 0x21e)
syz_open_dev$vbi(0x0, 0x0, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sysfs$1(0x1, &(0x7f0000000000)='ocfs2\x00')
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
gettid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r3, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x200001}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)=""/130, 0x82}, {&(0x7f0000001a00)=""/4109, 0x100d}, {&(0x7f0000006080)=""/4085, 0xff5}, {&(0x7f0000000340)=""/113, 0x71}, {0x0}, {&(0x7f0000000100)=""/98, 0x62}, {&(0x7f00000003c0)=""/100, 0x64}, {&(0x7f00000006c0)=""/200, 0xc8}, {&(0x7f0000000440)=""/67, 0x43}], 0x9}, 0x4db}], 0x4, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x13}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x88}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
timer_create(0x2, 0x0, 0x0)
sendfile(r5, r4, &(0x7f0000002080)=0x64, 0x21c)

852.472911ms ago: executing program 0 (id=1800):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f00000001c0)={0x0, 'vlan0\x00', {0x1}, 0x8})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x8040)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$dri(0x0, 0xd21, 0x4000)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x0)
r2 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0x40000002})
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000580)=ANY=[], 0x21e)
syz_open_dev$vbi(0x0, 0x0, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sysfs$1(0x1, &(0x7f0000000000)='ocfs2\x00')
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
gettid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r3, &(0x7f0000002c00), 0x0, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x13}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x88}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
timer_create(0x2, 0x0, 0x0)
sendfile(r5, r4, &(0x7f0000002080)=0x64, 0x21c)

265.190518ms ago: executing program 1 (id=1801):
r0 = socket(0x2000000000000021, 0x2, 0x10000000000002)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000"], 0x18}, 0x0)
connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x400}}, 0x24)
sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x10, 0x110, 0x1}], 0x10, 0xe000}, 0x5}], 0x1, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @empty, @empty, @dev={0xac, 0x14, 0x14, 0x3e}}}}}, 0x0)

264.854349ms ago: executing program 1 (id=1802):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000e00)=@newtaction={0x8c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x78, 0x1, [@m_police={0x74, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [[@TCA_POLICE_RESULT={0x8, 0x5, 0x2}], [@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000004c0)={0x79, 0x0, 0x3})
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000540)=ANY=[@ANYRESOCT=r2])
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
ioctl$VIDIOC_S_AUDIO(r5, 0x40345622, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
chdir(&(0x7f0000000080)='./file1\x00')
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x6625000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000380)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
sendfile(r9, r5, 0x0, 0x20000023893)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x581, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x4d814}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x1233}]}, 0x3c}, 0xfe, 0x0, 0x0, 0x20004002}, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000580)={"cf51ded25c04317c209175b4c4fa33b880c870c4f8c85e66a475fe1b7c3b6585dcf482c6eebaab78d0a020e36f0825cc4272fb5426c4c59869f9357016c232f012654c84f53e1b55fa1e711af04820cf57f5b9bdf8ce2c466022113104d084005ec2f5bc8201b82d5031ee71227544a3852b64fd7ecfb5a7b9bd66bbc54ed32afcf064d1b28f9d5acf10e364a579d58c1e5b6d06beb408c234775b6a50f9c13b93c2386392d6049552b581aac0c6dda591ab61166be2dbc731f97a90a554fb8c841d3c80ac72373016b0ef0819cba310b2660be29da111967c9ab4ab45182017db2749f9cd292ce44a3fe0d1875ed45c7076522dd78c9aa66926e7e3610ec69a192922f5ea0710284bd79ebf31fc4c00a4da6b473858ec6e0c3f9618c972e378406411d31a846bb32c38dd69527241419347cfec4fd8d600e7ecbf1949614c240546fa6544559ad7cab872a9bfa9d22ca054e1d36667dd19e4ea8e151f318ef58409d160d3412a5e51da61b8d4a1a64c2970d4a5886c03d046bc4059e697cb4bd4c15b30506fc057aed52e9d653ac631a6e3b4fb112d044cc96846657bf3a07e72f0b55f2fc9f24c8b61930fbd6985570e262e17b057a253bba041a9990c6d1a78825831ae56fae6f46b8335ce9ac35a9cdfe4e2e7b5f86b23c6b3d5122086c5583811afe7d4d066a5be8ff550658fdf7140f1f1a51abe95918bae86e346cda98bad4252969d594a4f7e283d1e72d442290fcfced383889fb354802e7d1896c3ce9060b41887336dc100501e4e08517ce1485bdabf89a43de77505be13278f66fd92998634cfef25b3f9c278e553c91b65e419576975d2ba683f6d36a4f26153f51018da9cc4cd818fe3060a5084b76aea06cfbf1a7fb9fbff72bdd0c1fa6de8bf25c4fb694e046cc95b2d571b1988ddb02046506e6bc4bb761fef1fe5850a1d265fa0acca3e73656fdb9a4b3600f4fe4168ad3860e7f7437d7ad2b685010c0a82ff24ace766ff5b11225b07f76d366a0bdc530bc04bb0c9f6d7cf28aea327e2b60ae6a396f0772de27e3104ced35c1a88919ba385ec6a231b276950bb2d0b208ad3565dd380e2ef8e0b1c54dadfd351c6c72eeec5cdcd6ffb3e874208c18287a835f16d70e51a05396700c6479d3071eb18892edd446b7eada2d1d77c2264c2f234753367592f0d64cf5867cc2c7ab0e408172f8c65170b618fd5507aacede34447d9035f7a9d1d9207fe9e33f0f2062d605750328833d9c025fccf7d33fdf7cffbdaea438632e633dcdc1042033b002f8e1113d33f4fec59899577b8673d08428f74e8c9afc8b7b1aa7108320613a7575850fdf0b97dc4f5825a9b82e908aef3491dde32a7572b4e357a56a4ad19eb364618527c429ec3b90b2b660ca37a81a35f9f2574346374d4cd00"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

0s ago: executing program 2 (id=1803):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000080000"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000780)='contention_end\x00', r0}, 0x18)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000000c0)={'c6xdigio\x00', [0x4f2b, 0x5, 0x3, 0x4, 0x5, 0xcc7, 0xf, 0xb, 0xa, 0x100, 0x2, 0x1, 0xfffffffd, 0x40, 0x6, 0x101, 0x0, 0x1a449, 0x2, 0x40000003, 0x99, 0xcaa7, 0x0, 0x20001e58, 0xa, 0xe69, 0x3f, 0x8, 0x2, 0x0, 0xfffffff8]}) (fail_nth: 4)

kernel console output (not intermixed with test programs):

s not support file handles, falling back to index=off,nfs_export=off.
[  252.977448][T10274] block nbd1: shutting down sockets
[  254.396343][ T1328] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  254.566293][ T1328] usb 5-1: Using ep0 maxpacket: 8
[  255.083841][T10326] FAULT_INJECTION: forcing a failure.
[  255.083841][T10326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.088619][T10326] CPU: 0 UID: 0 PID: 10326 Comm: syz.1.1219 Not tainted syzkaller #0 PREEMPT(full) 
[  255.088635][T10326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.088642][T10326] Call Trace:
[  255.088645][T10326]  <TASK>
[  255.088649][T10326]  dump_stack_lvl+0x16c/0x1f0
[  255.088666][T10326]  should_fail_ex+0x512/0x640
[  255.088682][T10326]  _copy_from_user+0x2e/0xd0
[  255.088698][T10326]  ia32_restore_sigcontext+0xc3/0x630
[  255.088714][T10326]  ? fpu__clear_user_states+0xf4/0x1d0
[  255.088726][T10326]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  255.088744][T10326]  ? rcu_is_watching+0x12/0xc0
[  255.088755][T10326]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  255.088772][T10326]  __do_compat_sys_rt_sigreturn+0x120/0x1f0
[  255.088788][T10326]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  255.088805][T10326]  ? rcu_is_watching+0x12/0xc0
[  255.088815][T10326]  do_int80_emulation+0x104/0x460
[  255.088829][T10326]  asm_int80_emulation+0x1a/0x20
[  255.088839][T10326] RIP: 0023:0xf704e5a7
[  255.088847][T10326] Code: 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 90 58 b8 77 00 00 00 cd 80 90 8d b4 26 00 00 00 00 b8 ad 00 00 00 cd 80 <90> 90 90 90 90 90 90 90 90 55 89 e5 57 8d 3d 2c dc ff ff 56 53 e8
[  255.088858][T10326] RSP: 002b:00000000f543d940 EFLAGS: 00000286 ORIG_RAX: 00000000000000ad
[  255.088868][T10326] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f543d9cc
[  255.088874][T10326] RDX: 00000000f543d94c RSI: 0000000000000000 RDI: 0000000000000000
[  255.088880][T10326] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.088885][T10326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.088891][T10326] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.088901][T10326]  </TASK>
[  255.230141][ T1328] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  255.232575][ T1328] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  255.236082][ T1328] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  255.244896][T10331] netlink: 544 bytes leftover after parsing attributes in process `syz.2.1222'.
[  255.249171][T10331] netlink: 544 bytes leftover after parsing attributes in process `syz.2.1222'.
[  255.258454][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  255.289672][ T1328] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  255.293139][ T1328] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  255.303466][ T1328] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  255.305812][ T1328] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  255.309483][ T1328] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  255.313635][ T1328] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  255.317070][ T1328] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  255.322193][ T1328] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  255.325081][ T1328] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  255.328678][ T1328] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  255.332262][ T1328] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  255.335670][ T1328] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  255.342839][ T1328] usb 5-1: string descriptor 0 read error: -22
[  255.344833][ T1328] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  255.347639][ T1328] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.358225][ T1328] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  255.662516][  T840] usb 5-1: USB disconnect, device number 5
[  255.666016][T10346] usb 5-1: Couldn't submit interrupt_out_urb -19
[  255.934119][T10315] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1215'.
[  256.324642][T10363] comedi comedi0: Minor -2147450880 is invalid!
[  256.401757][T10367] syz.3.1230 (10367): drop_caches: 2
[  256.403622][T10367] syz.3.1230 (10367): drop_caches: 2
[  256.587059][   T40] audit: type=1800 audit(1755816770.422:686): pid=10371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1233" name="bus" dev="overlay" ino=1754 res=0 errno=0
[  257.069154][  T840] kernel read not supported for file /1062/oom_adj (pid: 840 comm: kworker/3:2)
[  257.430206][T10407] syz.0.1242 (10407): drop_caches: 2
[  257.432430][T10407] syz.0.1242 (10407): drop_caches: 2
[  257.507114][T10404] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1245'.
[  257.509886][T10404] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1245'.
[  257.514227][T10404] geneve2: entered promiscuous mode
[  257.515935][T10404] geneve2: entered allmulticast mode
[  257.555478][T10413] syz.1.1244 (10413): drop_caches: 2
[  257.561004][T10413] syz.1.1244 (10413): drop_caches: 2
[  258.156499][ T6059] kernel read not supported for file /dsp1 (pid: 6059 comm: kworker/0:4)
[  258.598783][T10460] netlink: 'syz.3.1261': attribute type 10 has an invalid length.
[  258.601578][T10460] batman_adv: batadv0: Removing interface: wlan1
[  258.821811][T10469] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1263'.
[  258.839189][T10473] syz.2.1258 (10473): drop_caches: 2
[  258.842906][T10473] syz.2.1258 (10473): drop_caches: 2
[  259.478250][T10489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1268'.
[  259.481649][T10489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1268'.
[  259.545807][T10493] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  259.738055][T10499] tipc: Enabled bearer <ib:wg0>, priority 10
[  259.880862][T10509] syz.1.1273 (10509): drop_caches: 2
[  259.884541][T10509] syz.1.1273 (10509): drop_caches: 2
[  259.903964][T10510] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1275'.
[  259.920474][T10510] vlan3: entered promiscuous mode
[  259.922842][T10510] bridge0: entered promiscuous mode
[  259.988888][T10510] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1275'.
[  260.476236][T10516] usb usb9: usbfs: process 10516 (syz.2.1276) did not claim interface 0 before use
[  260.861686][T10531] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  261.246647][ T5984] IPVS: starting estimator thread 0...
[  261.345950][T10545] IPVS: using max 34 ests per chain, 81600 per kthread
[  261.587854][T10551] syz.2.1285 (10551): drop_caches: 2
[  261.589707][T10551] syz.2.1285 (10551): drop_caches: 2
[  262.300334][T10559] FAULT_INJECTION: forcing a failure.
[  262.300334][T10559] name failslab, interval 1, probability 0, space 0, times 0
[  262.304284][T10559] CPU: 3 UID: 0 PID: 10559 Comm: syz.3.1289 Not tainted syzkaller #0 PREEMPT(full) 
[  262.304298][T10559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  262.304304][T10559] Call Trace:
[  262.304308][T10559]  <TASK>
[  262.304312][T10559]  dump_stack_lvl+0x16c/0x1f0
[  262.304328][T10559]  should_fail_ex+0x512/0x640
[  262.304344][T10559]  should_failslab+0xc2/0x120
[  262.304357][T10559]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  262.304369][T10559]  ? getname_flags.part.0+0x4c/0x550
[  262.304386][T10559]  getname_flags.part.0+0x4c/0x550
[  262.304402][T10559]  getname_flags+0x93/0xf0
[  262.304413][T10559]  __ia32_sys_linkat+0xc4/0x130
[  262.304427][T10559]  __do_fast_syscall_32+0x7c/0x3a0
[  262.304441][T10559]  do_fast_syscall_32+0x32/0x80
[  262.304454][T10559]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  262.304467][T10559] RIP: 0023:0xf7ff7579
[  262.304475][T10559] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  262.304485][T10559] RSP: 002b:00000000f551655c EFLAGS: 00000296 ORIG_RAX: 000000000000012f
[  262.304495][T10559] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000500
[  262.304501][T10559] RDX: 00000000ffffff9c RSI: 0000000080000540 RDI: 0000000000000000
[  262.304508][T10559] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  262.304513][T10559] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  262.304519][T10559] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  262.304528][T10559]  </TASK>
[  262.368741][ T6060] hid (null): global environment stack underflow
[  262.371170][ T6060] hid (null): unknown global tag 0xd
[  262.373435][ T6060] hid (null): invalid report_count 37343
[  262.377148][ T6060] hid-generic 0004:000A:0008.0004: unknown main item tag 0x4
[  262.380137][ T6060] hid-generic 0004:000A:0008.0004: reserved main item tag 0xe
[  262.382449][ T6060] hid-generic 0004:000A:0008.0004: collection stack underflow
[  262.385828][ T6060] hid-generic 0004:000A:0008.0004: item 0 1 0 12 parsing failed
[  262.388384][ T6060] hid-generic 0004:000A:0008.0004: probe with driver hid-generic failed with error -22
[  262.633696][ T6030] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  262.783618][ T6030] usb 6-1: Using ep0 maxpacket: 32
[  262.787219][ T6030] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  262.790323][ T6030] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1023
[  262.795077][ T6030] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  262.797912][ T6030] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.800392][ T6030] usb 6-1: Product: 〉
[  262.801771][ T6030] usb 6-1: Manufacturer: �
[  262.803282][ T6030] usb 6-1: SerialNumber: Т
[  262.806028][T10563] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  262.808383][T10563] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  263.012947][T10581] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1295'.
[  263.019637][T10581] 9pnet_fd: Insufficient options for proto=fd
[  263.214754][T10563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.217573][T10563] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.223030][ T6030] usblp 6-1:1.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x0525 pid 0xA4A8
[  263.232826][ T6030] usb 6-1: USB disconnect, device number 4
[  263.236062][ T6030] usblp0: removed
[  263.448374][T10607] syz.0.1299 (10607): drop_caches: 2
[  263.450102][T10607] syz.0.1299 (10607): drop_caches: 2
[  263.608706][T10614] ip6gre1: entered promiscuous mode
[  263.610378][T10614] ip6gre1: entered allmulticast mode
[  264.511338][T10633] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1310'.
[  265.717755][T10652] syz.2.1315 (10652): drop_caches: 2
[  265.720346][T10652] syz.2.1315 (10652): drop_caches: 2
[  266.094977][   T40] audit: type=1326 audit(1755817035.923:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[  266.111840][   T40] audit: type=1326 audit(1755817035.923:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7ff75a7 code=0x7ffc0000
[  266.120188][   T40] audit: type=1326 audit(1755817035.923:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[  266.127123][   T40] audit: type=1326 audit(1755817035.923:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7ff75a7 code=0x7ffc0000
[  266.134535][   T40] audit: type=1326 audit(1755817035.923:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[  266.141625][   T40] audit: type=1326 audit(1755817035.923:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7ff75a7 code=0x7ffc0000
[  266.148521][   T40] audit: type=1326 audit(1755817035.923:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[  266.155686][   T40] audit: type=1326 audit(1755817035.923:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7ff75a7 code=0x7ffc0000
[  266.162337][   T40] audit: type=1326 audit(1755817035.923:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[  266.169128][   T40] audit: type=1326 audit(1755817035.923:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.3.1320" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[  266.285541][T10662] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check.
[  266.452421][T10679] netlink: del zone limit has 8 unknown bytes
[  268.077698][T10711] syz.1.1335 (10711): drop_caches: 2
[  268.081517][T10711] syz.1.1335 (10711): drop_caches: 2
[  268.148917][T10713] FAULT_INJECTION: forcing a failure.
