last executing test programs:

3m34.102291364s ago: executing program 3 (id=132):
prctl$PR_SCHED_CORE(0x3e, 0x9, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x2, 0x0)
syz_usbip_server_init(0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x101093, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, 0x0, 0xffffffffffffff9c, &(0x7f00000001c0)='./file0/../file0\x00', 0x104)
r3 = open(0x0, 0x14927e, 0x0)
write(r3, 0x0, 0x0)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x3f73, 0x100, 0x0, 0x1a}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000600)=<r6=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0xffffffffffffff3a, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r7, 0x0, 0x0, 0x0, 0x262, 0x1, {0x1}})
io_uring_enter(r4, 0x3516, 0xf400, 0x0, 0x0, 0x0)

3m32.745770189s ago: executing program 3 (id=144):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r3=>0x0})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f00000006c0)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', r3}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r4, r2, 0x37, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x700000000000}}, 0x40)

3m32.565455794s ago: executing program 3 (id=145):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x0, {0x0, 0x1}, 0xff}, 0x18) (async, rerun: 64)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 64)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x5c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='attr/current\x00') (async)
exit(0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$P9_RLCREATE(r4, 0x0, 0x0) (async)
sendmsg$can_j1939(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0x18, 0x2d, 0x1, 0x70bd2d, 0x25dfdbfc, {0x14}, [@nested={0x4, 0x12}]}, 0x18}, 0x1, 0x700}, 0x8004)

3m31.683718596s ago: executing program 3 (id=154):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb101e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000300)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xf6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000380)={0x50, 0x0, 0x0, {0x7, 0x27, 0x4000, 0x801001a, 0x66d, 0xfffe, 0x0, 0xa075, 0x0, 0x0, 0x40}}, 0x50)

3m31.62441725s ago: executing program 3 (id=156):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async, rerun: 32)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x8, &(0x7f0000000040)=[{0xfff7, 0xb, 0x45, 0x80000000}, {0x4, 0x7f, 0xfe, 0x3}, {0x1, 0x5, 0x8, 0x7}, {0xb8d, 0x0, 0x80, 0x3}, {0x0, 0xe2, 0xff}, {0x0, 0x41, 0x6d, 0x80000000}, {0x9, 0xa, 0x4, 0x79c}, {0x3, 0x3, 0x1, 0xe1a00}]}) (rerun: 32)
r0 = openat$tun(0xffffff9c, &(0x7f0000000100), 0x111002, 0x0)
ioctl$TUNATTACHFILTER(r0, 0x400854d5, &(0x7f0000000180)={0x3, &(0x7f0000000140)=[{0x4, 0x2, 0x7f, 0x9f}, {0x2, 0x40, 0x95, 0x7ff}, {0x2, 0x6, 0x5e, 0x9}]}) (async)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (async)
rt_sigaction(0x19, &(0x7f0000000000)={0xffffffffffffffff, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))

3m31.401435834s ago: executing program 3 (id=160):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x418000)
r1 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r3, 0x6)
accept4$inet6(r3, 0x0, 0x0, 0x0)
write$char_usb(r2, 0x0, 0x0)
syz_usb_disconnect(r1)
syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[], 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r6 = userfaultfd(0x800)
ioctl$UFFDIO_WAKE(r6, 0x8010aa02, &(0x7f0000000280)={&(0x7f000047f000/0x3000)=nil, 0x3000})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x2c020400)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000240)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0xffffffffffffffff, 0x3400, 0x1})
io_uring_enter(r7, 0x351e, 0x483, 0x0, 0x0, 0x0)

3m31.183588734s ago: executing program 32 (id=160):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x418000)
r1 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r3, 0x6)
accept4$inet6(r3, 0x0, 0x0, 0x0)
write$char_usb(r2, 0x0, 0x0)
syz_usb_disconnect(r1)
syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[], 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r6 = userfaultfd(0x800)
ioctl$UFFDIO_WAKE(r6, 0x8010aa02, &(0x7f0000000280)={&(0x7f000047f000/0x3000)=nil, 0x3000})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x2c020400)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000240)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0xffffffffffffffff, 0x3400, 0x1})
io_uring_enter(r7, 0x351e, 0x483, 0x0, 0x0, 0x0)

2m50.006643196s ago: executing program 0 (id=694):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x64, 0x0, 0x0, 0x804c040}, 0x0)
r1 = dup(r0)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000040)={0x7, 0x4, 0x101, 0x2d98}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r1, &(0x7f0000000440)={0x6, 0x118, 0xfa00, {{0x9, 0x5, "28593908b49bfbb56a401accf5674f1920e2ab18a13d60c061a7c5b628a64ad58f05a9b2a2c152ac1b0c9767f346e5b0881ef29963cb1f126ca1f6db56f6ebc493811df630550487dcac5197ec352b748bc45e088d8fc4f28b5e8c282ec89c7d828b598e3eff38bd8643d6ddcb067c0d7a9ae954a4238a1756506d1dce2654ea5472ec14824553d91fc27c6fe3ae74e292332abfc61a5ee436b4df8ccdb82ddf16f1cc9a52a0a8f5e9d5a396a3f593c2f69e1b662ca1d036669f1d525a30149cab26ac598ed22fcd1a10c1b4f1f6e4c56c82c06d19ae1a736e32b8791f2e20f139d191c712a1605edfa12b7be95ce1405d8fb3772604b486fa744d7efcdd934e", 0x4, 0x8, 0xf5, 0x7, 0x80, 0x7, 0x4, 0x1}}}, 0x120)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000240)={0x0, 0x2}, 0x8)

2m49.165410769s ago: executing program 0 (id=717):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0xd)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x100000, 0xfa)
fcntl$notify(r1, 0x402, 0x5)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
fcntl$notify(r2, 0x402, 0x8000000a)
close(r2)