[  268.148917][T10713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.154014][T10713] CPU: 2 UID: 0 PID: 10713 Comm: syz.3.1336 Not tainted syzkaller #0 PREEMPT(full) 
[  268.154031][T10713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  268.154042][T10713] Call Trace:
[  268.154046][T10713]  <TASK>
[  268.154051][T10713]  dump_stack_lvl+0x16c/0x1f0
[  268.154071][T10713]  should_fail_ex+0x512/0x640
[  268.154087][T10713]  _copy_from_user+0x2e/0xd0
[  268.154104][T10713]  get_compat_msghdr+0xa7/0x170
[  268.154119][T10713]  ? __pfx_get_compat_msghdr+0x10/0x10
[  268.154134][T10713]  ? lock_release+0x201/0x2f0
[  268.154150][T10713]  ___sys_recvmsg+0x191/0x1a0
[  268.154164][T10713]  ? __pfx____sys_recvmsg+0x10/0x10
[  268.154177][T10713]  ? rcu_is_watching+0x12/0xc0
[  268.154196][T10713]  __sys_recvmsg+0x16a/0x220
[  268.154212][T10713]  ? __pfx___sys_recvmsg+0x10/0x10
[  268.154228][T10713]  ? rcu_is_watching+0x12/0xc0
[  268.154257][T10713]  __do_fast_syscall_32+0x7c/0x3a0
[  268.154274][T10713]  do_fast_syscall_32+0x32/0x80
[  268.154287][T10713]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  268.154301][T10713] RIP: 0023:0xf7ff7579
[  268.154309][T10713] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  268.154319][T10713] RSP: 002b:00000000f551655c EFLAGS: 00000296 ORIG_RAX: 0000000000000174
[  268.154330][T10713] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000b40
[  268.154336][T10713] RDX: 000000000000001c RSI: 0000000000000002 RDI: 0000000000000000
[  268.154342][T10713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  268.154348][T10713] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  268.154353][T10713] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  268.154363][T10713]  </TASK>
[  268.301655][    C3] Illegal XDP return value 16128 on prog  (id 141) dev veth0_to_bond, expect packet loss!
[  268.309812][T10718] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1338'.
[  268.313172][T10718] bridge_slave_1: left allmulticast mode
[  268.315081][T10718] bridge_slave_1: left promiscuous mode
[  268.316978][T10718] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.321375][T10718] bridge_slave_0: left allmulticast mode
[  268.323429][T10718] bridge_slave_0: left promiscuous mode
[  268.325699][T10718] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.417561][T10722] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  268.420742][T10722] IPv6: NLM_F_CREATE should be set when creating new route
[  268.423827][T10722] IPv6: NLM_F_CREATE should be set when creating new route
[  268.429940][T10722] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  268.431043][T10723] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  268.468281][T10725] FAULT_INJECTION: forcing a failure.
[  268.468281][T10725] name failslab, interval 1, probability 0, space 0, times 0
[  268.472631][T10725] CPU: 1 UID: 0 PID: 10725 Comm: syz.2.1340 Not tainted syzkaller #0 PREEMPT(full) 
[  268.472653][T10725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  268.472663][T10725] Call Trace:
[  268.472669][T10725]  <TASK>
[  268.472675][T10725]  dump_stack_lvl+0x16c/0x1f0
[  268.472698][T10725]  should_fail_ex+0x512/0x640
[  268.472722][T10725]  should_failslab+0xc2/0x120
[  268.472744][T10725]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  268.472772][T10725]  ? __alloc_skb+0x2b2/0x380
[  268.472795][T10725]  __alloc_skb+0x2b2/0x380
[  268.472813][T10725]  ? __pfx___alloc_skb+0x10/0x10
[  268.472830][T10725]  ? __pfx_should_flush_tlb+0x10/0x10
[  268.472850][T10725]  ? smp_call_function_many+0x40/0x40
[  268.472866][T10725]  ? css_rstat_updated+0x1c2/0x510
[  268.472883][T10725]  alloc_skb_with_frags+0xe0/0x860
[  268.472904][T10725]  ? migrate_enable+0x1ed/0x260
[  268.472929][T10725]  ? __pfx_migrate_enable+0x10/0x10
[  268.472955][T10725]  sock_alloc_send_pskb+0x7fb/0x990
[  268.472977][T10725]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  268.472994][T10725]  ? rcu_is_watching+0x12/0xc0
[  268.473009][T10725]  ? sock_def_readable+0x1d9/0x600
[  268.473026][T10725]  ? rcu_is_watching+0x12/0xc0
[  268.473041][T10725]  ? lock_release+0x201/0x2f0
[  268.473065][T10725]  unix_dgram_sendmsg+0x3e9/0x17f0
[  268.473092][T10725]  ? tomoyo_socket_sendmsg_permission+0x14c/0x3c0
[  268.473116][T10725]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  268.473136][T10725]  ? ___pte_offset_map+0x2ad/0x4f0
[  268.473161][T10725]  unix_seqpacket_sendmsg+0x12a/0x1c0
[  268.473182][T10725]  ____sys_sendmsg+0xa95/0xc70
[  268.473210][T10725]  ? __pfx_____sys_sendmsg+0x10/0x10
[  268.473234][T10725]  ? get_compat_msghdr+0x11a/0x170
[  268.473256][T10725]  ? rcu_is_watching+0x12/0xc0
[  268.473272][T10725]  ___sys_sendmsg+0x134/0x1d0
[  268.473291][T10725]  ? __pfx____sys_sendmsg+0x10/0x10
[  268.473309][T10725]  ? lock_release+0x201/0x2f0
[  268.473343][T10725]  ? handle_mm_fault+0x2e8/0xd10
[  268.473371][T10725]  ? __pfx___might_resched+0x10/0x10
[  268.473387][T10725]  ? __sys_sendmmsg+0x30d/0x420
[  268.473406][T10725]  __sys_sendmmsg+0x2f9/0x420
[  268.473426][T10725]  ? __pfx___sys_sendmmsg+0x10/0x10
[  268.473445][T10725]  ? lock_release+0x201/0x2f0
[  268.473469][T10725]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  268.473494][T10725]  ? fput+0x9b/0xd0
[  268.473516][T10725]  ? ksys_write+0x1ac/0x250
[  268.473534][T10725]  ? __pfx_ksys_write+0x10/0x10
[  268.473554][T10725]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  268.473574][T10725]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  268.473597][T10725]  __do_fast_syscall_32+0x7c/0x3a0
[  268.473620][T10725]  do_fast_syscall_32+0x32/0x80
[  268.473641][T10725]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  268.473661][T10725] RIP: 0023:0xf70fe579
[  268.473672][T10725] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  268.473688][T10725] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  268.473703][T10725] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080001c00
[  268.473713][T10725] RDX: 0000000000000159 RSI: 0000000000040840 RDI: 0000000000000000
[  268.473723][T10725] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  268.473732][T10725] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  268.473760][T10725] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  268.473776][T10725]  </TASK>
[  269.395193][T10755] syz.0.1350 (10755): drop_caches: 2
[  269.397077][T10755] syz.0.1350 (10755): drop_caches: 2
[  269.919293][T10774] FAULT_INJECTION: forcing a failure.
[  269.919293][T10774] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.927021][T10774] CPU: 0 UID: 0 PID: 10774 Comm: syz.1.1354 Not tainted syzkaller #0 PREEMPT(full) 
[  269.927038][T10774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.927044][T10774] Call Trace:
[  269.927060][T10774]  <TASK>
[  269.927067][T10774]  dump_stack_lvl+0x16c/0x1f0
[  269.927084][T10774]  should_fail_ex+0x512/0x640
[  269.927100][T10774]  _copy_to_user+0x32/0xd0
[  269.927111][T10774]  simple_read_from_buffer+0xcb/0x170
[  269.927124][T10774]  proc_fail_nth_read+0x197/0x240
[  269.927137][T10774]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  269.927146][T10774]  ? security_file_permission+0x71/0x210
[  269.927161][T10774]  ? rw_verify_area+0xcf/0x6c0
[  269.927172][T10774]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  269.927182][T10774]  vfs_read+0x1e4/0xcf0
[  269.927194][T10774]  ? __pfx_vfs_read+0x10/0x10
[  269.927204][T10774]  ? rcu_is_watching+0x12/0xc0
[  269.927217][T10774]  ? __fget_files+0x20e/0x3c0
[  269.927230][T10774]  ksys_read+0x12a/0x250
[  269.927241][T10774]  ? __pfx_ksys_read+0x10/0x10
[  269.927253][T10774]  ? rcu_is_watching+0x12/0xc0
[  269.927263][T10774]  __do_fast_syscall_32+0x7c/0x3a0
[  269.927278][T10774]  do_fast_syscall_32+0x32/0x80
[  269.927291][T10774]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  269.927304][T10774] RIP: 0023:0xf704e579
[  269.927312][T10774] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  269.927323][T10774] RSP: 002b:00000000f543e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  269.927334][T10774] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543e620
[  269.927340][T10774] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[  269.927346][T10774] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  269.927352][T10774] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  269.927358][T10774] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  269.927367][T10774]  </TASK>
[  269.994677][T10775] batman_adv: batadv0: Adding interface: gretap1
[  269.996757][T10775] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  270.004995][T10775] batman_adv: batadv0: Interface activated: gretap1
[  270.081667][T10777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1358'.
[  270.084918][T10777] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1358'.
[  270.105528][T10781] FAULT_INJECTION: forcing a failure.
[  270.105528][T10781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.110692][T10781] CPU: 0 UID: 0 PID: 10781 Comm: syz.0.1360 Not tainted syzkaller #0 PREEMPT(full) 
[  270.110708][T10781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  270.110715][T10781] Call Trace:
[  270.110718][T10781]  <TASK>
[  270.110722][T10781]  dump_stack_lvl+0x16c/0x1f0
[  270.110739][T10781]  should_fail_ex+0x512/0x640
[  270.110768][T10781]  _copy_from_user+0x2e/0xd0
[  270.110785][T10781]  input_event_from_user+0x137/0x290
[  270.110798][T10781]  ? __pfx_input_event_from_user+0x10/0x10
[  270.110814][T10781]  ? input_inject_event+0x1c0/0x3b0
[  270.110830][T10781]  evdev_write+0x26b/0x440
[  270.110845][T10781]  ? __pfx_evdev_write+0x10/0x10
[  270.110859][T10781]  ? common_file_perm+0x1a9/0x340
[  270.110880][T10781]  ? bpf_lsm_file_permission+0x9/0x10
[  270.110909][T10781]  ? security_file_permission+0x71/0x210
[  270.110930][T10781]  ? rw_verify_area+0xcf/0x6c0
[  270.110946][T10781]  ? __pfx_evdev_write+0x10/0x10
[  270.110959][T10781]  vfs_write+0x29d/0x11d0
[  270.110979][T10781]  ? __pfx_vfs_write+0x10/0x10
[  270.110995][T10781]  ? __fget_files+0x204/0x3c0
[  270.111011][T10781]  ? rcu_is_watching+0x12/0xc0
[  270.111026][T10781]  ? lock_release+0x201/0x2f0
[  270.111046][T10781]  ? __fget_files+0x20e/0x3c0
[  270.111064][T10781]  ksys_write+0x1f8/0x250
[  270.111080][T10781]  ? __pfx_ksys_write+0x10/0x10
[  270.111098][T10781]  ? rcu_is_watching+0x12/0xc0
[  270.111114][T10781]  __do_fast_syscall_32+0x7c/0x3a0
[  270.111134][T10781]  do_fast_syscall_32+0x32/0x80
[  270.111154][T10781]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  270.111173][T10781] RIP: 0023:0xf7ff8579
[  270.111186][T10781] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  270.111202][T10781] RSP: 002b:00000000f551655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  270.111216][T10781] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  270.111222][T10781] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000
[  270.111228][T10781] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  270.111234][T10781] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  270.111240][T10781] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  270.111249][T10781]  </TASK>
[  270.174880][T10783] binder: 10782:10783 ioctl c0306201 800003c0 returned -14
[  270.421666][T10800] syz.1.1366 (10800): drop_caches: 2
[  270.426036][T10800] syz.1.1366 (10800): drop_caches: 2
[  270.479624][ T6030] usb 8-1: new low-speed USB device number 17 using dummy_hcd
[  270.630727][ T6030] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  270.633826][ T6030] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  270.639950][ T6030] usb 8-1: string descriptor 0 read error: -22
[  270.641945][ T6030] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  270.644745][ T6030] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.648975][ T6030] cdc_ether 8-1:1.0: skipping garbage
[  270.650958][ T6030] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[  270.863797][T10793] lo speed is unknown, defaulting to 1000
[  270.972702][T10808] syz.2.1367 (10808): drop_caches: 2
[  270.975101][T10808] syz.2.1367 (10808): drop_caches: 2
[  271.182083][T10805] comedi comedi3: bad chanlist[0]=0x000004c9 chan=1225 range length=1
[  271.315669][T10814] syzkaller1: entered promiscuous mode
[  271.317459][T10814] syzkaller1: entered allmulticast mode
[  271.324040][T10814] netlink: 'syz.0.1368': attribute type 1 has an invalid length.
[  271.336355][T10814] bond1: entered promiscuous mode
[  271.338943][T10814] 8021q: adding VLAN 0 to HW filter on device bond1
[  271.622236][   T29] usb 8-1: USB disconnect, device number 17
[  271.770409][T10827] FAULT_INJECTION: forcing a failure.
[  271.770409][T10827] name failslab, interval 1, probability 0, space 0, times 0
[  271.774731][T10827] CPU: 3 UID: 0 PID: 10827 Comm: syz.0.1373 Not tainted syzkaller #0 PREEMPT(full) 
[  271.774753][T10827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  271.774762][T10827] Call Trace:
[  271.774767][T10827]  <TASK>
[  271.774772][T10827]  dump_stack_lvl+0x16c/0x1f0
[  271.774795][T10827]  should_fail_ex+0x512/0x640
[  271.774814][T10827]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  271.774830][T10827]  should_failslab+0xc2/0x120
[  271.774844][T10827]  __kmalloc_noprof+0xd2/0x510
[  271.774857][T10827]  tomoyo_realpath_from_path+0xc2/0x6e0
[  271.774872][T10827]  ? tomoyo_profile+0x47/0x60
[  271.774881][T10827]  tomoyo_path_number_perm+0x245/0x580
[  271.774893][T10827]  ? tomoyo_path_number_perm+0x237/0x580
[  271.774906][T10827]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  271.774920][T10827]  ? preempt_count_add+0x76/0x150
[  271.774940][T10827]  ? rcu_is_watching+0x12/0xc0
[  271.774951][T10827]  ? __fget_files+0x204/0x3c0
[  271.774962][T10827]  ? hook_file_ioctl_common+0x145/0x410
[  271.774975][T10827]  ? lock_release+0x201/0x2f0
[  271.774989][T10827]  ? __fget_files+0x20e/0x3c0
[  271.775000][T10827]  security_file_ioctl_compat+0x9b/0x240
[  271.775014][T10827]  __ia32_compat_sys_ioctl+0xc3/0x370
[  271.775031][T10827]  __do_fast_syscall_32+0x7c/0x3a0
[  271.775045][T10827]  do_fast_syscall_32+0x32/0x80
[  271.775058][T10827]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  271.775072][T10827] RIP: 0023:0xf7ff8579
[  271.775080][T10827] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  271.775090][T10827] RSP: 002b:00000000f551655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  271.775100][T10827] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000040049366
[  271.775107][T10827] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  271.775113][T10827] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  271.775119][T10827] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  271.775125][T10827] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  271.775134][T10827]  </TASK>
[  271.775138][T10827] ERROR: Out of memory at tomoyo_realpath_from_path.
[  272.052795][T10845] vti0: entered promiscuous mode
[  272.463256][T10869] kernel profiling enabled (shift: 3)
[  272.665379][T10883] binder: 10882:10883 unknown command 0
[  272.667174][T10883] binder: 10882:10883 ioctl c0306201 80000080 returned -22
[  274.061406][T10935] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1814518830 (232258410240 ns) > initial count (2458284544 ns). Using initial count to start timer.
[  274.948246][T10949] input: syz1 as /devices/virtual/input/input18
[  275.011137][T10954] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1416'.
[  275.014216][T10954] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  275.670691][T10963] syz.1.1418 (10963): drop_caches: 2
[  275.673589][T10963] syz.1.1418 (10963): drop_caches: 2
[  275.832752][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  275.837122][ T6028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  276.020384][T10970] syz.3.1419 (10970): drop_caches: 2
[  276.022973][T10970] syz.3.1419 (10970): drop_caches: 2
[  276.126816][T10973] netlink: 'syz.2.1421': attribute type 1 has an invalid length.
[  276.135224][T10973] 8021q: adding VLAN 0 to HW filter on device bond1
[  276.141398][T10973] bond1: (slave wlan0): Opening slave failed
[  276.396692][T10987] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1426'.
[  276.856967][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  277.169526][T11000] syz.2.1429 (11000): drop_caches: 2
[  277.171830][T11000] syz.2.1429 (11000): drop_caches: 2
[  277.242914][T11001] netlink: 'syz.3.1430': attribute type 4 has an invalid length.
[  277.249474][   T29] lo speed is unknown, defaulting to 1000
[  277.255584][T11001] netlink: 'syz.3.1430': attribute type 4 has an invalid length.
[  277.266252][   T29] lo speed is unknown, defaulting to 1000
[  277.336525][ T5984] lo speed is unknown, defaulting to 1000
[  277.542278][T11008] syz.1.1431 (11008): drop_caches: 2
[  277.545045][T11008] syz.1.1431 (11008): drop_caches: 2
[  277.886464][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  278.305338][T11017] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1434'.
[  278.308630][T11017] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1434'.
[  278.320892][   T40] kauditd_printk_skb: 987 callbacks suppressed
[  278.320908][   T40] audit: type=1326 audit(1755817048.159:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.324565][T11021] netlink: 'syz.1.1436': attribute type 1 has an invalid length.
[  278.330890][   T40] audit: type=1326 audit(1755817048.159:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.334551][T11019] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1435'.
[  278.344088][   T40] audit: type=1326 audit(1755817048.159:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.352240][T11021] 8021q: adding VLAN 0 to HW filter on device bond5
[  278.354623][   T40] audit: type=1326 audit(1755817048.159:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.367566][   T40] audit: type=1326 audit(1755817048.159:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.374164][T11021] mac80211_hwsim hwsim3 wlan0: left allmulticast mode
[  278.377815][T11023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1434'.
[  278.382427][T11021] bond5: (slave wlan0): Opening slave failed
[  278.382901][   T40] audit: type=1326 audit(1755817048.159:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.393008][   T40] audit: type=1326 audit(1755817048.159:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.400171][   T40] audit: type=1326 audit(1755817048.159:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.416557][   T40] audit: type=1326 audit(1755817048.159:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.418273][T11023] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1434'.
[  278.423093][   T40] audit: type=1326 audit(1755817048.159:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11018 comm="syz.0.1435" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7ffc0000
[  278.425513][T11021] vlan2: entered allmulticast mode
[  278.426551][T11021] bond5: (slave vlan2): Opening slave failed
[  278.569933][T11029] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1438'.
[  278.690573][T11037] syz.1.1437 (11037): drop_caches: 2
[  278.693503][T11037] syz.1.1437 (11037): drop_caches: 2
[  278.855621][ T6028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  278.925673][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  279.844644][T11064] syz.3.1446 (11064): drop_caches: 2
[  279.846611][T11063] lo speed is unknown, defaulting to 1000
[  279.846914][T11064] syz.3.1446 (11064): drop_caches: 2
[  279.938211][ T6030] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  279.949234][T11066] syz.1.1445 (11066): drop_caches: 2
[  279.951179][T11066] syz.1.1445 (11066): drop_caches: 2
[  279.965040][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  280.137576][T11074] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  280.141646][T11073] tipc: Resetting bearer <eth:syzkaller0>
[  280.255663][T11073] tipc: Disabling bearer <eth:syzkaller0>
[  280.392752][T11080] netlink: 'syz.0.1450': attribute type 4 has an invalid length.
[  281.092255][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  281.511995][T11108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1457'.
[  281.616400][T11110] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1458'.
[  281.657602][T11114] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  281.660349][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  281.664569][T11112] FAULT_INJECTION: forcing a failure.
[  281.664569][T11112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.669072][T11112] CPU: 3 UID: 0 PID: 11112 Comm: syz.1.1459 Not tainted syzkaller #0 PREEMPT(full) 
[  281.669089][T11112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.669096][T11112] Call Trace:
[  281.669113][T11112]  <TASK>
[  281.669118][T11112]  dump_stack_lvl+0x16c/0x1f0
[  281.669137][T11112]  should_fail_ex+0x512/0x640
[  281.669155][T11112]  _copy_from_user+0x2e/0xd0
[  281.669174][T11112]  copy_from_buffer+0x7f/0xc0
[  281.669191][T11112]  copy_uabi_to_xstate+0x26d/0x670
[  281.669208][T11112]  ? __pfx_copy_uabi_to_xstate+0x10/0x10
[  281.669224][T11112]  ? rcu_is_watching+0x12/0xc0
[  281.669238][T11112]  ? lock_release+0x201/0x2f0
[  281.669252][T11112]  ? __fpu_restore_sig+0xa8a/0x13a0
[  281.669266][T11112]  ? rcu_is_watching+0x12/0xc0
[  281.669277][T11112]  ? x86_task_fpu+0x5f/0x90
[  281.669289][T11112]  __fpu_restore_sig+0x10d3/0x13a0
[  281.669304][T11112]  ? __copy_siginfo_to_user32+0xad/0xf0
[  281.669319][T11112]  ? __pfx___fpu_restore_sig+0x10/0x10
[  281.669334][T11112]  ? do_raw_spin_lock+0x12c/0x2b0
[  281.669353][T11112]  ? rcu_is_watching+0x12/0xc0
[  281.669363][T11112]  ? __might_fault+0xe3/0x190
[  281.669376][T11112]  ? lock_release+0x201/0x2f0
[  281.669391][T11112]  fpu__restore_sig+0x151/0x190
[  281.669406][T11112]  ia32_restore_sigcontext+0x44a/0x630
[  281.669423][T11112]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  281.669442][T11112]  ? rcu_is_watching+0x12/0xc0
[  281.669453][T11112]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  281.669471][T11112]  __do_compat_sys_rt_sigreturn+0x120/0x1f0
[  281.669489][T11112]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  281.669507][T11112]  ? rcu_is_watching+0x12/0xc0
[  281.669519][T11112]  do_int80_emulation+0x104/0x460
[  281.669535][T11112]  asm_int80_emulation+0x1a/0x20
[  281.669546][T11112] RIP: 0023:0xf704e577
[  281.669555][T11112] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  281.669566][T11112] RSP: 002b:00000000f543e55c EFLAGS: 00000296
[  281.669576][T11112] RAX: 0000000000000092 RBX: 0000000000000004 RCX: 0000000080000280
[  281.669583][T11112] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  281.669589][T11112] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  281.669595][T11112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  281.669601][T11112] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  281.669611][T11112]  </TASK>
[  281.884220][ T6059] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  282.074953][T11133] syz.2.1465 (11133): drop_caches: 2
[  282.079261][T11133] syz.2.1465 (11133): drop_caches: 2
[  282.221812][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  282.445387][T11143] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1470'.
[  282.448373][T11143] IPVS: Error joining to the multicast group
[  282.783505][ T6028] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  282.963563][ T6028] usb 5-1: Using ep0 maxpacket: 16
[  282.969072][ T6028] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  282.976938][ T6028] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  282.983166][ T6028] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.988035][ T6028] usb 5-1: config 0 descriptor??
[  282.995309][ T6028] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input19
[  283.240328][ T6028] bcm5974 5-1:0.0: could not read from device
[  283.245153][ T6028] input: failed to attach handler mousedev to device input19, error: -5
[  283.249956][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  283.252278][ T5373] bcm5974 5-1:0.0: could not read from device
[  283.255200][ T6028] usb 5-1: USB disconnect, device number 6
[  283.746580][T11169] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  283.793138][ T6028] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  283.962849][ T6028] usb 8-1: Using ep0 maxpacket: 16
[  284.283185][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  284.362642][ T6028] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  284.370900][ T6028] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 187, changing to 11
[  284.375711][ T6028] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 1484, setting to 1024
[  284.379164][ T6028] usb 8-1: config 0 interface 0 has no altsetting 0
[  284.382774][ T6028] usb 8-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  284.385625][ T6028] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.388134][ T6028] usb 8-1: Product: syz
[  284.389501][ T6028] usb 8-1: Manufacturer: syz
[  284.391019][ T6028] usb 8-1: SerialNumber: syz
[  284.393406][ T6028] usb 8-1: config 0 descriptor??
[  284.395608][T11167] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  284.600130][T11167] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  284.603501][ T6028] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input20
[  284.625617][T11178] tipc: Bearer <udp:s>: already 2 bearers with priority 10
[  284.628075][T11178] tipc: Bearer <udp:s>: trying with adjusted priority
[  284.630471][T11178] tipc: Enabled bearer <udp:s>, priority 9
[  284.820563][T11167] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  284.828422][T11167] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  284.845108][ T1328] usb 8-1: USB disconnect, device number 18
[  284.861785][T11188] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1483'.
[  284.932788][ T6028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  285.322275][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  285.324909][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  285.981470][T11209] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  286.032505][T11214] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  286.092726][T11209] /dev/sr0: Can't open blockdev
[  286.232912][T11214] /dev/sr0: Can't open blockdev
[  286.255504][T11224] lo speed is unknown, defaulting to 1000
[  286.348587][T11230] syzkaller0: entered promiscuous mode
[  286.350980][T11230] syzkaller0: entered allmulticast mode
[  286.361818][ T6060] net_ratelimit: 1 callbacks suppressed
[  286.361827][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  286.495284][T11244] nbd: device at index 2 is going down
[  286.585119][T11248] netlink: 216 bytes leftover after parsing attributes in process `syz.0.1506'.
[  286.588004][T11248] netlink: 216 bytes leftover after parsing attributes in process `syz.0.1506'.
[  286.654112][T11254] bridge5: entered allmulticast mode
[  286.743398][T11258] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1511'.
[  287.401410][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.567978][T11275] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1514'.
[  287.719757][T11282] vxcan1: tx drop: invalid da for name 0x00001fffffffffff
[  287.722971][   T40] kauditd_printk_skb: 52 callbacks suppressed
[  287.722979][   T40] audit: type=1326 audit(1755817057.573:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11281 comm="syz.0.1516" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff8579 code=0x0
[  287.775005][T11285] vxcan1: entered allmulticast mode
[  288.349269][ T1474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  288.440889][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  288.651389][T11299] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  288.654002][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  288.918607][T11289] [U] ¹
[  288.930125][T11303] 9pnet_virtio: no channels available for device ./file0
[  289.008016][T11315] FAULT_INJECTION: forcing a failure.
[  289.008016][T11315] name failslab, interval 1, probability 0, space 0, times 0
[  289.012471][T11315] CPU: 2 UID: 0 PID: 11315 Comm: syz.0.1525 Not tainted syzkaller #0 PREEMPT(full) 
[  289.012485][T11315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.012496][T11315] Call Trace:
[  289.012501][T11315]  <TASK>
[  289.012505][T11315]  dump_stack_lvl+0x16c/0x1f0
[  289.012521][T11315]  should_fail_ex+0x512/0x640
[  289.012538][T11315]  should_failslab+0xc2/0x120
[  289.012551][T11315]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  289.012564][T11315]  ? __alloc_skb+0x2b2/0x380
[  289.012577][T11315]  __alloc_skb+0x2b2/0x380
[  289.012589][T11315]  ? __pfx___alloc_skb+0x10/0x10
[  289.012601][T11315]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  289.012616][T11315]  netlink_alloc_large_skb+0x69/0x130
[  289.012630][T11315]  netlink_sendmsg+0x6a1/0xdd0
[  289.012644][T11315]  ? __pfx_netlink_sendmsg+0x10/0x10
[  289.012658][T11315]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  289.012670][T11315]  ____sys_sendmsg+0xa95/0xc70
[  289.012686][T11315]  ? __pfx_____sys_sendmsg+0x10/0x10
[  289.012702][T11315]  ? get_compat_msghdr+0x11a/0x170
[  289.012716][T11315]  ? kstrtouint_from_user+0x13c/0x1d0
[  289.012730][T11315]  ___sys_sendmsg+0x134/0x1d0
[  289.012742][T11315]  ? get_pid_task+0xfc/0x250
[  289.012756][T11315]  ? __pfx____sys_sendmsg+0x10/0x10
[  289.012771][T11315]  ? rcu_is_watching+0x12/0xc0
[  289.012786][T11315]  __sys_sendmsg+0x16d/0x220
[  289.012799][T11315]  ? __pfx___sys_sendmsg+0x10/0x10
[  289.012815][T11315]  ? rcu_is_watching+0x12/0xc0
[  289.012825][T11315]  __do_fast_syscall_32+0x7c/0x3a0
[  289.012843][T11315]  do_fast_syscall_32+0x32/0x80
[  289.012856][T11315]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  289.012870][T11315] RIP: 0023:0xf7ff8579
[  289.012878][T11315] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  289.012891][T11315] RSP: 002b:00000000f551655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  289.012901][T11315] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000040
[  289.012907][T11315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  289.012913][T11315] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  289.012921][T11315] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  289.012927][T11315] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  289.012936][T11315]  </TASK>
[  289.106747][    C2] vkms_vblank_simulate: vblank timer overrun
[  289.123036][T11320] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  289.125572][T11320] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  289.128343][T11320] vhci_hcd vhci_hcd.0: Device attached
[  289.147360][T11322] vhci_hcd: connection closed
[  289.147653][   T46] vhci_hcd: stop threads
[  289.154780][   T46] vhci_hcd: release socket
[  289.156637][   T46] vhci_hcd: disconnect device
[  289.160563][ T1328] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  289.198064][T11330] FAULT_INJECTION: forcing a failure.
[  289.198064][T11330] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.203057][T11330] CPU: 1 UID: 0 PID: 11330 Comm: syz.1.1528 Not tainted syzkaller #0 PREEMPT(full) 
[  289.203074][T11330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.203081][T11330] Call Trace:
[  289.203085][T11330]  <TASK>
[  289.203088][T11330]  dump_stack_lvl+0x16c/0x1f0
[  289.203108][T11330]  should_fail_ex+0x512/0x640
[  289.203126][T11330]  _copy_to_user+0x32/0xd0
[  289.203136][T11330]  simple_read_from_buffer+0xcb/0x170
[  289.203147][T11330]  proc_fail_nth_read+0x197/0x240
[  289.203161][T11330]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  289.203174][T11330]  ? security_file_permission+0x71/0x210
[  289.203189][T11330]  ? rw_verify_area+0xcf/0x6c0
[  289.203199][T11330]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  289.203212][T11330]  vfs_read+0x1e4/0xcf0
[  289.203227][T11330]  ? __pfx_vfs_read+0x10/0x10
[  289.203237][T11330]  ? rcu_is_watching+0x12/0xc0
[  289.203249][T11330]  ? __fget_files+0x20e/0x3c0
[  289.203265][T11330]  ksys_read+0x12a/0x250
[  289.203278][T11330]  ? __pfx_ksys_read+0x10/0x10
[  289.203290][T11330]  ? rcu_is_watching+0x12/0xc0
[  289.203300][T11330]  __do_fast_syscall_32+0x7c/0x3a0
[  289.203317][T11330]  do_fast_syscall_32+0x32/0x80
[  289.203333][T11330]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  289.203346][T11330] RIP: 0023:0xf704e579
[  289.203356][T11330] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  289.203367][T11330] RSP: 002b:00000000f543e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  289.203380][T11330] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543e620
[  289.203386][T11330] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[  289.203392][T11330] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  289.203398][T11330] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  289.203406][T11330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  289.203415][T11330]  </TASK>
[  290.177429][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  290.637392][T11427] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1541'.
[  290.941499][T11433] loop2: detected capacity change from 0 to 7
[  290.944462][T11433] Dev loop2: unable to read RDB block 7
[  290.946305][T11433]  loop2: AHDI p1 p2 p3
[  290.947668][T11433] loop2: partition table partially beyond EOD, truncated
[  290.950960][T11433] loop2: p1 start 1601398130 is beyond EOD, truncated
[  290.953447][T11433] loop2: p2 start 1702059890 is beyond EOD, truncated
[  290.961349][T11436] sctp: [Deprecated]: syz.3.1545 (pid 11436) Use of int in max_burst socket option deprecated.
[  290.961349][T11436] Use struct sctp_assoc_value instead
[  291.217669][T11445] Process accounting resumed
[  291.239576][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  291.400249][ T6059] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.335836][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.373557][T11488] syz.0.1562 (11488): drop_caches: 2
[  292.375958][T11488] syz.0.1562 (11488): drop_caches: 2
[  293.041970][T11516] sp0: Synchronizing with TNC
[  293.459024][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  293.485538][T11523] syz.1.1571 (11523): drop_caches: 2
[  293.488192][T11523] syz.1.1571 (11523): drop_caches: 2
[  294.075871][T11533] syz.3.1574 (11533): drop_caches: 2
[  294.078607][T11533] syz.3.1574 (11533): drop_caches: 2
[  294.439723][ T1474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  294.520249][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  295.107933][T11580] syz.3.1583 (11580): drop_caches: 2
[  295.111525][T11580] syz.3.1583 (11580): drop_caches: 2
[  295.561559][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  295.569427][ T1474] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  295.745145][ T1474] usb 6-1: Using ep0 maxpacket: 8
[  295.752241][ T1474] usb 6-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[  295.756029][ T1474] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.759090][ T1474] usb 6-1: Product: syz
[  295.760725][ T1474] usb 6-1: Manufacturer: syz
[  295.762289][ T1474] usb 6-1: SerialNumber: syz
[  295.764568][ T1474] usb 6-1: config 0 descriptor??
[  295.767074][ T1474] option 6-1:0.0: GSM modem (1-port) converter detected
[  296.268166][T11596] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1588'.
[  296.599655][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  297.039452][ T1474] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  297.189468][ T1474] usb 7-1: Using ep0 maxpacket: 16
[  297.312945][ T1474] usb 7-1: unable to get BOS descriptor or descriptor too short
[  297.318177][ T1474] usb 7-1: unable to read config index 0 descriptor/start: -71
[  297.321446][ T1474] usb 7-1: can't read configurations, error -71
[  297.479566][ T6059] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  297.510867][T11614] syz.0.1594 (11614): drop_caches: 2
[  297.514778][T11614] syz.0.1594 (11614): drop_caches: 2
[  297.652406][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  297.790431][   T61] usb 6-1: USB disconnect, device number 5
[  297.794659][   T61] option 6-1:0.0: device disconnected
[  298.020387][T11623] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1599'.