2m49.16249645s ago: executing program 0 (id=719):
r0 = syz_clone(0x42400, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @tid=r0}, &(0x7f0000000300))
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x4373, 0x5})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
getgid()
r1 = syz_open_procfs(0x0, &(0x7f0000000280)='smaps_rollup\x00')
unshare(0x26020400)
recvmsg$unix(r1, 0x0, 0x0)

2m49.085566953s ago: executing program 0 (id=721):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2145499, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0x0)

2m49.035736123s ago: executing program 0 (id=722):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r2, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @timestamp, @timestamp, @mss={0x2, 0xfff}, @timestamp, @sack_perm, @mss={0x2, 0x3ff}, @sack_perm], 0x8)

2m48.895221788s ago: executing program 0 (id=725):
r0 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000900)=@mangle={'mangle\x00', 0x44, 0x6, 0x450, 0x320, 0x168, 0x228, 0x168, 0x320, 0x3b8, 0x3b8, 0x3b8, 0x3b8, 0x3b8, 0x6, 0x0, {[{{@uncond, 0x7a00, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x20, 0x1, 0x1}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0xff, 'lo\x00', 'nicvf0\x00', {}, {}, 0x8}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@ah={{0x30}, {[0x3ff, 0x2]}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty, 0x4e22}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@remote, @remote, 0x0, 0xffffffff, 'syzkaller0\x00', 'wg0\x00', {}, {}, 0x89, 0x0, 0x75}, 0x0, 0x98, 0xf8, 0x0, {}, [@common=@ttl={{0x28}, {0x1, 0x4}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x3, [0x0, 0x4, 0x2, 0x1, 0x6, 0x5], 0x5}, {0xffffffffffffffff, [0x7, 0x3, 0x6, 0x4, 0x6, 0x3], 0x1, 0x2}}}}, {{@ip={@empty, @empty, 0xffffffff, 0x0, 'vlan1\x00', 'batadv_slave_1\x00', {}, {}, 0x4, 0x0, 0x18}, 0x0, 0x70, 0x98}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x4, 0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4b0)

2m48.849302137s ago: executing program 33 (id=725):
r0 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000900)=@mangle={'mangle\x00', 0x44, 0x6, 0x450, 0x320, 0x168, 0x228, 0x168, 0x320, 0x3b8, 0x3b8, 0x3b8, 0x3b8, 0x3b8, 0x6, 0x0, {[{{@uncond, 0x7a00, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x20, 0x1, 0x1}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0xff, 'lo\x00', 'nicvf0\x00', {}, {}, 0x8}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@ah={{0x30}, {[0x3ff, 0x2]}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty, 0x4e22}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@remote, @remote, 0x0, 0xffffffff, 'syzkaller0\x00', 'wg0\x00', {}, {}, 0x89, 0x0, 0x75}, 0x0, 0x98, 0xf8, 0x0, {}, [@common=@ttl={{0x28}, {0x1, 0x4}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x3, [0x0, 0x4, 0x2, 0x1, 0x6, 0x5], 0x5}, {0xffffffffffffffff, [0x7, 0x3, 0x6, 0x4, 0x6, 0x3], 0x1, 0x2}}}}, {{@ip={@empty, @empty, 0xffffffff, 0x0, 'vlan1\x00', 'batadv_slave_1\x00', {}, {}, 0x4, 0x0, 0x18}, 0x0, 0x70, 0x98}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x4, 0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4b0)

8.105399175s ago: executing program 5 (id=2872):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
epoll_create(0xc)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(r1, 0x4104aec6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
eventfd(0xfffffff9)
eventfd2(0x9, 0x80000)
socket$kcm(0x10, 0x2, 0x4)
r2 = syz_io_uring_setup(0x19f2, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x8000000}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, 0x24}, 0x94)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000180)=ANY=[@ANYRES64=r5], 0x118)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000040)=@arm64={0x9, 0xe, 0x5, '\x00', 0x79})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r6, 0x0})
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

7.958179803s ago: executing program 5 (id=2876):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0xffffffffffffff9b, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffef, 0xffff}, {0x0, 0x1a}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x80000002, 0x0, 0xfffffffe}}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0x0, 0x5}}]}}}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20004801}, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r3)
close(r3)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_CREATE(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1a7ab56e", @ANYRES16=r4, @ANYBLOB="000426bd7000fddbdf250500000008001900e0000001"], 0x1c}}, 0x4000)
r5 = dup(0xffffffffffffffff)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r3)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r5, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="00042abd7000fcdbdf2508000000040001802c000180060005004e210000060001000200000006000100022eadf911de099c1b72000000060005004e22000005000200070000"], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
read$usbfs(r5, &(0x7f0000000080)=""/103, 0x67)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r7, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
syz_emit_ethernet(0x2ab, &(0x7f0000000800)={@multicast, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x29d, 0x0, 0x0, 0x0, 0x2f, 0x0, @private=0xe0, @local}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0xffff]}, {0x0, 0x0, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [], "96e3497b214454b1b89a5b851e3ed89bf96095c28dd098499e24ffae0363c19f1000b1caf991c62a48b990b21a00bdec143d10100caabdb941c053103ae8873d1ad67f29cf8a3d7e9cfec67b4ced296b9f1e8f23002c9094d42d5e75a58d0d184c8a4c924951c4b98ca125f99963c14050f5e5d239059c5df85f6f38d3b88d0b24875869fb7c9563efbe889dec745d31197739e63005bab689c42249211025edac6741b72efba099ae8fd2988bf83654d65cd52fcc557902d8f300143ba98271a01e28d0ed67f679b223d66d2683ba7bc9c85a32e978a7959f638a432b32667ef810fd3ac1682c7165bd25dd9a9d221ea38965ef9861771b72714bf6f2645b1af06eaca0990a1ecb61bae47ac65cc2ed0fe2657fba271cbd53c4cca2f7d8cbe2a8529275d6a4189ea14df04778c3e30e5d259157fcc5c96878e5d351c723aced413d576d940cb06591428b8952bc7bdab90419b707528653baa936dee79b7ce3008017df5362e1521150fd8ed54b67f210becd7ad203a108773c5d9316c66db2c41d3c59271b668d6e6ccb7a309cb595f4fdeb600d2f85d741688059e76e02df31b36782fd1652940ea9d44ba98a63ab0d72d849b2674663dea83b3ccdb2e5a47486534f13fb24072bab9ea106b93a7264b3d6d08c747f09a8cc67da7e08a0461287b8d204e2e316fa9c5d284d55d3b779ac62ad361718405994484ca27f183e53d596dadcd16bcd4cffbd8c87cdff7a3e945443b3a65337b2ed619f1b425ff63ec7a864bd30e384662bf9c32f810f548fde7ed8014e620f2df4da3fbbe2cc740274d9"}, {0x8, 0x88be, 0x0, {{}, 0xfffff788}}}}}}}, 0x0)
r8 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)

7.955415993s ago: executing program 5 (id=2877):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x3, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="7a0a00ff00000000711043000000000095"], &(0x7f0000000480)='syzkaller\x00'}, 0x94)

7.863535018s ago: executing program 5 (id=2878):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
close_range(r1, r5, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$netlink(r4, 0x0, 0x0)

6.452181014s ago: executing program 5 (id=2893):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1813c1, 0x0)
fchown(r2, 0xee01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r0}, './file0\x00'})
mkdirat(r3, &(0x7f00000000c0)='./file0\x00', 0xb1)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000001c0)={&(0x7f0000000180)=[{0x2005, 0x10001, 0x1, &(0x7f0000000200)='`'}, {0x207, 0xf4f5, 0x0, 0x0}], 0x2})
socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$I2C_FUNCS(0xffffffffffffffff, 0x705, &(0x7f0000000100))
r4 = syz_socket_connect_nvme_tcp()
listen(r4, 0x2)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

6.232562404s ago: executing program 5 (id=2897):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32)
socket$packet(0x11, 0xa, 0x300) (rerun: 32)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20040051}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}, 0x1, 0x0, 0x0, 0x40050}, 0x0) (async, rerun: 32)
syz_emit_ethernet(0x3a, &(0x7f0000000080)={@empty, @random="6a2ddcf6177a", @val={@void, {0x8100, 0x1, 0x1, 0x1}}, {@ipv4={0x8864, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x57, 0x0, 0x6, 0x0, @empty, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x5}}}}}}, 0x0) (async, rerun: 32)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)}) (async)
creat(&(0x7f00000000c0)='./file0\x00', 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000003040)={0x8, {"488085fddf7e1378d3ad4adb6e165913c1f7ae15c9b4ed75d7413838ff0d9381cead5adbe8228d9ba29fe815a6f64afca949ca64011b9d8c93b4272d6428962fe017b1cb68796b7b800b25eb3013496be2e3e973309e6842f2df0e5309a233d16ced2bc26cd6f7db616268621fe160c1644afc707a535571e0a936469f5dd6d60c6962109cd8de336fc0938bcd412788f01c1d84e33d5eaa3e140944ddefde0366395044cf0f095786b3f1fd27c0eaf2d0df657acf52c9220297bc28779a85ac06d4f14c31cbfced5519b61ddf599c08c7f10e385e4a6637e44ce117631e6d561c5118ad8e21bba948e572e54c67516e0f2a504f05f23e00d9b04160dac7e52d6caacf617d94e200e9c97771d56fe7b2ad6b69247904463f36b11e74b41ea9e63e77ded5af1406fe0f01f2350e756fd41c94f9dee22f611720853d7f8fd755903f1c3e044bd704bd4255c570cc0c82cacec7b9b7720cd6d5b2cd96e583ff1ddb0ad39155daa2f29a4f61298b44ea802bbac9b1f552cf0279f52ff200178468b94b293f7052817d89adb9130a3eaec5ceeeb386a31a7d9807f069ad07e3488e99a0b7f7f92fc2a63226175432a93ae4dc820e702d21bdec10a773c7b3de3f0ec4b5f8af60a159aaa4231ed4e79883acf5d2eed3a0fd3445d46d7fbbd47f2c610d96d6435293b103db15b8e7383e63e9d672410f5248183d4e608e7aee4d9dbfd040fb3fae39faec3cc0f5410d0d479bc1b7addd255ba502a52fa858eb6574530fd16c01e1138b19258e1c40b9a29a8672f418159f663bc8fe634e3a0d23dde1ced471cfb1decc1a9464667771b795229b1906651e9e5e4402c7e75182b1432acb4b54c499358585aa83fca804fbdd12dfd3b9e95b0ac718cadb879a2898d86c4ed914a59918df6ba519de4599f662811202158e418cef0d103ed4e77833d4dea6e59f7fef1c86f818121655dd1b2cb3717c892a289797049911356b5dd5dc0c50caadd0dd0318994d730fd6e6953e01730fb2682ab3f7ca8b4d596574456f59b95f34ff6f79db68b495010b8816a7b55229b35a2790f25c42ef1efcc5271c66500fc285de61516fc401518ba1ae388f90b0a5760e01031ceed37d1eb8a792f4a196a9fa0ff1579358bfe5c63744027d1a01e0a4602c79c2fe727034a4d810f0a2c30dc5a4c122e510e4d6348774754bf1f924c1d5a31dccf345a6c752389cc38e46e968e3b2815e2ecc3e5827f198f5d836b5783e9d7cc5bc5ba1715d23a4c35157b28e997010c627cbcebda89d08ac88e3d2f387c87af78b2a565dd5704bf3c12e4019d91890ad4f660345b384b59fad6d9f56f1fcf35babe5a9fbd8dd3908be450edf05ca8a3154fb3ac1af485508c61a7ba322ac06928e7d660fee6bfef74c9c4f22bbab318077446163a3230a3d486ce6d71aed12e2581e4208eed1a540560921ac89e9372482594351a5ff0cf9e95e80f0a69c4d621638c9056ae0bdfc44895f061767aba8400da865b73b5488c690694af744372c00d87bba4664a60f13f1453337113055d7b659a87208c1e663e4d35f0ebcfe70459f5ec5812434468cec38d3fbcf90598de986b3d49ad45e7b3b230fc389b5278ed6242abe9c44a8c74438968cc9b7a253d89c5b14f7a917b86a6d51f5d5380f2a7606dbe1867fd781fab284d153e20f5bf1a2c8156b93e60dc8945eb8385d