[  298.083360][T11624] syz.1.1599 (11624): drop_caches: 2
[  298.085363][T11624] syz.1.1599 (11624): drop_caches: 2
[  298.249523][T11349] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.304311][T11349] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.339124][ T5337] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  298.342060][ T5337] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  298.344398][ T5337] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  298.347259][ T5337] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  298.349529][ T5337] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  298.356051][ T5979] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  298.359873][ T5979] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  298.363091][ T5979] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  298.365909][T11628] lo speed is unknown, defaulting to 1000
[  298.367150][ T5979] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  298.373017][ T5979] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  298.373434][T11349] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.400263][T11631] lo speed is unknown, defaulting to 1000
[  298.413721][T11349] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.526686][T11349] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  298.616175][T11349] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  298.622166][T11349] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  298.626984][T11349] bond0 (unregistering): Released all slaves
[  298.633760][T11349] bond1 (unregistering): Released all slaves
[  298.641168][T11631] chnl_net:caif_netlink_parms(): no params data found
[  298.680573][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  298.688836][T11631] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.692107][T11631] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.695258][T11631] bridge_slave_0: entered allmulticast mode
[  298.698602][T11631] bridge_slave_0: entered promiscuous mode
[  298.703312][T11631] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.705651][T11631] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.708276][T11631] bridge_slave_1: entered allmulticast mode
[  298.710979][T11631] bridge_slave_1: entered promiscuous mode
[  298.759639][ T6030] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  298.782528][T11655] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  298.805494][T11631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.810383][T11631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  298.837849][T11631] team0: Port device team_slave_0 added
[  298.848795][T11631] team0: Port device team_slave_1 added
[  298.865941][T11631] batman_adv: batadv0: Adding interface: batadv_slave_0
[  298.868990][T11631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.877686][T11631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  298.887218][T11631] batman_adv: batadv0: Adding interface: batadv_slave_1
[  298.892373][T11631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.901185][T11631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  298.925241][T11631] hsr_slave_0: entered promiscuous mode
[  298.927416][T11631] hsr_slave_1: entered promiscuous mode
[  298.930431][T11631] debugfs: 'hsr0' already exists in 'hsr'
[  298.932226][T11631] Cannot create hsr debugfs directory
[  299.003077][T11675] lo speed is unknown, defaulting to 1000
[  299.005065][T11675] lo speed is unknown, defaulting to 1000
[  299.007251][T11675] lo speed is unknown, defaulting to 1000
[  299.018673][T11675] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  299.039767][T11674] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1610'.
[  299.073489][T11675] lo speed is unknown, defaulting to 1000
[  299.076739][T11675] lo speed is unknown, defaulting to 1000
[  299.092212][T11677] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1609'.
[  299.103072][T11675] lo speed is unknown, defaulting to 1000
[  299.109087][T11674] syz.0.1610 (11674): drop_caches: 2
[  299.111664][T11674] syz.0.1610 (11674): drop_caches: 2
[  299.118770][T11349] hsr_slave_0: left promiscuous mode
[  299.122584][T11349] hsr_slave_1: left promiscuous mode
[  299.124622][T11349] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.128684][T11349] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  299.132238][T11349] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.137586][T11349] veth1_macvtap: left promiscuous mode
[  299.139562][T11349] veth0_macvtap: left promiscuous mode
[  299.264714][T11349] team0 (unregistering): Port device team_slave_1 removed
[  299.305533][T11675] lo speed is unknown, defaulting to 1000
[  299.306957][   T61] lo speed is unknown, defaulting to 1000
[  299.308804][T11675] lo speed is unknown, defaulting to 1000
[  299.311940][   T61] s
z1: Port: 1 Link DOWN
[  299.314218][T11355] smc: removing ib device s
z1
[  299.318752][   T61] lo speed is unknown, defaulting to 1000
[  299.321767][T11631] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  299.325375][T11631] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  299.329196][T11631] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  299.333608][T11631] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  299.368468][T11631] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.376052][T11631] 8021q: adding VLAN 0 to HW filter on device team0
[  299.380446][T11354] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.383438][T11354] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.390039][T11354] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.392312][T11354] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.504505][T11631] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.602827][T11631] veth0_vlan: entered promiscuous mode
[  299.606609][T11631] veth1_vlan: entered promiscuous mode
[  299.618068][T11631] veth0_macvtap: entered promiscuous mode
[  299.623397][T11631] veth1_macvtap: entered promiscuous mode
[  299.636722][T11631] batman_adv: batadv0: Interface activated: batadv_slave_0
[  299.641711][T11349] IPVS: stop unused estimator thread 0...
[  299.642174][T11631] batman_adv: batadv0: Interface activated: batadv_slave_1
[  299.650148][T11354] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  299.653051][T11354] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  299.656639][T11354] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  299.660597][T11354] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  299.704641][T11354] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  299.708269][T11354] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  299.716834][T11365] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  299.721222][T11365] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  299.723704][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  299.732337][T11715] lo speed is unknown, defaulting to 1000
[  299.820527][T11725] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1611'.
[  299.921189][T11731] syz.1.1611 (11731): drop_caches: 2
[  299.923492][T11731] syz.1.1611 (11731): drop_caches: 2
[  300.072572][T11736] FAULT_INJECTION: forcing a failure.
[  300.072572][T11736] name failslab, interval 1, probability 0, space 0, times 0
[  300.076252][T11736] CPU: 1 UID: 0 PID: 11736 Comm: syz.0.1614 Not tainted syzkaller #0 PREEMPT(full) 
[  300.076268][T11736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  300.076274][T11736] Call Trace:
[  300.076278][T11736]  <TASK>
[  300.076282][T11736]  dump_stack_lvl+0x16c/0x1f0
[  300.076299][T11736]  should_fail_ex+0x512/0x640
[  300.076314][T11736]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  300.076329][T11736]  should_failslab+0xc2/0x120
[  300.076344][T11736]  __kmalloc_noprof+0xd2/0x510
[  300.076357][T11736]  tomoyo_realpath_from_path+0xc2/0x6e0
[  300.076373][T11736]  tomoyo_check_open_permission+0x2ab/0x3c0
[  300.076386][T11736]  ? init_file+0x93/0x4c0
[  300.076400][T11736]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  300.076413][T11736]  ? do_sys_openat2+0x11b/0x1d0
[  300.076428][T11736]  ? do_fast_syscall_32+0x32/0x80
[  300.076441][T11736]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  300.076455][T11736]  ? rcu_is_watching+0x12/0xc0
[  300.076469][T11736]  ? do_raw_spin_lock+0x12c/0x2b0
[  300.076485][T11736]  ? path_get+0x61/0x80
[  300.076498][T11736]  ? rcu_is_watching+0x12/0xc0
[  300.076508][T11736]  tomoyo_file_open+0x6b/0x90
[  300.076518][T11736]  security_file_open+0x84/0x1e0
[  300.076531][T11736]  do_dentry_open+0x596/0x1530
[  300.076545][T11736]  vfs_open+0x82/0x3f0
[  300.076560][T11736]  path_openat+0x1de4/0x2cb0
[  300.076574][T11736]  ? __pfx_path_openat+0x10/0x10
[  300.076587][T11736]  do_filp_open+0x20b/0x470
[  300.076598][T11736]  ? __pfx_do_filp_open+0x10/0x10
[  300.076613][T11736]  ? _raw_spin_unlock+0x28/0x50
[  300.076628][T11736]  ? alloc_fd+0x471/0x7d0
[  300.076640][T11736]  do_sys_openat2+0x11b/0x1d0
[  300.076656][T11736]  ? __pfx_do_sys_openat2+0x10/0x10
[  300.076671][T11736]  ? __fget_files+0x20e/0x3c0
[  300.076682][T11736]  __ia32_compat_sys_openat+0x16d/0x210
[  300.076692][T11736]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  300.076702][T11736]  ? ksys_write+0x1ac/0x250
[  300.076714][T11736]  ? rcu_is_watching+0x12/0xc0
[  300.076724][T11736]  __do_fast_syscall_32+0x7c/0x3a0
[  300.076738][T11736]  do_fast_syscall_32+0x32/0x80
[  300.076751][T11736]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  300.076763][T11736] RIP: 0023:0xf7ff8579
[  300.076771][T11736] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  300.076781][T11736] RSP: 002b:00000000f54f5100 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  300.076791][T11736] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f54f5150
[  300.076798][T11736] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 00000000f7484ff4
[  300.076804][T11736] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  300.076809][T11736] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  300.076815][T11736] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  300.076824][T11736]  </TASK>
[  300.076840][T11736] ERROR: Out of memory at tomoyo_realpath_from_path.
[  300.449643][ T5337] Bluetooth: hci1: command tx timeout
[  300.520482][ T6059] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  300.760838][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  300.804809][T11742] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1616'.
[  301.022895][T11756] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1621'.
[  301.025812][T11756] wg2: entered promiscuous mode
[  301.255594][T11766] syz.1.1619 (11766): drop_caches: 2
[  301.257984][T11766] syz.1.1619 (11766): drop_caches: 2
[  301.821726][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  301.829635][   T40] audit: type=1326 audit(1756079471.675:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  301.840436][   T40] audit: type=1326 audit(1756079471.675:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  301.851576][   T40] audit: type=1326 audit(1756079471.675:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf702e579 code=0x7ffc0000
[  301.863572][   T40] audit: type=1326 audit(1756079471.675:1750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  301.899454][   T40] audit: type=1326 audit(1756079471.675:1751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  301.916514][   T40] audit: type=1326 audit(1756079471.675:1752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf702e579 code=0x7ffc0000
[  301.929506][   T40] audit: type=1326 audit(1756079471.675:1753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  301.936373][   T40] audit: type=1326 audit(1756079471.685:1754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  301.949471][   T40] audit: type=1326 audit(1756079471.685:1755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  301.959539][   T40] audit: type=1326 audit(1756079471.685:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  302.299470][T11789] overlayfs: failed to decode file handle (len=4, type=251, flags=0, err=-22)
[  302.328512][T11789] block device autoloading is deprecated and will be removed.
[  302.519508][ T5337] Bluetooth: hci1: command tx timeout
[  302.615790][T11801] overlayfs: conflicting lowerdir path
[  302.618670][T11801] netlink: 'syz.2.1634': attribute type 4 has an invalid length.
[  302.757369][T11812] syzkaller1: entered promiscuous mode
[  302.759192][T11812] syzkaller1: entered allmulticast mode
[  302.836764][T11819] syz.4.1636 (11819): drop_caches: 2
[  302.839718][T11819] syz.4.1636 (11819): drop_caches: 2
[  302.857339][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  302.988824][T11826] syz.1.1641 (11826): drop_caches: 2
[  303.001125][T11826] syz.1.1641 (11826): drop_caches: 2
[  303.067084][T11828] syz.2.1642 (11828): drop_caches: 2
[  303.069872][T11828] syz.2.1642 (11828): drop_caches: 2
[  303.572033][ T1474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.632231][T11843] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1648'.
[  303.733984][T11847] fuse: Unknown parameter 'ÿ01777777777777777777777'
[  303.740870][T11843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1648'.
[  303.759449][T11849] FAULT_INJECTION: forcing a failure.
[  303.759449][T11849] name failslab, interval 1, probability 0, space 0, times 0
[  303.764602][T11849] CPU: 0 UID: 0 PID: 11849 Comm: syz.1.1650 Not tainted syzkaller #0 PREEMPT(full) 
[  303.764626][T11849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  303.764638][T11849] Call Trace:
[  303.764644][T11849]  <TASK>
[  303.764651][T11849]  dump_stack_lvl+0x16c/0x1f0
[  303.764676][T11849]  should_fail_ex+0x512/0x640
[  303.764701][T11849]  should_failslab+0xc2/0x120
[  303.764723][T11849]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  303.764744][T11849]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  303.764770][T11849]  ? __d_alloc+0x32/0xae0
[  303.764792][T11849]  __d_alloc+0x32/0xae0
[  303.764812][T11849]  d_alloc_parallel+0x111/0x1480
[  303.764838][T11849]  ? kasan_save_stack+0x42/0x60
[  303.764857][T11849]  ? kasan_save_track+0x14/0x30
[  303.764875][T11849]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  303.764894][T11849]  ? security_inode_alloc+0x3b/0x2b0
[  303.764913][T11849]  ? inode_init_always_gfp+0xce4/0x1030
[  303.764931][T11849]  ? alloc_inode+0x86/0x240
[  303.764953][T11849]  ? new_inode+0x22/0x1c0
[  303.764974][T11849]  ? debugfs_create_dir+0xdd/0x5f0
[  303.764994][T11849]  ? __pfx_d_alloc_parallel+0x10/0x10
[  303.765018][T11849]  ? bpf_prog_load+0xe41/0x2490
[  303.765042][T11849]  ? __sys_bpf+0x4a3f/0x4de0
[  303.765065][T11849]  ? __ia32_sys_bpf+0x76/0xe0
[  303.765089][T11849]  ? __do_fast_syscall_32+0x7c/0x3a0
[  303.765110][T11849]  ? do_fast_syscall_32+0x32/0x80
[  303.765131][T11849]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  303.765152][T11849]  ? lockdep_init_map_type+0x5c/0x280
[  303.765175][T11849]  ? lockdep_init_map_type+0x5c/0x280
[  303.765200][T11849]  __lookup_slow+0x193/0x460
[  303.765225][T11849]  ? __pfx___lookup_slow+0x10/0x10
[  303.765249][T11849]  ? rcu_is_watching+0x12/0xc0
[  303.765273][T11849]  ? d_lookup+0xe7/0x190
[  303.765299][T11849]  lookup_noperm+0xe1/0x110
[  303.765324][T11849]  simple_start_creating+0xd1/0x1b0
[  303.765348][T11849]  start_creating.part.0+0x82/0x190
[  303.765366][T11849]  __debugfs_create_file+0xa7/0x6b0
[  303.765386][T11849]  debugfs_create_file_unsafe+0x3c/0x50
[  303.765407][T11849]  debugfs_create_u32+0x70/0xa0
[  303.765424][T11849]  nsim_bpf_verifier_prep+0x2c9/0x650
[  303.765451][T11849]  ? down_read+0x13d/0x480
[  303.765474][T11849]  ? __pfx_nsim_bpf_verifier_prep+0x10/0x10
[  303.765502][T11849]  bpf_prog_offload_verifier_prep+0xe1/0x180
[  303.765528][T11849]  bpf_check+0x620d/0xc4d0
[  303.765549][T11849]  ? kasan_save_stack+0x42/0x60
[  303.765568][T11849]  ? kasan_save_stack+0x33/0x60
[  303.765586][T11849]  ? kasan_save_track+0x14/0x30
[  303.765604][T11849]  ? __bpf_prog_dev_bound_init+0x4e/0x490
[  303.765627][T11849]  ? bpf_prog_dev_bound_init+0x27a/0x410
[  303.765651][T11849]  ? bpf_prog_load+0x1c8e/0x2490
[  303.765673][T11849]  ? __sys_bpf+0x4a3f/0x4de0
[  303.765696][T11849]  ? __ia32_sys_bpf+0x76/0xe0
[  303.765720][T11849]  ? __do_fast_syscall_32+0x7c/0x3a0
[  303.765740][T11849]  ? do_fast_syscall_32+0x32/0x80
[  303.765761][T11849]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  303.765788][T11849]  ? __pfx_bpf_check+0x10/0x10
[  303.765806][T11849]  ? rcu_is_watching+0x12/0xc0
[  303.765824][T11849]  ? ref_tracker_free+0x37c/0x830
[  303.765847][T11849]  ? rcu_is_watching+0x12/0xc0
[  303.765866][T11849]  ? rcu_is_watching+0x12/0xc0
[  303.765882][T11849]  ? bpf_prog_load+0xd41/0x2490
[  303.765904][T11849]  ? rcu_is_watching+0x12/0xc0
[  303.765921][T11849]  ? rcu_is_watching+0x12/0xc0
[  303.765938][T11849]  ? __asan_memset+0x23/0x50
[  303.765954][T11849]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  303.765979][T11849]  bpf_prog_load+0xe41/0x2490
[  303.766005][T11849]  ? __pfx_bpf_prog_load+0x10/0x10
[  303.766038][T11849]  __sys_bpf+0x4a3f/0x4de0
[  303.766061][T11849]  ? lock_release+0x201/0x2f0
[  303.766083][T11849]  ? __pfx___sys_bpf+0x10/0x10
[  303.766106][T11849]  ? ksys_write+0x190/0x250
[  303.766124][T11849]  ? rcu_is_watching+0x12/0xc0
[  303.766140][T11849]  ? lock_release+0x201/0x2f0
[  303.766184][T11849]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  303.766212][T11849]  ? fput+0x9b/0xd0
[  303.766234][T11849]  ? ksys_write+0x1ac/0x250
[  303.766252][T11849]  ? __pfx_ksys_write+0x10/0x10
[  303.766272][T11849]  __ia32_sys_bpf+0x76/0xe0
[  303.766298][T11849]  __do_fast_syscall_32+0x7c/0x3a0
[  303.766321][T11849]  do_fast_syscall_32+0x32/0x80
[  303.766349][T11849]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  303.766368][T11849] RIP: 0023:0xf704e579
[  303.766382][T11849] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  303.766398][T11849] RSP: 002b:00000000f543e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  303.766415][T11849] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000400
[  303.766426][T11849] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  303.766437][T11849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  303.766447][T11849] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  303.766458][T11849] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  303.766473][T11849]  </TASK>
[  303.959510][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.971754][T11843] veth0_macvtap (unregistering): left allmulticast mode
[  304.164608][T11858] fuse: Unknown parameter 'group_id00000000000000000000'
[  304.173465][T11858] lo speed is unknown, defaulting to 1000
[  304.178026][T11858] lo speed is unknown, defaulting to 1000
[  304.181936][T11858] lo speed is unknown, defaulting to 1000
[  304.302895][T11858] infiniband s
z1: set active
[  304.304492][T11858] infiniband s
z1: added lo
[  304.306678][ T5984] lo speed is unknown, defaulting to 1000
[  304.316089][T11858] RDS/IB: s
z1: added
[  304.317425][T11858] smc: adding ib device s
z1 with port count 1
[  304.319492][T11858] smc:    ib device s
z1 port 1 has pnetid 
[  304.321794][T11858] lo speed is unknown, defaulting to 1000
[  304.344709][T11864] syz.1.1652 (11864): drop_caches: 2
[  304.346646][T11864] syz.1.1652 (11864): drop_caches: 2
[  304.354399][T11858] lo speed is unknown, defaulting to 1000
[  304.391462][T11858] lo speed is unknown, defaulting to 1000
[  304.424563][T11858] lo speed is unknown, defaulting to 1000
[  304.456914][ T5984] lo speed is unknown, defaulting to 1000
[  304.571584][T11867] vlan0: entered promiscuous mode
[  304.580466][T11869] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1655'.