937537b785f6f6af81ea0131398c77819ddea78eadf6b6f019db772e69e9cde3540ddc95625987b4a4e1dbbf15bc0217abac6cc3ff0650ed11fa612b90afaab842be4c2bd9967702b023e8ecd5f4a0e62af56f7320241a8516bcdf344a4421eed035b8c5a126820c5dc3962f5df4bf369bd6260eb09aa8e1310bf6f28aba0e3236f699721daa26950de7fa8fd8c3d2adebc101e304d0ed1af839c74b6cc42a6d7244f6b31ed08f6f12f62569b2c0602cc371962bff74b9b3c5f6326247d4ffec7f2d0a073e5a678e76f4243533001b1c0de6739c5c6ec0195fa9a8e898c2068bb614c40c403324e84cdbc530121217ba49f300aa8d5056d170d0a6bc8827ee20d55401b9f401b12e212cf630781139978b5fb38fdf768fec87b79f7a70d6083c3df98019ebd09b7941708e06c8d9fa930a1fdb993e0061343c87b4cf47dd36f9a3d603ca986f5144af403b7b04a93f5808a8c192df5e4c17af1ec23eddd1e7fc91109e6a4cfe5e23435bcabf3915ce5242cb6f7974e97c8ad3773e3a510afa52c4193c36fd1b99a02ece5b19ad35eb8fa97b57fd1641b463de79cdd2aac5d5b4060a040ad1d5752d70015b74d556fb4ef0cc8747591edc8858707616104f0ec342fb3a9b95df31b6f84e56387aae80a72d8dd670be7aaeef54065d6e2d7837481ce5622ee3c115d02d50efdb20aaf25b636d6d6c7e49f50a4b30ae243ecf1187ffe851c52bb1849c5e5c0979b758b747aebfdab58d8fd60faa5d5005f401c661256183dd4e7cba38b4ccf03506398eab901595dc2de27ab231abdddffc9d120abd8025b77ac47f39b6373a38a09bc045559578ccdf0402385177d499333d06d2cd3f604689d50dcd01b04ffbcb545385da389e4b6102ee77febb8a34a906f822601e61d2d3fc9e206caf3753f65422a5ff31dc3b3c4d09aa9a90f9ebc858ee2e4df6a730948e436586c665a3c64aab00aa757d252eec5b8bea5035a5b9f644cb84a991286edc2a394cef9fd40ad085aa99680aea363dc163c2ef40e0f289e0b79dc600f31ae510bbd74f963632ff25230a1ec866fed0db0d0af59c5b9f4a18659f5a218c3d0db80700719a61e59efbd5f996145139e5654a9290bf504eb7453775b8c6190ff51d4c04ce9384060f1dd34799fee04c0f951ae15cb589f80dc544c05421d60f51cbc78df7dceff213575bfebe2bb307d196ef0a5cf3c2608fbb969a574e6dce9132246447a84cab6dd4923281cf40bc19c29585a02bc0d2d491907e5b528a1cfc7b2fe88dc2520ea49903423cb7a0d23530daa7217e7f312d4ec67c02fc74ab8d91b8ead50bfe9508b0f7d70e88868ee1a5f38349054374ae463d1148e0ca238c0f9fe7b40f6fba87498697f3220612ea66feb18a29f1df04234ac3d69e0706d0deef321d09ee16de188a32f4c41635cf48ee35a42140fc08b42c2e0e289a3c73fd4b0e656a72b29b99093127a17aaa199610787787abb0f4613dd03332a9306b9b5e98e9c839ffce5e72c44b288593bee47253613dc0fc3e583ab9aac7e1a161dfc36bd038d533eb6829b22dc1a01f055c16f83c1b1abe049b5744508456658c6df44c13d6ab1a18d76a55740cdcfca4a1dd81b54d9c4e71cef9f4b55f1ebc7751766175d631f9607f22a613377f6d96afaddbc66cbeef20ae578468f33265516ee711e2591e1af272a35bf5cedc78aec6e330bf6f3f3b9cdb7d373754125c9caea6a4d344d098c7332175b09441cc11040e5b71e9b975b2aaaaa5f8c5f502b00ad3ade9de204602aa227c9f11da55107b79802c09d246050c6580d92559a47935cfb59b47e88aa8095ea1ac34578697ffe89c440a2369f6661db2c24f1056d553e200184b927b359efba5db1e69e7f2cf5e4dd9c9bbc3e085fc38c43f436aa47abcc1e9986fc0226262588110c5b27c6fe9b8072cd8204c500883d3b9feaed80d5d87929d01b9bad995ed58a1be3ccad600840c6424625f4f4c221c8e1cd11af1a5ac153954ac6b441692f296ac2d529233d317fecf3fbfa53f77c8ea47d1385e3ca4b8b55fd2467cac15af1bfa04fb41784305a4b9aed6880cfba9629d6dabd22b2bd90c1aad0f2e0dff0777112b1e313447cf9417a52a58b17cc73ab03d4841ec9b1dc3f75d0fb5ece65c99982b338bb2f42b68104d94c826247814bd68e7c9664e8b2a9fdaf7fde4730960b43a496cb818badfbc97d1e51aa7817657e49536e69cacb3c4abb27dfe10d5c962fabdd3056d290a2b969e7f61d144e22539c5e2027b57c8e099db6ab8f0fdda7412b393af60e3299478744e9071801c4c39b0c87d4f237ade73b955812f254e641844e985d40f3e4df51bf7a9c81f02d22ad8296fe94d4664f3c0d113974ba222dab68c4407e9d5359205a5fec059d4370e0d15fd040ced32baa7e8586d38680a4c2e4e5679c0d374636e9dc0fd9a06808671f08e8c19b0bed18540de8107855f410f8954e078755a8c7b0822c25e2534887c9593aa1e008e78244cfec5b347a847ecf61cb207dcb2170b663a54d98ffeea991a9d944e4a8302bf37231bf3558c6b2fcaf925becb663bb574341bc81bbc50e9f0108c5d8a7783caf25bcb3bc24368e8a4915785652877555d22f7d6cbcb12049180ee4c49502d41c0fb00e31f3835b53e622e85290ee5a641eb9215567fed4782484ba8ccb43d81d3ef3ca5d8a2e3389864c15946e3d5dad607447f35a5396c27e99e20a1b98393169d85e788e9c4f9367649b308094479bc0ad8d68f0dc655724e2d9f599557f567fe7fd11f87b37df7ce0530e40d7e0ab06c2b273716e2598bd6e816c18c2e3c038b199e58424a5d72759af13e121e21d263fa0f24577a32b4356919cc22c5d1929b15590a53861aaf68aaa9ed404d1e64c3c6b0fa19e0a5299bd46867aff993b87ce96fd493fa2b125ea23907f9598acc33cd7e90c2383d5af5d232d979766ac2743c93d947db811d38df20742fa1db7c6f2306ec008ca9d53faf1a7cc2372d42437f906ef6ff9db785ac575c97e4f568e57414a0881ffe1b8dee59240305e28ab5f4f2c990c959009b022a656386229c7a71b3fcbc381a1f3511751ef19653d8e7dd0de12f630c719413a84b385802f5e8e2680cc2afa7fbb1cd1193a1e5af32ad07b24ba1c05904d3325634d10aa685d97f9c1d58377cfa46f17f0f57c7d48ce0917a8b4f5bccdf60e52764b7a826e6ccab1b70821a74cc5cc2e15532d3ef346aaf9c31fe0e0776bb1e3f4f5f276bcf53f5ea9018609b18b47497dba8e73676d2fc2fba47472ffba25ba7ddca1e9754b516eff05a05eaba9e7752f8d97f99684e3a53ded2d2c1913a6e488c65f57f8d85d261c762c37015c756e0aeed54edda41236bae33ed83c688478bcd94ce9e67971c0f8e588f1a3a4cd3f7da5e571c1984d9c9a10bb7eaf8414cbabf5fb97a17a67d10ae1a7ab96a8df88da1e82e797e67b534f765a5dcac76bb769d9547f375cfbea8d9f434f48d60e05df8797919fef5cb01a04177ed092a37f71f7948279bc4c35e3239e943a1507cff0b7152dd95c27e573e0191cfe1bc9f3862e5329ddcd160c61fc5bb82b57d8086e1e74abfc36bb43404357c50eb150fcaea9aac90fa0c413ea9f8538055a45b77d5a7548f6a4f2414714495576a1de459a55ab298a2a2fa33459da0d205e4b91d340c0721226e546f323bb878605590b66516fa51fd635e5eaa580486f6fb543b6b5236871aa3dedcb44e7d73d9bf704420fc0bb9b1a0f21e848ed9161e9bf1ae3bc628861b5007f0a38884a178dc85dbf034e9234fe603698cda4811dfcb73253335ca7cee533957578a9b97f149ae6dbd43c4aae8a16da135830f7a1c5b913838d5c28936f45f2d9ed991ec7a3ab83df4dd6fe2ff720a6b8abf40927bf8835bfa25effb92eadea47ae1629193ee5707767b13771cb105f231be2af8380a85b9de42f682d22d17c926ccbe39ea3fa7a5d3c0f6b3dc7802b927a36cd04ade3e02bf8ce06a52585388fb8f49df4dda68e9eb426da9c0909d5b9cf4b16c2e3f78331c8683a1698033ea0b1ed4dd33edeecd89c4f14caf84d52336e500", 0x1000}}, 0xd31)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r2, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r2, 0x5001, 0x0) (async, rerun: 32)
r3 = gettid() (async, rerun: 32)
r4 = syz_open_procfs(0x0, &(0x7f0000000780)='task\x00') (async)
r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$read(0xb, r5, &(0x7f0000000080), 0x0) (async)
lseek(r4, 0xfffffffffffffffd, 0x2)
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) (async)
writev(r2, &(0x7f0000001680)=[{&(0x7f0000000080)="d8", 0x1}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async, rerun: 32)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0) (async, rerun: 32)
bind$alg(r1, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58) (async)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockopt(r6, 0x111, 0x3, 0x0, &(0x7f0000000080)) (async, rerun: 64)
io_uring_setup(0x238f, &(0x7f0000000300)={0x0, 0x100641, 0x2, 0x1, 0x3a2}) (async, rerun: 64)
ioctl$FITHAW(r2, 0xc0045878) (async)
openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async, rerun: 32)
lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=@known='system.posix_acl_access\x00') (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000850000002a00000085000000070000009500000000000000439efd6ae89c1f2286b70eaa84b0cd886632343d25e282c1aced0689f2f0d198552806a04fb40d81fdf217edbff56ef8136361773c2f1e3916cbbb74ab463a404c556d5bf91ba2450f4db09c095aeda547161f5e0d593234f0d424202ec3cbd8f3bb26aa7e7d800ef7a9ae93be4bd0850e5c565f45a39a2a00000000425000"/180], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.553602961s ago: executing program 1 (id=2898):
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000660e890000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x6040000})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_io_uring_setup(0x231, &(0x7f0000000040)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000100))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x8}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000003e00290200000700fdff8bff0a0000002ff9f5a1e807db64e7be6adb2a39a4c11d63effdae563ca0e5e415c5a24b6c99e7f43799e17b1d695401ee402f063c4edeb3d21b13bdf606c2fd8fe5a2548aa8a889377c60fe46dc44dc77a5da6c904b81d17f2cd52385748b4027a2cfec0e146a540de9bd9a7b00fb304fe037a800cefd7fd6dd2024eb41f570a9b07bba4e97048b78cad48df91a015b6ee1c9f2b8bbe930e509b26d364ce5cc02f1475471463d2065d05d24b9c9678be4d4ca19a5b38def889b774a29e4255349ddcb287a2b051b7f3632603830848e10d6f05a9848d97f7b41458e52d08861349074aa68e24850e5868848cf293bb6bf34"], 0x14}, 0x1, 0x6000000}, 0x0)
socket$netlink(0x10, 0x3, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
socket$inet6_mptcp(0xa, 0x1, 0x106)
creat(&(0x7f0000000100)='./file0\x00', 0x104)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)