[  304.599468][ T5337] Bluetooth: hci1: command tx timeout
[  304.659595][ T6030] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  304.833425][ T6030] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  304.837947][ T6030] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  304.843736][ T6030] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  304.846501][ T6030] usb 7-1: New USB device strings: Mfr=2, Product=5, SerialNumber=0
[  304.849063][ T6030] usb 7-1: Product: syz
[  304.853099][ T6030] usb 7-1: Manufacturer: syz
[  304.856618][T11855] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  304.860109][ T6030] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  304.999743][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  305.027111][T11881] FAULT_INJECTION: forcing a failure.
[  305.027111][T11881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.031857][T11881] CPU: 1 UID: 0 PID: 11881 Comm: syz.4.1658 Not tainted syzkaller #0 PREEMPT(full) 
[  305.031883][T11881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  305.031890][T11881] Call Trace:
[  305.031894][T11881]  <TASK>
[  305.031898][T11881]  dump_stack_lvl+0x16c/0x1f0
[  305.031915][T11881]  should_fail_ex+0x512/0x640
[  305.031931][T11881]  _copy_from_user+0x2e/0xd0
[  305.031949][T11881]  input_event_from_user+0x137/0x290
[  305.031966][T11881]  ? __pfx_input_event_from_user+0x10/0x10
[  305.031982][T11881]  ? input_inject_event+0x1c0/0x3b0
[  305.032000][T11881]  evdev_write+0x26b/0x440
[  305.032018][T11881]  ? __pfx_evdev_write+0x10/0x10
[  305.032032][T11881]  ? common_file_perm+0x1a9/0x340
[  305.032055][T11881]  ? bpf_lsm_file_permission+0x9/0x10
[  305.032081][T11881]  ? security_file_permission+0x71/0x210
[  305.032099][T11881]  ? rw_verify_area+0xcf/0x6c0
[  305.032118][T11881]  ? __pfx_evdev_write+0x10/0x10
[  305.032134][T11881]  vfs_write+0x29d/0x11d0
[  305.032155][T11881]  ? __pfx_vfs_write+0x10/0x10
[  305.032169][T11881]  ? __fget_files+0x204/0x3c0
[  305.032180][T11881]  ? rcu_is_watching+0x12/0xc0
[  305.032191][T11881]  ? lock_release+0x201/0x2f0
[  305.032205][T11881]  ? __fget_files+0x20e/0x3c0
[  305.032217][T11881]  ksys_write+0x1f8/0x250
[  305.032228][T11881]  ? __pfx_ksys_write+0x10/0x10
[  305.032240][T11881]  ? rcu_is_watching+0x12/0xc0
[  305.032251][T11881]  __do_fast_syscall_32+0x7c/0x3a0
[  305.032266][T11881]  do_fast_syscall_32+0x32/0x80
[  305.032280][T11881]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  305.032293][T11881] RIP: 0023:0xf702e579
[  305.032301][T11881] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  305.032312][T11881] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  305.032322][T11881] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000040
[  305.032329][T11881] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000
[  305.032336][T11881] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  305.032343][T11881] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  305.032349][T11881] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  305.032358][T11881]  </TASK>
[  305.196900][   T90] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.200406][   T90] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.449487][ T1474] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  305.603334][ T1474] usb 9-1: config index 0 descriptor too short (expected 39, got 27)
[  305.605968][ T1474] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  305.609214][ T1474] usb 9-1: config 0 interface 0 has no altsetting 0
[  305.615487][ T1474] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  305.618766][ T1474] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  305.621786][ T1474] usb 9-1: Product: syz
[  305.623168][ T1474] usb 9-1: Manufacturer: syz
[  305.624837][ T1474] usb 9-1: SerialNumber: syz
[  305.627785][ T1474] usb 9-1: config 0 descriptor??
[  305.633158][ T1474] hub 9-1:0.0: bad descriptor, ignoring hub
[  305.635069][ T1474] hub 9-1:0.0: probe with driver hub failed with error -5
[  305.638702][ T1474] usb 9-1: selecting invalid altsetting 0
[  305.865777][T11900] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1664'.
[  305.949696][   T61] usb 9-1: USB disconnect, device number 2
[  306.029696][T11906] FAULT_INJECTION: forcing a failure.
[  306.029696][T11906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  306.034984][T11906] CPU: 0 UID: 0 PID: 11906 Comm: syz.1.1666 Not tainted syzkaller #0 PREEMPT(full) 
[  306.035004][T11906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  306.035015][T11906] Call Trace:
[  306.035020][T11906]  <TASK>
[  306.035026][T11906]  dump_stack_lvl+0x16c/0x1f0
[  306.035051][T11906]  should_fail_ex+0x512/0x640
[  306.035077][T11906]  _copy_to_user+0x32/0xd0
[  306.035092][T11906]  generic_map_lookup_batch+0x61e/0xb40
[  306.035122][T11906]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  306.035146][T11906]  ? __might_fault+0xb0/0x190
[  306.035167][T11906]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[  306.035206][T11906]  bpf_map_do_batch+0x267/0x680
[  306.035226][T11906]  __sys_bpf+0x188d/0x4de0
[  306.035249][T11906]  ? lock_release+0x201/0x2f0
[  306.035271][T11906]  ? __pfx___sys_bpf+0x10/0x10
[  306.035295][T11906]  ? ksys_write+0x190/0x250
[  306.035312][T11906]  ? rcu_is_watching+0x12/0xc0
[  306.035328][T11906]  ? lock_release+0x201/0x2f0
[  306.035350][T11906]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  306.035379][T11906]  ? fput+0x9b/0xd0
[  306.035401][T11906]  ? ksys_write+0x1ac/0x250
[  306.035419][T11906]  ? __pfx_ksys_write+0x10/0x10
[  306.035439][T11906]  __ia32_sys_bpf+0x76/0xe0
[  306.035465][T11906]  __do_fast_syscall_32+0x7c/0x3a0
[  306.035488][T11906]  do_fast_syscall_32+0x32/0x80
[  306.035509][T11906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  306.035530][T11906] RIP: 0023:0xf704e579
[  306.035542][T11906] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  306.035562][T11906] RSP: 002b:00000000f543e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  306.035578][T11906] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 0000000080000240
[  306.035588][T11906] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  306.035598][T11906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  306.035607][T11906] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  306.035618][T11906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  306.035634][T11906]  </TASK>
[  306.053321][T11907] syz.0.1665 (11907): drop_caches: 2
[  306.112720][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  306.115285][T11907] syz.0.1665 (11907): drop_caches: 2
[  306.289403][ T6030] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  306.451465][ T6030] usb 9-1: config index 0 descriptor too short (expected 39, got 27)
[  306.454274][ T6030] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  306.457387][ T6030] usb 9-1: config 0 interface 0 has no altsetting 0
[  306.461757][ T6030] usb 9-1: string descriptor 0 read error: -22
[  306.464086][ T6030] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  306.466992][ T6030] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  306.471336][ T6030] usb 9-1: config 0 descriptor??
[  306.475051][ T6030] hub 9-1:0.0: bad descriptor, ignoring hub
[  306.477108][ T6030] hub 9-1:0.0: probe with driver hub failed with error -5
[  306.480612][ T6030] usb 9-1: selecting invalid altsetting 0
[  306.599907][ T6059] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  306.679449][ T5337] Bluetooth: hci1: command tx timeout
[  306.779670][ T6030] usb 9-1: USB disconnect, device number 3
[  306.976173][T11921] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1670'.
[  306.979940][T11921] misc userio: No port type given on /dev/userio
[  307.001158][ T6030] usb 7-1: USB disconnect, device number 10
[  307.012993][T11923] s
z1: rxe_newlink: already configured on lo
[  307.033872][T11925] misc userio: The device must be registered before sending interrupts
[  307.169586][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  307.221574][T11933] netlink: 'syz.4.1673': attribute type 1 has an invalid length.
[  307.229706][T11933] bond1 (unregistering): Released all slaves
[  307.264067][T11936] input: syz0 as /devices/virtual/input/input22
[  307.323806][   T40] kauditd_printk_skb: 37 callbacks suppressed
[  307.323817][   T40] audit: type=1326 audit(1756079477.175:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11937 comm="syz.4.1675" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x0
[  308.199507][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  308.359491][ T6030] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  308.642271][T11957] FAULT_INJECTION: forcing a failure.
[  308.642271][T11957] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  308.646638][T11957] CPU: 1 UID: 0 PID: 11957 Comm: syz.1.1680 Not tainted syzkaller #0 PREEMPT(full) 
[  308.646653][T11957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  308.646660][T11957] Call Trace:
[  308.646665][T11957]  <TASK>
[  308.646669][T11957]  dump_stack_lvl+0x16c/0x1f0
[  308.646686][T11957]  should_fail_ex+0x512/0x640
[  308.646702][T11957]  _copy_to_user+0x32/0xd0
[  308.646712][T11957]  simple_read_from_buffer+0xcb/0x170
[  308.646723][T11957]  proc_fail_nth_read+0x197/0x240
[  308.646735][T11957]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  308.646745][T11957]  ? security_file_permission+0x71/0x210
[  308.646760][T11957]  ? rw_verify_area+0xcf/0x6c0
[  308.646770][T11957]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  308.646780][T11957]  vfs_read+0x1e4/0xcf0
[  308.646792][T11957]  ? __pfx_vfs_read+0x10/0x10
[  308.646803][T11957]  ? rcu_is_watching+0x12/0xc0
[  308.646815][T11957]  ? __fget_files+0x20e/0x3c0
[  308.646828][T11957]  ksys_read+0x12a/0x250
[  308.646839][T11957]  ? __pfx_ksys_read+0x10/0x10
[  308.646850][T11957]  ? fput+0x9b/0xd0
[  308.646862][T11957]  ? rcu_is_watching+0x12/0xc0
[  308.646873][T11957]  __do_fast_syscall_32+0x7c/0x3a0
[  308.646888][T11957]  do_fast_syscall_32+0x32/0x80
[  308.646901][T11957]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  308.646915][T11957] RIP: 0023:0xf704e579
[  308.646923][T11957] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  308.646934][T11957] RSP: 002b:00000000f543e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  308.646945][T11957] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f543e620
[  308.646951][T11957] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[  308.646957][T11957] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  308.646963][T11957] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  308.646969][T11957] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  308.646978][T11957]  </TASK>
[  308.744639][T11960] netlink: 'syz.0.1681': attribute type 13 has an invalid length.
[  308.747334][T11960] netlink: 'syz.0.1681': attribute type 17 has an invalid length.
[  308.802074][T11971] FAULT_INJECTION: forcing a failure.
[  308.802074][T11971] name failslab, interval 1, probability 0, space 0, times 0
[  308.806875][T11971] CPU: 0 UID: 0 PID: 11971 Comm: syz.1.1685 Not tainted syzkaller #0 PREEMPT(full) 
[  308.806909][T11971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  308.806917][T11971] Call Trace:
[  308.806921][T11971]  <TASK>
[  308.806926][T11971]  dump_stack_lvl+0x16c/0x1f0
[  308.806943][T11971]  should_fail_ex+0x512/0x640
[  308.806958][T11971]  ? __mutex_trylock_common+0xe9/0x250
[  308.806972][T11971]  should_failslab+0xc2/0x120
[  308.806986][T11971]  __kmalloc_cache_noprof+0x6a/0x3e0
[  308.806997][T11971]  ? __hw_addr_add_ex+0x3c9/0x7c0
[  308.807007][T11971]  __hw_addr_add_ex+0x3c9/0x7c0
[  308.807016][T11971]  ? rcu_is_watching+0x12/0xc0
[  308.807027][T11971]  ? __pfx___hw_addr_add_ex+0x10/0x10
[  308.807036][T11971]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  308.807051][T11971]  ? __pfx_veth_setup+0x10/0x10
[  308.807063][T11971]  dev_addr_init+0x161/0x250
[  308.807074][T11971]  ? __pfx_dev_addr_init+0x10/0x10
[  308.807086][T11971]  alloc_netdev_mqs+0x35e/0x1530
[  308.807099][T11971]  ? __pfx_stack_trace_save+0x10/0x10
[  308.807112][T11971]  rtnl_create_link+0xc08/0xf90
[  308.807127][T11971]  veth_newlink+0x611/0xa00
[  308.807139][T11971]  ? rtnl_newlink+0xb69/0x2000
[  308.807152][T11971]  ? rtnetlink_rcv_msg+0x95b/0xe90
[  308.807165][T11971]  ? __pfx_veth_newlink+0x10/0x10
[  308.807177][T11971]  ? ____sys_sendmsg+0xa95/0xc70
[  308.807201][T11971]  ? validate_linkmsg+0x57c/0xb60
[  308.807214][T11971]  ? __pfx_validate_linkmsg+0x10/0x10
[  308.807227][T11971]  ? alloc_netdev_mqs+0xe08/0x1530
[  308.807241][T11971]  ? rtnl_create_link+0xa4a/0xf90
[  308.807254][T11971]  ? __pfx_veth_newlink+0x10/0x10
[  308.807267][T11971]  rtnl_newlink+0xc45/0x2000
[  308.807282][T11971]  ? __pfx_rtnl_newlink+0x10/0x10
[  308.807295][T11971]  ? __kernel_text_address+0xd/0x40
[  308.807305][T11971]  ? unwind_get_return_address+0x59/0xa0
[  308.807320][T11971]  ? rcu_is_watching+0x12/0xc0
[  308.807330][T11971]  ? aa_get_newest_label+0xd2/0x250
[  308.807341][T11971]  ? apparmor_capable+0x114/0x1d0
[  308.807352][T11971]  ? rcu_is_watching+0x12/0xc0
[  308.807362][T11971]  ? __pfx_rtnl_newlink+0x10/0x10
[  308.807375][T11971]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  308.807388][T11971]  ? rcu_is_watching+0x12/0xc0
[  308.807397][T11971]  ? __pfx_rtnl_newlink+0x10/0x10
[  308.807410][T11971]  ? lock_release+0x201/0x2f0
[  308.807422][T11971]  ? __pfx_rtnl_newlink+0x10/0x10
[  308.807435][T11971]  rtnetlink_rcv_msg+0x95b/0xe90
[  308.807449][T11971]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  308.807466][T11971]  netlink_rcv_skb+0x155/0x420
[  308.807480][T11971]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  308.807494][T11971]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  308.807507][T11971]  ? rcu_is_watching+0x12/0xc0
[  308.807518][T11971]  ? netlink_deliver_tap+0x1ae/0xd30
[  308.807530][T11971]  ? is_vmalloc_addr+0x86/0xa0
[  308.807543][T11971]  netlink_unicast+0x5aa/0x870
[  308.807557][T11971]  ? __pfx_netlink_unicast+0x10/0x10
[  308.807570][T11971]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  308.807585][T11971]  netlink_sendmsg+0x8d1/0xdd0
[  308.807599][T11971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.807616][T11971]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  308.807628][T11971]  ____sys_sendmsg+0xa95/0xc70
[  308.807643][T11971]  ? __pfx_____sys_sendmsg+0x10/0x10
[  308.807658][T11971]  ? get_compat_msghdr+0x11a/0x170
[  308.807672][T11971]  ? kstrtouint_from_user+0x13c/0x1d0
[  308.807686][T11971]  ___sys_sendmsg+0x134/0x1d0
[  308.807699][T11971]  ? get_pid_task+0xfc/0x250
[  308.807713][T11971]  ? __pfx____sys_sendmsg+0x10/0x10
[  308.807727][T11971]  ? rcu_is_watching+0x12/0xc0
[  308.807741][T11971]  __sys_sendmsg+0x16d/0x220
[  308.807754][T11971]  ? __pfx___sys_sendmsg+0x10/0x10
[  308.807769][T11971]  ? rcu_is_watching+0x12/0xc0
[  308.807779][T11971]  __do_fast_syscall_32+0x7c/0x3a0
[  308.807793][T11971]  do_fast_syscall_32+0x32/0x80
[  308.807806][T11971]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  308.807821][T11971] RIP: 0023:0xf704e579
[  308.807828][T11971] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  308.807839][T11971] RSP: 002b:00000000f543e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  308.807849][T11971] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  308.807855][T11971] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  308.807861][T11971] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  308.807866][T11971] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  308.807872][T11971] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  308.807881][T11971]  </TASK>
[  309.132072][T11977] netlink: 'syz.1.1687': attribute type 11 has an invalid length.
[  309.135524][T11977] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1687'.
[  309.159426][ T6030] page_pool_release_retry() stalled pool shutdown: id 28, 1 inflight 60 sec
[  309.320343][T11979] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1686'.