4.016735582s ago: executing program 1 (id=2904):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1807000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f00000012c0)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290)
close_range(r3, 0xffffffffffffffff, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(ecb-aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="11da3cf44b1a8c3d8a39ccbd630e8ef9170ccf07ef1800322de53ae3b183ee66", 0x20)
close(r0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000406f0dc5a00000000000000020000010500010007000000f0d91e9282d30693259d3475d122de4cdc08451b74c58913c44d55bbbd"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)

3.881414805s ago: executing program 1 (id=2906):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1813c1, 0x0)
fchown(r2, 0xee01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r0}, './file0\x00'})
mkdirat(r3, &(0x7f00000000c0)='./file0\x00', 0xb1)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000001c0)={&(0x7f0000000180)=[{0x2005, 0x10001, 0x1, &(0x7f0000000200)='`'}, {0x207, 0xf4f5, 0x0, 0x0}], 0x2})
socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$I2C_FUNCS(0xffffffffffffffff, 0x705, &(0x7f0000000100))
r4 = syz_socket_connect_nvme_tcp()
listen(r4, 0x2)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

3.701018284s ago: executing program 1 (id=2907):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
r0 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r0)
pselect6(0x40, &(0x7f0000000140)={0x1, 0x4, 0x3, 0xff, 0x4, 0xea2b, 0x7, 0x2300000000000}, 0x0, &(0x7f00000001c0)={0x9, 0xbb18, 0x2, 0xc, 0x1000000, 0x4f, 0x0, 0x4}, 0x0, 0x0)

2.768445896s ago: executing program 4 (id=2917):
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f00000005c0)=@framed={{}, [@alu={0x7, 0x1, 0xa, 0x0, 0x0, 0xffffffffffffffc0}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x0, &(0x7f0000000400), &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.358719192s ago: executing program 1 (id=2926):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x18, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r4)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0xc, &(0x7f0000000300))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='irq_handler_exit\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18)
syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)

2.082372073s ago: executing program 2 (id=2928):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x9, 0x1, 0xc45, 0x1012, 0xc7, 0x2, 0x7, 'syz0\x00'})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@private2, 0x800, 0x0, 0x2, 0x1}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d800010000000000000000000000008001200020002000000000000000000060032000300"], 0x80}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8b37, &(0x7f0000000000)={'wlan1\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000040)={0x50, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r7 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TCSETSF(r7, 0x5404, &(0x7f0000000040)={0xfdfdffff, 0xfffffff7, 0x1, 0x4, 0x12, "518aba4d000000000000000000000000002000"})
r8 = dup(r7)
write$UHID_INPUT(r8, &(0x7f0000001040)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa41d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828eea399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f0e817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)

1.750162052s ago: executing program 4 (id=2929):
r0 = socket(0x10, 0x3, 0x0)
unshare(0x22020400)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x28, r2, 0x1, 0x20, 0x8000000, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x8, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4810}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x4, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], <r4=>0x0, 0xee, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0xab, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xc}, 0x10, r4}, 0x94)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x161042, 0x91)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r5, r6, 0x4, 0x0, @void}, 0x10)
write(r0, &(0x7f0000000000)="fc0000001a000700ab092500090007000aab0700a90100001d60369321000100ff0500000005d0000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc0003000500000014000027000089fee1434f1e596534d07302ade0bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201800015b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb00d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8d38a8700"/252, 0xfc)

1.736181472s ago: executing program 4 (id=2930):
r0 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r0, 0x501c4814, &(0x7f00000000c0)={0x2, 0xffffffff})
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
r4 = dup(r3)
fsetxattr$trusted_overlay_upper(r4, &(0x7f0000000000), 0x0, 0x0, 0x2)
flistxattr(r3, 0x0, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008aec1, &(0x7f0000000000))
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140), 0x0)
r6 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$alg(r6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x200}], 0x18}, 0x28000054)
sendmsg$nl_route_sched_retired(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r6, &(0x7f0000002280)=[{{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000001c0)=""/36, 0x24}, {&(0x7f00000005c0)=""/241, 0xf1}, {&(0x7f0000000780)=""/227, 0xe3}, {&(0x7f0000000880)=""/102, 0x66}], 0x4}, 0x6}], 0x2, 0x2023, 0x0)
r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x1, 0x80000)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r7, 0xc0045540, &(0x7f0000000080)=0x5)
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000080), 0x3, 0x800)
syz_usb_connect$uac1(0x0, 0xa9, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x97, 0x3, 0x1, 0x0, 0x10, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@input_terminal={0xc}, @extension_unit={0xd, 0x24, 0x8, 0x1, 0xb, 0x1, "189362c345a1"}, @processing_unit={0x7, 0x24, 0x7, 0x0, 0x0, 0x4}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x0, 0xfffe}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0x0, 0x11, 0x0, 0x3, "6087e8b56f82e3abae"}, @as_header={0x7, 0x24, 0x1, 0x4}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)

1.155898088s ago: executing program 2 (id=2931):
r0 = socket(0x10, 0x803, 0x2)
connect$netlink(r0, &(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x20000000}, 0xc)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
r3 = openat$6lowpan_control(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
epoll_create(0xf)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='statm\x00')
preadv(r4, &(0x7f0000000300)=[{&(0x7f0000000240)=""/7, 0x7}], 0x1, 0x0, 0xd)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x8})
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$UDMABUF_CREATE(r1, 0x40187542, 0x0)
socket(0x10, 0x803, 0x2) (async)
connect$netlink(r0, &(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x20000000}, 0xc) (async)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) (async)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) (async)
write$binfmt_aout(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8) (async)
openat$6lowpan_control(0xffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
epoll_create(0xf) (async)
syz_open_procfs(0x0, &(0x7f00000000c0)='statm\x00') (async)
preadv(r4, &(0x7f0000000300)=[{&(0x7f0000000240)=""/7, 0x7}], 0x1, 0x0, 0xd) (async)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x8}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7}]}) (async)
close_range(r5, 0xffffffffffffffff, 0x0) (async)
ioctl$UDMABUF_CREATE(r1, 0x40187542, 0x0) (async)

992.786412ms ago: executing program 2 (id=2932):
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc2}, &(0x7f0000000080)={0x0, "4440954114c933c6ee241126a4ea7e13ab98b61e9d13d775b12246bef53b7b6ecc3901ddbe412987082e101ad5737943c6de72e0eb5b9cb9153ead69f1a6268f", 0x21}, 0x48, 0xfffffffffffffffa)
r1 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000100)='.dead\x00', &(0x7f00000001c0)=@chain={'key_or_keyring:', r1})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000280)={&(0x7f0000000240)=[0x0], 0x1, 0x80000, 0x0, <r3=>0xffffffffffffffff})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000002c0)={'veth0_vlan\x00', 0x100})
keyctl$get_security(0x11, r1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000001300), &(0x7f0000001340)=0x4)
getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, &(0x7f0000001380), &(0x7f0000001400)=0x68)
r4 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="de5c00ff", @ANYRES16=r6, @ANYBLOB="02002cbd7000fedbdf254c0000000c00a60003000000000000000c00a600b7000000000000000c00a60007000000000000000f00a9007365636f6e646e616d6500003c00a80098a1a865928e8d550c0cc6bb3b44e138985b5cdfb55064d69fdc0436434ed2530acad09c8e560546b20e4f17a591090acfee90af3647efc10c00a60040000000000000002f00a900f709f53731740b0e32be69e59992f99b183aa7a15dae3c4fa4ca305c0b9f3d1036f03563eb45ac6224b943000e00a80066697273746e616d650000001500a90046424c58b7051393e31ed5b6ed6cd55b6d000000"], 0xe8}, 0x1, 0x0, 0x0, 0x40090}, 0x8801)
r7 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r7, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x34004801)
setsockopt$sock_attach_bpf(r7, 0x6, 0x25, &(0x7f0000000040), 0x4)
ioctl$VIDIOC_S_AUDOUT(r4, 0x40345632, &(0x7f0000000b80)={0x6, "0ff864e5807528ae74b753a06ab06c7d29a99ebce1a00449a5d52f3b88eefafe", 0x3})

907.852526ms ago: executing program 2 (id=2933):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001a000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f030000000000002e100200000000002604fdffff020000140100001a0000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)=':', 0x1, 0x4c880, 0x0, 0xfffffffffffffe4b)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000001014010029bd7000ffdbdf2508004b00130000000800030001000000080001000000000008004c000100000008004a0001"], 0x38}, 0x1, 0x0, 0x0, 0x50}, 0xc0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = eventfd2(0xc44, 0x80800)
ioctl$VHOST_SET_VRING_CALL(r2, 0x4008af21, &(0x7f0000000040)={0x0, r3})
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