[  309.341290][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  309.391006][T11984] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1689'.
[  309.649631][ T1474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  310.354966][T11994] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1691'.
[  310.363101][T11996] comedi comedi0: Minor -2147450880 is invalid!
[  310.369791][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  310.482420][T11999] FAULT_INJECTION: forcing a failure.
[  310.482420][T11999] name failslab, interval 1, probability 0, space 0, times 0
[  310.486382][T11999] CPU: 0 UID: 0 PID: 11999 Comm: syz.4.1691 Not tainted syzkaller #0 PREEMPT(full) 
[  310.486408][T11999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  310.486414][T11999] Call Trace:
[  310.486419][T11999]  <TASK>
[  310.486422][T11999]  dump_stack_lvl+0x16c/0x1f0
[  310.486439][T11999]  should_fail_ex+0x512/0x640
[  310.486455][T11999]  should_failslab+0xc2/0x120
[  310.486469][T11999]  __kmalloc_cache_node_noprof+0x6d/0x420
[  310.486481][T11999]  ? __get_vm_area_node+0x101/0x330
[  310.486497][T11999]  __get_vm_area_node+0x101/0x330
[  310.486512][T11999]  ? rcu_is_watching+0x12/0xc0
[  310.486523][T11999]  __vmalloc_node_range_noprof+0x271/0x14b0
[  310.486533][T11999]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  310.486546][T11999]  ? rcu_is_watching+0x12/0xc0
[  310.486556][T11999]  ? rcu_is_watching+0x12/0xc0
[  310.486566][T11999]  ? bpf_ksym_find+0x124/0x1c0
[  310.486574][T11999]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  310.486587][T11999]  ? __kernel_text_address+0xd/0x40
[  310.486597][T11999]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  310.486606][T11999]  ? arch_stack_walk+0xa6/0x100
[  310.486619][T11999]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  310.486630][T11999]  __vmalloc_node_noprof+0xad/0xf0
[  310.486640][T11999]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  310.486652][T11999]  bpf_prog_alloc_no_stats+0x54/0x5d0
[  310.486663][T11999]  ? security_capable+0x7e/0x260
[  310.486674][T11999]  bpf_prog_alloc+0x3b/0x230
[  310.486685][T11999]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  310.486700][T11999]  bpf_prog_load+0x1a04/0x2490
[  310.486716][T11999]  ? __pfx_bpf_prog_load+0x10/0x10
[  310.486736][T11999]  __sys_bpf+0x4a3f/0x4de0
[  310.486750][T11999]  ? lock_release+0x201/0x2f0
[  310.486764][T11999]  ? __pfx___sys_bpf+0x10/0x10
[  310.486778][T11999]  ? ksys_write+0x190/0x250
[  310.486789][T11999]  ? rcu_is_watching+0x12/0xc0
[  310.486799][T11999]  ? lock_release+0x201/0x2f0
[  310.486812][T11999]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  310.486829][T11999]  ? fput+0x9b/0xd0
[  310.486842][T11999]  ? ksys_write+0x1ac/0x250
[  310.486853][T11999]  ? __pfx_ksys_write+0x10/0x10
[  310.486866][T11999]  __ia32_sys_bpf+0x76/0xe0
[  310.486881][T11999]  __do_fast_syscall_32+0x7c/0x3a0
[  310.486895][T11999]  do_fast_syscall_32+0x32/0x80
[  310.486908][T11999]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  310.486922][T11999] RIP: 0023:0xf702e579
[  310.486929][T11999] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  310.486940][T11999] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  310.486950][T11999] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000840
[  310.486956][T11999] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  310.486963][T11999] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  310.486969][T11999] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  310.486975][T11999] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  310.486984][T11999]  </TASK>
[  310.487001][T11999] syz.4.1691: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  310.596288][T11999] CPU: 0 UID: 0 PID: 11999 Comm: syz.4.1691 Not tainted syzkaller #0 PREEMPT(full) 
[  310.596314][T11999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  310.596323][T11999] Call Trace:
[  310.596327][T11999]  <TASK>
[  310.596332][T11999]  dump_stack_lvl+0x16c/0x1f0
[  310.596348][T11999]  warn_alloc+0x248/0x3a0
[  310.596365][T11999]  ? __pfx_warn_alloc+0x10/0x10
[  310.596377][T11999]  ? __kmalloc_cache_node_noprof+0x272/0x420
[  310.596390][T11999]  ? __kasan_kmalloc+0x8a/0xb0
[  310.596401][T11999]  ? __get_vm_area_node+0x208/0x330
[  310.596418][T11999]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  310.596428][T11999]  ? rcu_is_watching+0x12/0xc0
[  310.596439][T11999]  ? rcu_is_watching+0x12/0xc0
[  310.596449][T11999]  ? bpf_ksym_find+0x124/0x1c0
[  310.596459][T11999]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  310.596472][T11999]  ? __kernel_text_address+0xd/0x40
[  310.596481][T11999]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  310.596491][T11999]  ? arch_stack_walk+0xa6/0x100
[  310.596504][T11999]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  310.596516][T11999]  __vmalloc_node_noprof+0xad/0xf0
[  310.596525][T11999]  ? bpf_prog_alloc_no_stats+0x54/0x5d0
[  310.596537][T11999]  bpf_prog_alloc_no_stats+0x54/0x5d0
[  310.596549][T11999]  ? security_capable+0x7e/0x260
[  310.596560][T11999]  bpf_prog_alloc+0x3b/0x230
[  310.596571][T11999]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  310.596586][T11999]  bpf_prog_load+0x1a04/0x2490
[  310.596602][T11999]  ? __pfx_bpf_prog_load+0x10/0x10
[  310.596622][T11999]  __sys_bpf+0x4a3f/0x4de0
[  310.596636][T11999]  ? lock_release+0x201/0x2f0
[  310.596649][T11999]  ? __pfx___sys_bpf+0x10/0x10
[  310.596663][T11999]  ? ksys_write+0x190/0x250
[  310.596675][T11999]  ? rcu_is_watching+0x12/0xc0
[  310.596685][T11999]  ? lock_release+0x201/0x2f0
[  310.596698][T11999]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  310.596715][T11999]  ? fput+0x9b/0xd0
[  310.596728][T11999]  ? ksys_write+0x1ac/0x250
[  310.596739][T11999]  ? __pfx_ksys_write+0x10/0x10
[  310.596751][T11999]  __ia32_sys_bpf+0x76/0xe0
[  310.596767][T11999]  __do_fast_syscall_32+0x7c/0x3a0
[  310.596781][T11999]  do_fast_syscall_32+0x32/0x80
[  310.596794][T11999]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  310.596807][T11999] RIP: 0023:0xf702e579
[  310.596815][T11999] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  310.596826][T11999] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  310.596835][T11999] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000840
[  310.596842][T11999] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  310.596848][T11999] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  310.596853][T11999] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  310.596859][T11999] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  310.596868][T11999]  </TASK>
[  310.596884][T11999] Mem-Info:
[  310.727168][T11999] active_anon:3384 inactive_anon:1845 isolated_anon:0
[  310.727168][T11999]  active_file:4049 inactive_file:6483 isolated_file:0
[  310.727168][T11999]  unevictable:1768 dirty:451 writeback:0
[  310.727168][T11999]  slab_reclaimable:6208 slab_unreclaimable:59379
[  310.727168][T11999]  mapped:23983 shmem:2083 pagetables:1486
[  310.727168][T11999]  sec_pagetables:314 bounce:0
[  310.727168][T11999]  kernel_misc_reclaimable:0
[  310.727168][T11999]  free:58411 free_pcp:13074 free_cma:0
[  310.752451][T11999] Node 0 active_anon:408kB inactive_anon:264kB active_file:1728kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:636kB dirty:0kB writeback:0kB shmem:3724kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9024kB pagetables:1996kB sec_pagetables:1140kB all_unreclaimable? no Balloon:0kB
[  310.763550][T11999] Node 1 active_anon:13428kB inactive_anon:7116kB active_file:14468kB inactive_file:25932kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:96396kB dirty:1804kB writeback:0kB shmem:4608kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:6612kB pagetables:4048kB sec_pagetables:116kB all_unreclaimable? no Balloon:0kB
[  310.777096][T11999] Node 0 DMA free:2304kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:16kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB
[  310.790479][T11999] lowmem_reserve[]: 0 288 288 288 288
[  310.792933][T11999] Node 0 DMA32 free:20332kB boost:4096kB min:17316kB low:20620kB high:23924kB reserved_highatomic:2048KB free_highatomic:168KB active_anon:408kB inactive_anon:248kB active_file:1724kB inactive_file:0kB unevictable:3536kB writepending:0kB present:1032196kB managed:295148kB mlocked:0kB bounce:0kB free_pcp:9996kB local_pcp:4084kB free_cma:0kB
[  310.805225][T11999] lowmem_reserve[]: 0 0 0 0 0
[  310.807641][T11999] Node 1 DMA32 free:207788kB boost:22528kB min:69668kB low:81452kB high:93236kB reserved_highatomic:10240KB free_highatomic:6192KB active_anon:13528kB inactive_anon:7116kB active_file:14468kB inactive_file:25932kB unevictable:3536kB writepending:1804kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:43500kB local_pcp:10800kB free_cma:0kB
[  310.821436][T11999] lowmem_reserve[]: 0 0 0 0 0
[  310.828223][T11999] Node 0 DMA: 62*4kB (UM) 9*8kB (UM) 6*16kB (UM) 3*32kB (U) 2*64kB (M) 1*128kB (M) 2*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2304kB
[  310.834032][T11999] Node 0 DMA32: 247*4kB (UEH) 300*8kB (UMEH) 121*16kB (UME) 91*32kB (UM) 95*64kB (UME) 23*128kB (UM) 10*256kB (UME) 1*512kB (E) 0*1024kB 0*2048kB 0*4096kB = 20332kB
[  310.839264][T11999] Node 1 DMA32: 770*4kB (MEH) 441*8kB (MEH) 460*16kB (UMEH) 361*32kB (UMEH) 335*64kB (UMEH) 315*128kB (UMEH) 164*256kB (UMEH) 65*512kB (UMH) 28*1024kB (UM) 5*2048kB (UM) 1*4096kB (M) = 205552kB
[  310.845634][T11999] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  310.849381][T11999] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  310.863395][T11999] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  310.866460][T11999] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  310.869574][T11999] 13568 total pagecache pages
[  310.897521][T11999] 949 pages in swap cache
[  310.899170][T11999] Free swap  = 108792kB
[  310.900667][T11999] Total swap = 124996kB
[  310.903614][T11999] 524155 pages RAM
[  310.904973][T11999] 0 pages HighMem/MovableOnly
[  310.906711][T11999] 209473 pages reserved
[  310.908252][T11999] 0 pages cma reserved
[  311.045592][T12032] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1696'.
[  311.050506][T12032] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1696'.
[  311.078666][T12034] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1697'.
[  311.399497][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  311.449552][T12042] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1698'.
[  311.556163][T12049] syz.0.1698 (12049): drop_caches: 2
[  311.559087][T12049] syz.0.1698 (12049): drop_caches: 2
[  311.797650][T12053] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1700'.
[  312.699270][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  312.752772][ T6059] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  312.924730][T12071] syz.4.1703 (12071): drop_caches: 2
[  312.929178][T12071] syz.4.1703 (12071): drop_caches: 2
[  313.749844][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  313.856022][T12086] team0: Port device team_slave_0 removed
[  313.860607][T12089] netlink: 'syz.2.1711': attribute type 10 has an invalid length.
[  313.865553][T12086] team0: Port device team_slave_1 removed
[  313.880630][T12086] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.900452][T12086] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  313.929816][T12086] batman_adv: batadv0: Removing interface: batadv_slave_1
[  314.046139][T12086] batman_adv: batadv0: Interface deactivated: gretap1
[  314.048856][T12086] batman_adv: batadv0: Removing interface: gretap1
[  314.069681][ T1328] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  314.070096][   T61] lo speed is unknown, defaulting to 1000
[  314.159530][ T1328] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  314.203857][   T40] audit: type=1800 audit(1756079484.055:1795): pid=12099 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1714" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[  314.759703][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  314.785341][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  315.028001][T12117] syz.4.1718 (12117): drop_caches: 2
[  315.032840][T12117] syz.4.1718 (12117): drop_caches: 2
[  315.537730][T12123] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1721'.
[  315.800185][ T1474] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  315.809566][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  316.006614][T12128] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1724'.
[  316.009565][T12128] bridge_slave_1: left allmulticast mode
[  316.011602][T12128] bridge_slave_1: left promiscuous mode
[  316.013385][T12128] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.019130][T12128] bridge_slave_0: left allmulticast mode
[  316.021858][T12128] bridge_slave_0: left promiscuous mode
[  316.025371][T12128] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.406235][T12140] sctp: [Deprecated]: syz.1.1728 (pid 12140) Use of int in max_burst socket option deprecated.
[  316.406235][T12140] Use struct sctp_assoc_value instead
[  316.691277][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  316.828102][ T6030] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  317.745532][T12190] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  317.747881][T12190] UDF-fs: Scanning with blocksize 2048 failed
[  317.751273][T12190] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  317.754130][T12190] UDF-fs: Scanning with blocksize 4096 failed
[  317.789895][   T61] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  317.891593][  T840] net_ratelimit: 4 callbacks suppressed
[  317.891608][  T840] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  317.939430][   T61] usb 6-1: Using ep0 maxpacket: 8
[  317.942878][   T61] usb 6-1: too many configurations: 214, using maximum allowed: 8
[  317.947841][   T61] usb 6-1: unable to read config index 0 descriptor/start: -61
[  317.955059][   T61] usb 6-1: can't read configurations, error -61
[  318.089612][   T61] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  318.239481][   T61] usb 6-1: Using ep0 maxpacket: 8
[  318.242624][   T61] usb 6-1: too many configurations: 214, using maximum allowed: 8
[  318.246554][   T61] usb 6-1: unable to read config index 0 descriptor/start: -61
[  318.248799][   T61] usb 6-1: can't read configurations, error -61
[  318.251307][   T61] usb usb6-port1: attempt power cycle
[  318.447174][T12208] netlink: 'syz.4.1750': attribute type 30 has an invalid length.
[  318.450937][T12208] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  318.454413][T12208] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  318.589405][   T61] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  318.619786][   T61] usb 6-1: Using ep0 maxpacket: 8
[  318.622224][   T61] usb 6-1: too many configurations: 214, using maximum allowed: 8
[  318.625691][   T61] usb 6-1: unable to read config index 0 descriptor/start: -61
[  318.627988][   T61] usb 6-1: can't read configurations, error -61
[  318.769606][   T61] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  318.800110][   T61] usb 6-1: Using ep0 maxpacket: 8
[  318.802177][   T61] usb 6-1: too many configurations: 214, using maximum allowed: 8
[  318.805865][   T61] usb 6-1: unable to read config index 0 descriptor/start: -61
[  318.808524][   T61] usb 6-1: can't read configurations, error -61
[  318.811202][   T61] usb usb6-port1: unable to enumerate USB device
[  318.839536][ T6059] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  318.919525][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.311929][T12224] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.314588][T12224] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.317355][T12224] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.323718][T12224] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.326197][T12224] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.328649][T12224] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.331170][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.395301][T12225] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1756'.
[  319.890890][T12242] syz.0.1760 (12242): drop_caches: 2
[  319.898552][T12242] syz.0.1760 (12242): drop_caches: 2
[  320.633841][T12267] can0: slcan on ptm0.
[  320.761130][T12281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1770'.
[  320.880271][ T5984] usb 9-1: new low-speed USB device number 4 using dummy_hcd
[  321.009955][ T1328] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  321.159422][ T1328] usb 5-1: Using ep0 maxpacket: 16
[  321.162790][ T1328] usb 5-1: config 0 has no interfaces?
[  321.166438][ T1328] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  321.170167][ T1328] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.172764][ T1328] usb 5-1: Product: syz
[  321.174283][ T1328] usb 5-1: Manufacturer: syz
[  321.175882][ T1328] usb 5-1: SerialNumber: syz
[  321.179188][ T1328] usb 5-1: config 0 descriptor??
[  321.372541][ T5984] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  321.375747][ T5984] usb 9-1: config 0 has no interfaces?
[  321.377501][ T5984] usb 9-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  321.380693][ T5984] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.385332][ T5984] usb 9-1: config 0 descriptor??
[  321.416894][ T6059] usb 5-1: USB disconnect, device number 7
[  321.621692][ T1328] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  321.624615][ T1328] hid-generic 0000:0000:0000.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  321.750973][ T1328] usb 9-1: USB disconnect, device number 4
[  321.830336][T12267] can0 (unregistered): slcan off ptm0.
[  322.269655][ T6059] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  322.419828][ T6059] usb 6-1: Using ep0 maxpacket: 8
[  322.422898][ T6059] usb 6-1: config 0 has no interfaces?
[  322.425726][ T6059] usb 6-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  322.429019][ T6059] usb 6-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[  322.432037][ T6059] usb 6-1: Manufacturer: syz
[  322.434656][ T6059] usb 6-1: config 0 descriptor??
[  322.482995][T12322] syzkaller1: entered promiscuous mode
[  322.484768][T12322] syzkaller1: entered allmulticast mode
[  322.487538][T12322] program syz.0.1780 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  322.490873][T12322] nfs: Unknown parameter 'ntext'
[  322.492518][T12322] nfs: Unknown parameter 'ntext'
[  322.494088][T12322] nfs: Unknown parameter 'ntext'
[  322.495543][T12322] nfs: Unknown parameter 'ntext'
[  322.496980][T12322] nfs: Unknown parameter 'ntext'
[  322.498626][T12322] nfs: Unknown parameter 'ntext'
[  322.500336][T12322] nfs: Unknown parameter 'ntext'
[  322.502002][T12322] nfs: Unknown parameter 'ntext'
[  322.503639][T12322] nfs: Unknown parameter 'ntext'
[  322.505345][T12322] nfs: Unknown parameter 'ntext'
[  322.507258][T12322] nfs: Unknown parameter 'ntext'
[  322.509107][T12322] nfs: Unknown parameter 'ntext'
[  322.510800][T12322] nfs: Unknown parameter 'ntext'
[  322.512427][T12322] nfs: Unknown parameter 'ntext'
[  322.514115][T12322] nfs: Unknown parameter 'ntext'
[  322.515750][T12322] nfs: Unknown parameter 'ntext'
[  322.517392][T12322] nfs: Unknown parameter 'ntext'
[  322.519090][T12322] nfs: Unknown parameter 'ntext'
[  322.521096][T12322] nfs: Unknown parameter 'ntext'
[  322.522840][T12322] nfs: Unknown parameter 'ntext'
[  322.524533][T12322] nfs: Unknown parameter 'ntext'
[  322.526230][T12322] nfs: Unknown parameter 'ntext'
[  322.527857][T12322] nfs: Unknown parameter 'ntext'
[  322.529531][T12322] nfs: Unknown parameter 'ntext'
[  322.531175][T12322] nfs: Unknown parameter 'ntext'
[  322.532840][T12322] nfs: Unknown parameter 'ntext'
[  322.534489][T12322] nfs: Unknown parameter 'ntext'
[  322.536118][T12322] nfs: Unknown parameter 'ntext'
[  322.537787][T12322] nfs: Unknown parameter 'ntext'
[  322.539497][T12322] nfs: Unknown parameter 'ntext'
[  322.541124][T12322] nfs: Unknown parameter 'ntext'
[  322.542766][T12322] nfs: Unknown parameter 'ntext'
[  322.544405][T12322] nfs: Unknown parameter 'ntext'
[  322.546052][T12322] nfs: Unknown parameter 'ntext'
[  322.547989][T12322] nfs: Unknown parameter 'ntext'
[  322.549688][T12322] nfs: Unknown parameter 'ntext'
[  322.551335][T12322] nfs: Unknown parameter 'ntext'
[  322.552955][T12322] nfs: Unknown parameter 'ntext'
[  322.554690][T12322] nfs: Unknown parameter 'ntext'
[  322.556496][T12322] nfs: Unknown parameter 'ntext'
[  322.558304][T12322] nfs: Unknown parameter 'ntext'
[  322.560167][T12322] nfs: Unknown parameter 'ntext'
[  322.561925][T12322] nfs: Unknown parameter 'ntext'
[  322.563642][T12322] nfs: Unknown parameter 'ntext'
[  322.565294][T12322] nfs: Unknown parameter 'ntext'
[  322.566946][T12322] nfs: Unknown parameter 'ntext'
[  322.568569][T12322] nfs: Unknown parameter 'ntext'
[  322.570357][T12322] nfs: Unknown parameter 'ntext'
[  322.571988][T12322] nfs: Unknown parameter 'ntext'
[  322.573939][T12322] nfs: Unknown parameter 'ntext'
[  322.575611][T12322] nfs: Unknown parameter 'ntext'
[  322.577245][T12322] nfs: Unknown parameter 'ntext'
[  322.579018][T12322] nfs: Unknown parameter 'ntext'
[  322.580740][T12322] nfs: Unknown parameter 'ntext'
[  322.582510][T12322] nfs: Unknown parameter 'ntext'
[  322.584208][T12322] nfs: Unknown parameter 'ntext'
[  322.585828][T12322] nfs: Unknown parameter 'ntext'
[  322.587478][T12322] nfs: Unknown parameter 'ntext'
[  322.589470][T12322] nfs: Unknown parameter 'ntext'
[  322.591139][T12322] nfs: Unknown parameter 'ntext'
[  322.592794][T12322] nfs: Unknown parameter 'ntext'
[  322.594452][T12322] nfs: Unknown parameter 'ntext'
[  322.596087][T12322] nfs: Unknown parameter 'ntext'
[  322.597710][T12322] nfs: Unknown parameter 'ntext'
[  322.599554][T12322] nfs: Unknown parameter 'ntext'
[  322.639283][ T6059] usb 6-1: USB disconnect, device number 10
[  323.089718][   T61] net_ratelimit: 140 callbacks suppressed
[  323.089731][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  323.219209][T12333] syz.2.1781 (12333): drop_caches: 2
[  323.226471][T12333] syz.2.1781 (12333): drop_caches: 2
[  323.356383][T12334] syzkaller1: entered promiscuous mode
[  323.358269][T12334] syzkaller1: entered allmulticast mode
[  323.393636][T12334] netlink: 'syz.1.1782': attribute type 1 has an invalid length.
[  323.418415][T12334] bond6: entered promiscuous mode
[  323.421921][T12334] 8021q: adding VLAN 0 to HW filter on device bond6
[  323.891475][T12352] FAULT_INJECTION: forcing a failure.
[  323.891475][T12352] name failslab, interval 1, probability 0, space 0, times 0
[  323.896485][T12352] CPU: 3 UID: 0 PID: 12352 Comm: syz.0.1788 Not tainted syzkaller #0 PREEMPT(full) 
[  323.896502][T12352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  323.896508][T12352] Call Trace:
[  323.896512][T12352]  <TASK>
[  323.896516][T12352]  dump_stack_lvl+0x16c/0x1f0
[  323.896533][T12352]  should_fail_ex+0x512/0x640
[  323.896548][T12352]  should_failslab+0xc2/0x120
[  323.896563][T12352]  __kvmalloc_node_noprof+0x137/0x620
[  323.896575][T12352]  ? __kernel_text_address+0xd/0x40
[  323.896585][T12352]  ? unwind_get_return_address+0x59/0xa0
[  323.896596][T12352]  ? simple_xattr_alloc+0x41/0xa0
[  323.896611][T12352]  ? simple_xattr_alloc+0x41/0xa0
[  323.896636][T12352]  simple_xattr_alloc+0x41/0xa0
[  323.896650][T12352]  simple_xattr_set+0x3d/0x3e0
[  323.896664][T12352]  shmem_xattr_handler_set+0x31b/0x3b0
[  323.896680][T12352]  ? __pfx_shmem_xattr_handler_set+0x10/0x10
[  323.896694][T12352]  __vfs_setxattr+0x175/0x1e0
[  323.896705][T12352]  ? __pfx___vfs_setxattr+0x10/0x10
[  323.896715][T12352]  ? apparmor_capable+0x114/0x1d0
[  323.896727][T12352]  __vfs_setxattr_noperm+0x127/0x660
[  323.896739][T12352]  __vfs_setxattr_locked+0x182/0x260
[  323.896752][T12352]  vfs_setxattr+0x145/0x360
[  323.896763][T12352]  ? __pfx_vfs_setxattr+0x10/0x10
[  323.896774][T12352]  ? rcu_is_watching+0x12/0xc0
[  323.896787][T12352]  ovl_check_setxattr+0x181/0x320
[  323.896803][T12352]  ovl_set_impure+0x13e/0x1e0
[  323.896819][T12352]  ovl_copy_up_one+0x10ab/0x38e0
[  323.896830][T12352]  ? simple_xattr_get+0xf1/0x1d0
[  323.896844][T12352]  ? __pfx_ovl_copy_up_one+0x10/0x10
[  323.896854][T12352]  ? simple_xattr_get+0x179/0x1d0
[  323.896867][T12352]  ? do_raw_spin_lock+0x12c/0x2b0
[  323.896884][T12352]  ? rcu_is_watching+0x12/0xc0
[  323.896894][T12352]  ? dput.part.0+0xd8/0x9b0
[  323.896916][T12352]  ? rcu_is_watching+0x12/0xc0
[  323.896926][T12352]  ? lock_release+0x201/0x2f0
[  323.896941][T12352]  ovl_copy_up_flags+0x18d/0x200
[  323.896951][T12352]  ovl_setattr+0x111/0x560
[  323.896961][T12352]  ? __pfx_ovl_setattr+0x10/0x10
[  323.896971][T12352]  notify_change+0x6a6/0x1230
[  323.896988][T12352]  chown_common+0x54e/0x680
[  323.897004][T12352]  ? __pfx_chown_common+0x10/0x10
[  323.897017][T12352]  ? rcu_is_watching+0x12/0xc0
[  323.897027][T12352]  ? mnt_get_write_access+0x54/0x300
[  323.897041][T12352]  ? rcu_is_watching+0x12/0xc0
[  323.897052][T12352]  ? mnt_get_write_access+0x20c/0x300
[  323.897066][T12352]  do_fchownat+0x1a7/0x200
[  323.897080][T12352]  ? __pfx_do_fchownat+0x10/0x10
[  323.897094][T12352]  ? __pfx_ksys_write+0x10/0x10
[  323.897106][T12352]  __ia32_sys_chown16+0xe3/0x110
[  323.897118][T12352]  __do_fast_syscall_32+0x7c/0x3a0
[  323.897133][T12352]  do_fast_syscall_32+0x32/0x80
[  323.897146][T12352]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  323.897159][T12352] RIP: 0023:0xf7ff8579
[  323.897167][T12352] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  323.897177][T12352] RSP: 002b:00000000f551655c EFLAGS: 00000296 ORIG_RAX: 00000000000000b6
[  323.897188][T12352] RAX: ffffffffffffffda RBX: 00000000800000c0 RCX: 0000000000000000
[  323.897194][T12352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  323.897200][T12352] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  323.897206][T12352] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  323.897212][T12352] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  323.897220][T12352]  </TASK>
[  323.922717][T12353] syz.4.1787 (12353): drop_caches: 2
[  324.021812][T12353] syz.4.1787 (12353): drop_caches: 2
[  324.107005][T12357] lo speed is unknown, defaulting to 1000
[  324.109466][T12357] lo speed is unknown, defaulting to 1000
[  324.119477][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.558356][T12373] netlink: 'syz.0.1795': attribute type 1 has an invalid length.
[  324.595669][T12373] bond2: entered promiscuous mode
[  324.598097][T12373] 8021q: adding VLAN 0 to HW filter on device bond2
[  324.839689][ T6059] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  324.936316][T12391] syz.2.1799 (12391): drop_caches: 2
[  324.938344][T12391] syz.2.1799 (12391): drop_caches: 2
[  325.038716][T12393] syz.0.1800 (12393): drop_caches: 2
[  325.040869][T12393] syz.0.1800 (12393): drop_caches: 2
[  325.159491][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  325.812470][T12405] FAULT_INJECTION: forcing a failure.
[  325.812470][T12405] name failslab, interval 1, probability 0, space 0, times 0
[  325.816582][T12405] CPU: 1 UID: 0 PID: 12405 Comm: syz.2.1803 Not tainted syzkaller #0 PREEMPT(full) 
[  325.816597][T12405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  325.816603][T12405] Call Trace:
[  325.816607][T12405]  <TASK>
[  325.816612][T12405]  dump_stack_lvl+0x16c/0x1f0
[  325.816628][T12405]  should_fail_ex+0x512/0x640
[  325.816644][T12405]  should_failslab+0xc2/0x120
[  325.816658][T12405]  __kmalloc_cache_noprof+0x6a/0x3e0
[  325.816668][T12405]  ? __pfx___mutex_lock+0x10/0x10
[  325.816681][T12405]  ? __request_region+0x5c/0xf0
[  325.816696][T12405]  __request_region+0x5c/0xf0
[  325.816710][T12405]  comedi_request_region+0x6d/0x1c0
[  325.816725][T12405]  c6xdigio_attach+0x52/0x4b0
[  325.816741][T12405]  comedi_device_attach+0x3b0/0x900
[  325.816756][T12405]  do_devconfig_ioctl+0x1b1/0x710
[  325.816765][T12405]  ? __mutex_lock+0x1c5/0x1060
[  325.816778][T12405]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  325.816790][T12405]  ? kasan_save_stack+0x42/0x60
[  325.816801][T12405]  ? kasan_save_stack+0x33/0x60
[  325.816811][T12405]  ? kasan_save_track+0x14/0x30
[  325.816822][T12405]  ? kasan_save_free_info+0x3b/0x60
[  325.816830][T12405]  ? __kasan_slab_free+0x60/0x70
[  325.816842][T12405]  ? kfree+0x2b4/0x4d0
[  325.816850][T12405]  ? tomoyo_path_number_perm+0x470/0x580
[  325.816864][T12405]  comedi_unlocked_ioctl+0x165d/0x2f00
[  325.816876][T12405]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  325.816891][T12405]  ? rcu_is_watching+0x12/0xc0
[  325.816902][T12405]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  325.816919][T12405]  ? tomoyo_path_number_perm+0x295/0x580
[  325.816930][T12405]  ? rcu_is_watching+0x12/0xc0
[  325.816940][T12405]  ? lock_release+0x201/0x2f0
[  325.816954][T12405]  ? tomoyo_path_number_perm+0x18d/0x580
[  325.816966][T12405]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  325.816979][T12405]  comedi_compat_ioctl+0x1d0/0x990
[  325.816990][T12405]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  325.817001][T12405]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  325.817017][T12405]  ? do_vfs_ioctl+0x128/0x14f0
[  325.817033][T12405]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  325.817049][T12405]  ? rcu_is_watching+0x12/0xc0
[  325.817059][T12405]  ? __fget_files+0x204/0x3c0
[  325.817069][T12405]  ? hook_file_ioctl_common+0x145/0x410
[  325.817083][T12405]  ? __fget_files+0x20e/0x3c0
[  325.817094][T12405]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  325.817106][T12405]  __ia32_compat_sys_ioctl+0x23f/0x370
[  325.817122][T12405]  __do_fast_syscall_32+0x7c/0x3a0
[  325.817136][T12405]  do_fast_syscall_32+0x32/0x80
[  325.817149][T12405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  325.817162][T12405] RIP: 0023:0xf70fe579
[  325.817171][T12405] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  325.817181][T12405] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  325.817191][T12405] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[  325.817198][T12405] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  325.817204][T12405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  325.817210][T12405] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  325.817216][T12405] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  325.817225][T12405]  </TASK>
[  325.817231][T12405] comedi comedi3: c6xdigio: I/O port conflict (0x4f2b,3)
[  325.944763][T12405] ==================================================================
[  325.947337][T12405] BUG: KASAN: slab-use-after-free in sysfs_remove_file_ns+0x63/0x70
[  325.950249][T12405] Read of size 8 at addr ffff88804cd3b430 by task syz.2.1803/12405
[  325.954177][T12405] 
[  325.955633][T12405] CPU: 1 UID: 0 PID: 12405 Comm: syz.2.1803 Not tainted syzkaller #0 PREEMPT(full) 
[  325.955647][T12405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  325.955654][T12405] Call Trace:
[  325.955658][T12405]  <TASK>
[  325.955663][T12405]  dump_stack_lvl+0x116/0x1f0
[  325.955679][T12405]  print_report+0xcd/0x630
[  325.955693][T12405]  ? __virt_addr_valid+0x81/0x610
[  325.955706][T12405]  ? __phys_addr+0xe8/0x180
[  325.955718][T12405]  ? sysfs_remove_file_ns+0x63/0x70
[  325.955729][T12405]  kasan_report+0xe0/0x110
[  325.955742][T12405]  ? sysfs_remove_file_ns+0x63/0x70
[  325.955754][T12405]  sysfs_remove_file_ns+0x63/0x70
[  325.955764][T12405]  driver_remove_file+0x4a/0x60
[  325.955781][T12405]  bus_remove_driver+0x224/0x2c0
[  325.955794][T12405]  driver_unregister+0x76/0xb0
[  325.955809][T12405]  comedi_device_detach_locked+0x12c/0xa50
[  325.955825][T12405]  comedi_device_detach+0x67/0xb0
[  325.955839][T12405]  comedi_device_attach+0x43d/0x900
[  325.955853][T12405]  do_devconfig_ioctl+0x1b1/0x710
[  325.955863][T12405]  ? __mutex_lock+0x1c5/0x1060
[  325.955877][T12405]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  325.955889][T12405]  ? kasan_save_stack+0x42/0x60
[  325.955900][T12405]  ? kasan_save_stack+0x33/0x60
[  325.955911][T12405]  ? kasan_save_track+0x14/0x30
[  325.955922][T12405]  ? kasan_save_free_info+0x3b/0x60
[  325.955931][T12405]  ? __kasan_slab_free+0x60/0x70
[  325.955942][T12405]  ? kfree+0x2b4/0x4d0
[  325.955951][T12405]  ? tomoyo_path_number_perm+0x470/0x580
[  325.955965][T12405]  comedi_unlocked_ioctl+0x165d/0x2f00
[  325.955978][T12405]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  325.955993][T12405]  ? rcu_is_watching+0x12/0xc0
[  325.956004][T12405]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  325.956022][T12405]  ? tomoyo_path_number_perm+0x295/0x580
[  325.956033][T12405]  ? rcu_is_watching+0x12/0xc0
[  325.956043][T12405]  ? lock_release+0x201/0x2f0
[  325.956057][T12405]  ? tomoyo_path_number_perm+0x18d/0x580
[  325.956069][T12405]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  325.956082][T12405]  comedi_compat_ioctl+0x1d0/0x990
[  325.956094][T12405]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  325.956105][T12405]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  325.956120][T12405]  ? do_vfs_ioctl+0x128/0x14f0
[  325.956136][T12405]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  325.956152][T12405]  ? rcu_is_watching+0x12/0xc0
[  325.956162][T12405]  ? __fget_files+0x204/0x3c0
[  325.956177][T12405]  ? hook_file_ioctl_common+0x145/0x410
[  325.956191][T12405]  ? __fget_files+0x20e/0x3c0
[  325.956203][T12405]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  325.956214][T12405]  __ia32_compat_sys_ioctl+0x23f/0x370
[  325.956231][T12405]  __do_fast_syscall_32+0x7c/0x3a0
[  325.956245][T12405]  do_fast_syscall_32+0x32/0x80
[  325.956258][T12405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  325.956271][T12405] RIP: 0023:0xf70fe579
[  325.956280][T12405] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  325.956291][T12405] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  325.956301][T12405] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[  325.956308][T12405] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  325.956314][T12405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  325.956321][T12405] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  325.956327][T12405] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  325.956336][T12405]  </TASK>
[  325.956340][T12405] 
[  326.064375][T12405] Allocated by task 11733:
[  326.065798][T12405]  kasan_save_stack+0x33/0x60
[  326.067345][T12405]  kasan_save_track+0x14/0x30
[  326.068851][T12405]  __kasan_kmalloc+0xaa/0xb0
[  326.070341][T12405]  set_mm_walk+0x1f8/0x270
[  326.071773][T12405]  try_to_inc_max_seq+0xea/0xfa0
[  326.073355][T12405]  try_to_shrink_lruvec+0x735/0x9b0
[  326.075061][T12405]  shrink_one+0x3e3/0x7a0
[  326.076456][T12405]  shrink_node+0x26b5/0x3d50
[  326.077889][T12405]  do_try_to_free_pages+0x362/0x1920
[  326.079592][T12405]  try_to_free_pages+0x2a1/0x690
[  326.081171][T12405]  __alloc_frozen_pages_noprof+0x9fc/0x23f0
[  326.083069][T12405]  alloc_pages_mpol+0x1fb/0x550
[  326.084637][T12405]  alloc_pages_noprof+0x131/0x390
[  326.086272][T12405]  __vmalloc_node_range_noprof+0x72f/0x14b0
[  326.088116][T12405]  vmalloc_user_noprof+0x9e/0xe0
[  326.089696][T12405]  vb2_vmalloc_alloc+0x135/0x3f0
[  326.091292][T12405]  __vb2_queue_alloc+0x8c9/0x1280
[  326.092905][T12405]  vb2_core_reqbufs+0xa90/0xfe0
[  326.094468][T12405]  vb2_reqbufs+0x1a3/0x1f0
[  326.095902][T12405]  v4l2_m2m_ioctl_reqbufs+0xdc/0x1e0
[  326.097591][T12405]  v4l_reqbufs+0x152/0x1e0
[  326.099055][T12405]  __video_do_ioctl+0xb40/0xfc0
[  326.100619][T12405]  video_usercopy+0x47c/0x1440
[  326.102161][T12405]  v4l2_ioctl+0x1bd/0x250
[  326.103552][T12405]  v4l2_compat_ioctl32+0x217/0x2c0
[  326.105214][T12405]  __ia32_compat_sys_ioctl+0x23f/0x370
[  326.106962][T12405]  __do_fast_syscall_32+0x7c/0x3a0
[  326.108598][T12405]  do_fast_syscall_32+0x32/0x80
[  326.110155][T12405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  326.112160][T12405] 
[  326.112949][T12405] Freed by task 11733:
[  326.114376][T12405]  kasan_save_stack+0x33/0x60
[  326.115911][T12405]  kasan_save_track+0x14/0x30
[  326.117441][T12405]  kasan_save_free_info+0x3b/0x60
[  326.119147][T12405]  __kasan_slab_free+0x60/0x70
[  326.120703][T12405]  kfree+0x2b4/0x4d0
[  326.121978][T12405]  clear_mm_walk+0x162/0x1a0
[  326.123475][T12405]  shrink_node+0x309f/0x3d50
[  326.125017][T12405]  do_try_to_free_pages+0x362/0x1920
[  326.126727][T12405]  try_to_free_pages+0x2a1/0x690
[  326.128340][T12405]  __alloc_frozen_pages_noprof+0x9fc/0x23f0
[  326.130255][T12405]  alloc_pages_mpol+0x1fb/0x550
[  326.131824][T12405]  alloc_pages_noprof+0x131/0x390
[  326.133446][T12405]  __vmalloc_node_range_noprof+0x72f/0x14b0
[  326.135424][T12405]  vmalloc_user_noprof+0x9e/0xe0
[  326.137014][T12405]  vb2_vmalloc_alloc+0x135/0x3f0
[  326.138620][T12405]  __vb2_queue_alloc+0x8c9/0x1280
[  326.140235][T12405]  vb2_core_reqbufs+0xa90/0xfe0
[  326.141842][T12405]  vb2_reqbufs+0x1a3/0x1f0
[  326.143305][T12405]  v4l2_m2m_ioctl_reqbufs+0xdc/0x1e0
[  326.145008][T12405]  v4l_reqbufs+0x152/0x1e0
[  326.146454][T12405]  __video_do_ioctl+0xb40/0xfc0
[  326.148017][T12405]  video_usercopy+0x47c/0x1440
[  326.149556][T12405]  v4l2_ioctl+0x1bd/0x250
[  326.150961][T12405]  v4l2_compat_ioctl32+0x217/0x2c0
[  326.152600][T12405]  __ia32_compat_sys_ioctl+0x23f/0x370
[  326.154363][T12405]  __do_fast_syscall_32+0x7c/0x3a0
[  326.156027][T12405]  do_fast_syscall_32+0x32/0x80
[  326.157599][T12405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  326.159654][T12405] 
[  326.160437][T12405] The buggy address belongs to the object at ffff88804cd3b400
[  326.160437][T12405]  which belongs to the cache kmalloc-256 of size 256
[  326.164827][T12405] The buggy address is located 48 bytes inside of
[  326.164827][T12405]  freed 256-byte region [ffff88804cd3b400, ffff88804cd3b500)
[  326.169097][T12405] 
[  326.169887][T12405] The buggy address belongs to the physical page:
[  326.171958][T12405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804cd3b200 pfn:0x4cd3a
[  326.175181][T12405] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  326.177854][T12405] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[  326.180591][T12405] page_type: f5(slab)
[  326.181892][T12405] raw: 04fff00000000240 ffff88801b842b40 ffffea0001b3b590 ffffea0001468810
[  326.184621][T12405] raw: ffff88804cd3b200 0000000000100008 00000000f5000000 0000000000000000
[  326.187324][T12405] head: 04fff00000000240 ffff88801b842b40 ffffea0001b3b590 ffffea0001468810
[  326.190069][T12405] head: ffff88804cd3b200 0000000000100008 00000000f5000000 0000000000000000
[  326.192455][T12405] head: 04fff00000000001 ffffea0001334e81 00000000ffffffff 00000000ffffffff
[  326.195211][T12405] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  326.197956][T12405] page dumped because: kasan: bad access detected
[  326.199994][T12405] page_owner tracks the page as allocated
[  326.201807][T12405] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6235, tgid 6230 (syz.3.41), ts 56812051274, free_ts 51586752014
[  326.208348][T12405]  post_alloc_hook+0x1c0/0x230
[  326.209893][T12405]  get_page_from_freelist+0x132b/0x38e0
[  326.211663][T12405]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  326.213547][T12405]  alloc_pages_mpol+0x1fb/0x550
[  326.215156][T12405]  new_slab+0x247/0x330
[  326.216495][T12405]  ___slab_alloc+0xcf2/0x1740
[  326.218050][T12405]  __slab_alloc.constprop.0+0x56/0xb0
[  326.219770][T12405]  __kmalloc_noprof+0x2f2/0x510
[  326.221322][T12405]  iter_file_splice_write+0x1cc/0x12e0
[  326.223093][T12405]  backing_file_splice_write+0x27c/0x890
[  326.224895][T12405]  ovl_splice_write+0x38d/0x6c0
[  326.226459][T12405]  direct_splice_actor+0x192/0x6c0
[  326.228097][T12405]  splice_direct_to_actor+0x345/0xa30
[  326.229802][T12405]  do_splice_direct+0x174/0x240
[  326.231361][T12405]  do_sendfile+0xb06/0xe50
[  326.232794][T12405]  __ia32_compat_sys_sendfile+0x162/0x220
[  326.234615][T12405] page last free pid 33 tgid 33 stack trace:
[  326.236526][T12405]  __free_frozen_pages+0x7d5/0x10f0
[  326.238217][T12405]  rcu_core+0x799/0x1530
[  326.239579][T12405]  handle_softirqs+0x219/0x8e0
[  326.241120][T12405]  run_ksoftirqd+0x3a/0x60
[  326.242560][T12405]  smpboot_thread_fn+0x3f7/0xae0
[  326.244162][T12405]  kthread+0x3c5/0x780
[  326.245480][T12405]  ret_from_fork+0x5d4/0x6f0
[  326.247004][T12405]  ret_from_fork_asm+0x1a/0x30
[  326.248539][T12405] 
[  326.249316][T12405] Memory state around the buggy address:
[  326.251110][T12405]  ffff88804cd3b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  326.253642][T12405]  ffff88804cd3b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  326.256201][T12405] >ffff88804cd3b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  326.258739][T12405]                                      ^
[  326.260517][T12405]  ffff88804cd3b480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  326.263049][T12405]  ffff88804cd3b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  326.265595][T12405] ==================================================================
[  326.268503][ T6060] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  326.272978][T12405] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  326.275337][T12405] CPU: 1 UID: 0 PID: 12405 Comm: syz.2.1803 Not tainted syzkaller #0 PREEMPT(full) 
[  326.278271][T12405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  326.281664][T12405] Call Trace:
[  326.282787][T12405]  <TASK>
[  326.283753][T12405]  dump_stack_lvl+0x3d/0x1f0
[  326.285278][T12405]  vpanic+0x6e8/0x7a0
[  326.286597][T12405]  ? __pfx_vpanic+0x10/0x10
[  326.288093][T12405]  ? __pfx_vprintk_emit+0x10/0x10
[  326.289747][T12405]  ? sysfs_remove_file_ns+0x63/0x70
[  326.291443][T12405]  panic+0xca/0xd0
[  326.292665][T12405]  ? __pfx_panic+0x10/0x10
[  326.294153][T12405]  ? sysfs_remove_file_ns+0x63/0x70
[  326.295828][T12405]  ? preempt_schedule_common+0x44/0xc0
[  326.297581][T12405]  ? preempt_schedule_thunk+0x16/0x30
[  326.299308][T12405]  ? check_panic_on_warn+0x1f/0xb0
[  326.300960][T12405]  check_panic_on_warn+0xab/0xb0
[  326.302570][T12405]  end_report+0x107/0x170
[  326.303995][T12405]  kasan_report+0xee/0x110
[  326.305566][T12405]  ? sysfs_remove_file_ns+0x63/0x70
[  326.307249][T12405]  sysfs_remove_file_ns+0x63/0x70
[  326.308870][T12405]  driver_remove_file+0x4a/0x60
[  326.310460][T12405]  bus_remove_driver+0x224/0x2c0
[  326.312051][T12405]  driver_unregister+0x76/0xb0
[  326.313610][T12405]  comedi_device_detach_locked+0x12c/0xa50
[  326.315513][T12405]  comedi_device_detach+0x67/0xb0
[  326.317115][T12405]  comedi_device_attach+0x43d/0x900
[  326.318805][T12405]  do_devconfig_ioctl+0x1b1/0x710
[  326.320413][T12405]  ? __mutex_lock+0x1c5/0x1060
[  326.321955][T12405]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  326.323781][T12405]  ? kasan_save_stack+0x42/0x60
[  326.325392][T12405]  ? kasan_save_stack+0x33/0x60
[  326.326971][T12405]  ? kasan_save_track+0x14/0x30
[  326.328532][T12405]  ? kasan_save_free_info+0x3b/0x60
[  326.330195][T12405]  ? __kasan_slab_free+0x60/0x70
[  326.331796][T12405]  ? kfree+0x2b4/0x4d0
[  326.333101][T12405]  ? tomoyo_path_number_perm+0x470/0x580
[  326.335019][T12405]  comedi_unlocked_ioctl+0x165d/0x2f00
[  326.336776][T12405]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  326.338660][T12405]  ? rcu_is_watching+0x12/0xc0
[  326.340203][T12405]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  326.342151][T12405]  ? tomoyo_path_number_perm+0x295/0x580
[  326.343961][T12405]  ? rcu_is_watching+0x12/0xc0
[  326.345502][T12405]  ? lock_release+0x201/0x2f0
[  326.347026][T12405]  ? tomoyo_path_number_perm+0x18d/0x580
[  326.348811][T12405]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  326.350723][T12405]  comedi_compat_ioctl+0x1d0/0x990
[  326.352357][T12405]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  326.354174][T12405]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  326.356062][T12405]  ? do_vfs_ioctl+0x128/0x14f0
[  326.357624][T12405]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  326.359261][T12405]  ? rcu_is_watching+0x12/0xc0
[  326.360786][T12405]  ? __fget_files+0x204/0x3c0
[  326.362301][T12405]  ? hook_file_ioctl_common+0x145/0x410
[  326.364068][T12405]  ? __fget_files+0x20e/0x3c0
[  326.365576][T12405]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  326.367615][T12405]  __ia32_compat_sys_ioctl+0x23f/0x370
[  326.369797][T12405]  __do_fast_syscall_32+0x7c/0x3a0
[  326.371463][T12405]  do_fast_syscall_32+0x32/0x80
[  326.373016][T12405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  326.375067][T12405] RIP: 0023:0xf70fe579
[  326.376381][T12405] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  326.382493][T12405] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  326.385120][T12405] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[  326.387626][T12405] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  326.390166][T12405] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  326.392664][T12405] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  326.395224][T12405] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  326.397726][T12405]  </TASK>
[  326.399500][T12405] Kernel Offset: disabled
[  326.400892][T12405] Rebooting in 86400 seconds..

VM DIAGNOSIS:
22:53:59  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffffff8e5c1060 RCX=0000000000000002 RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff8e5c1060 RBP=0000000000000002 RSP=ffffc900006cf0b8
R8 =0000000000000000 R9 =0000000000000000 R10=ffffc900006cf1a0 R11=00000000000112ca
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff819760ae RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f74b6288 CR3=000000005fe13000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85616c45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc9000603f178
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3430383838666666
R12=0000000000000000 R13=0000000000000033 R14=ffffffff9b0f8640 R15=ffffffff85616be0
RIP=ffffffff85616c6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880975c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000571314c0 CR3=000000005fe13000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000022 RCX=ffffffff84e90956 RDX=ffff888023328000
RSI=ffffffff84e90c36 RDI=0000000000000001 RBP=ffffc90002c7f320 RSP=ffffc90002c7f1e0
R8 =0000000000000001 R9 =0000000000000040 R10=0000000000000020 R11=0000000000000012
R12=1ffff9200058fe46 R13=0000000000000020 R14=0000000000000000 R15=ffffffff8c1656a0
RIP=ffffffff81bb0de8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc35d985300 ffffffff 00c00000
GS =0000 ffff8880976c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000564726d25000 CR3=000000004be61000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000002c00000012 0004000000080024 0000000000280030
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000713 0000001000000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 706e69752f766564 2f01ffffffffffff ffffe7080d80030c 0000086400000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fffffffffffedf08 0790030480820400 078c0307fffa0400 0788030004000784
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300040007800320 80020881e2d48808 0001000000080606 0128b61080808082
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080020b003060800 20a80306080020a0 0301e08e08002098 0300080020900302
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800208803000400 2080030004002084 08000d800201c708 0008004b96007475
ZMM24=5348cc455348cc45 5348cc455348cc45 5348cc455348cc45 5348cc455348cc45 5348cc455348cc45 5348cc455348cc45 5348cc455348cc45 5348cc455348cc45
ZMM25=5f38e83d5f38e83d 5f38e83d5f38e83d 5f38e83d5f38e83d 5f38e83d5f38e83d 5f38e83d5f38e83d 5f38e83d5f38e83d 5f38e83d5f38e83d 5f38e83d5f38e83d
ZMM26=46beea4346beea43 46beea4346beea43 46beea4346beea43 46beea4346beea43 46beea4346beea43 46beea4346beea43 46beea4346beea43 46beea4346beea43
ZMM27=8b3694ae8b3694ae 8b3694ae8b3694ae 8b3694ae8b3694ae 8b3694ae8b3694ae 8b3694ae8b3694ae 8b3694ae8b3694ae 8b3694ae8b3694ae 8b3694ae8b3694ae
ZMM28=000001300000012f 0000012e0000012d 0000012c0000012b 0000012a00000129 0000012800000127 0000012600000125 0000012400000123 0000012200000121
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=c7120000c7120000 c7120000c7120000 c7120000c7120000 c7120000c7120000 c7120000c7120000 c7120000c7120000 c7120000c7120000 c7120000c7120000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff8880248e8a10 RCX=ffffffff8197aa7c RDX=0000000000000001
RSI=0000000000000004 RDI=ffffc900034af960 RBP=1ffff92000695f28 RSP=ffffc900034af938
R8 =0000000000000001 R9 =fffff52000695f2c R10=0000000000000003 R11=0000000000000003
R12=ffff8880248e8a18 R13=ffff8880248e8a20 R14=ffff8880248e8000 R15=0000000000000000
RIP=ffffffff8197aa8d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080072000 CR3=00000000282be000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000