755.019029ms ago: executing program 2 (id=2934):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYBLOB="0003000000b40000", @ANYRES32=0x0, @ANYRES64=0x0], 0x20)
r1 = socket(0x200000000000011, 0x2, 0xd)
r2 = socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xf)
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$can_j1939(0x1d, 0x2, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000080000000140012800a00010076786c616e0000000400028008000a00", @ANYRES64=r4], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4)
close(r2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r5=>0x0})
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, r5, 0x1, 0x0, 0x6, @multicast}, 0x23)
syz_emit_ethernet(0x274, &(0x7f0000000600)={@local, @empty, @val={@void, {0x8100, 0x2, 0x0, 0x3}}, {@mpls_mc={0x8848, {[{0x4, 0x0, 0x1}, {0x8, 0x0, 0x1}], @ipv6=@tcp={0x7, 0x6, "aac113", 0x232, 0x6, 0x1, @private0, @private1={0xfc, 0x1, '\x00', 0x1}, {[@srh={0x56, 0x2, 0x4, 0x1, 0x4, 0x68, 0x731, [@private1={0xfc, 0x1, '\x00', 0x1}]}, @routing={0x8, 0xe, 0x1, 0x7f, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @ipv4={'\x00', '\xff\xff', @multicast1}, @remote, @private2, @private1]}, @dstopts={0x32, 0x1, '\x00', [@padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @ra={0x5, 0x2, 0x1ff}]}, @fragment={0xfa, 0x0, 0x1a, 0x0, 0x0, 0x9, 0x67}, @srh={0x3a, 0x0, 0x4, 0x0, 0x2, 0x40, 0x2}, @srh={0xc, 0x8, 0x4, 0x4, 0x8, 0xb0, 0x6, [@mcast2, @dev={0xfe, 0x80, '\x00', 0xc}, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}, @srh={0x2, 0x4, 0x4, 0x2, 0x5, 0x10, 0x81de, [@private2, @private0={0xfc, 0x0, '\x00', 0x1}]}, @fragment={0x2b, 0x0, 0x0, 0x1, 0x0, 0x0, 0x67}, @dstopts={0x0, 0xe, '\x00', [@ra={0x5, 0x2, 0x9}, @pad1, @enc_lim={0x4, 0x1, 0x5}, @jumbo={0xc2, 0x4, 0x3}, @calipso={0x7, 0x20, {0x2, 0x6, 0x0, 0x3, [0x3, 0x7f, 0x2a8a6b2c]}}, @pad1, @calipso={0x7, 0x40, {0x1, 0xe, 0x2, 0x6, [0x9, 0x7, 0x3, 0x1, 0xc76, 0x4, 0x8]}}]}, @fragment={0x2c, 0x0, 0x3b, 0x0, 0x0, 0x1, 0x68}], {{0x4e24, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0xd, 0x1, 0xaa3, 0x0, 0xa995, {[@mptcp=@add_addr={0x1e, 0xb, 0x0, 0xb, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, "15"}, @nop, @window={0x3, 0x3, 0x2}, @sack_perm={0x4, 0x2}, @generic={0x3, 0x3, "b8"}, @eol, @sack_perm={0x4, 0x2}, @mss={0x2, 0x4, 0x3}, @generic={0x3, 0x4, ';l'}]}}, {"29152a86d1774e2ac983a581bad44bcb22f80539b1199a106bd8bf6ed9d150fdff7c98413ed02975b1975b644dbcf8673857804dc70905caba639afe09b98d364a2a769d3f9e"}}}}}}}}, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)

479.24539ms ago: executing program 4 (id=2935):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0xffffffffffffff9b, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffef, 0xffff}, {0x0, 0x1a}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x80000002, 0x0, 0xfffffffe}}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0x0, 0x5}}]}}}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20004801}, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r3)
close(r3)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_CREATE(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1a7ab56e", @ANYRES16=r4, @ANYBLOB="000426bd7000fddbdf250500000008001900e0000001"], 0x1c}}, 0x4000)
r5 = dup(0xffffffffffffffff)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r3)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r5, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="00042abd7000fcdbdf2508000000040001802c000180060005004e210000060001000200000006000100022eadf911de099c1b72000000060005004e22000005000200070000"], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
read$usbfs(r5, &(0x7f0000000080)=""/103, 0x67)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r7, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r8 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r9 = fsmount(r8, 0x0, 0x0)
fchdir(r9)

80.944264ms ago: executing program 4 (id=2936):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

80.50628ms ago: executing program 2 (id=2937):
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f00000005c0)=@framed={{}, [@alu={0x7, 0x1, 0xa, 0x0, 0x0, 0xffffffffffffffc0}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x0, &(0x7f0000000400), &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

26.491498ms ago: executing program 4 (id=2938):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @local}, 0x7}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$TIPC_NL_MON_PEER_GET(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)={0x340, 0x0, 0xc02, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xb9}]}, @TIPC_NLA_BEARER={0xd8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xf9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ipvlan1\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0xfffffff4, @empty, 0xe8b9}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @rand_addr=0x64010100}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x82f, @mcast2, 0xc}}}}]}, @TIPC_NLA_NODE={0x230, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4b, 0x4, {'gcm(aes)\x00', 0x23, "3c0abc48609589e4e71ba1ed02e4e67d432e545419927d45653d22a330f30b1d1fdf3c"}}, @TIPC_NLA_NODE_ID={0x1dd, 0x3, "9318c8848d4f545073958961031fff326731a6a7265f8d74d61860859b61341fa05f43e45f7e4433c7ed5c414649f7acd9cf60bf4549fe2f7f8dfa10e476111fc2717675b4c12787d4c53b94f732df0bb20af3d105dfed310950a8643a4ada20a47570ab1bf6219390613358bc3aadded9b3175a2be2d1d5e2fcc04e93c2292559804b8a2d63cf4d5502072e4b4924b64a2047a0e03f441282bbdad22fc6fa1fec9ee79c53b82dadb2aac202601865682633e741bf55361fea3f48755186606798a6dc744789d61c4209af86c6790f7092f241646ebb5da1c9c396b4632903890c5e62d5fe803bbc009d5304b6585dfe414b7ea4d664f33a52a9470f608a88c96c6f0e264f2cef88a22b252403e2009b7c64e61ce290f193c69aad92c47f1d98c5d2fc422d335d8b53c472cc12f78318ff6de0410753b12c2eb3918feda2a0aeead772e34fbf1dba7d72d04df3f19ecdee61f8c789efe59cbca7af94074ce9ce19cf9d7240103dfeb3b1189f561afb21ff731390b3abdea121efd8402c5fbd8c2a5b7f2ebdf30510c503cd7729f691b999d9c95d217607597175f99fa4d9bfecd2c247cdf68788e13c310eeded55e6e72a7c6669e9e7512e4f0652b443532430b116f3364a0c76860545253dfb9f8a622e3fd4e0c1cd9530c8"}]}]}, 0x340}, 0x1, 0x0, 0x0, 0x40000f5}, 0x4048044)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000040)=0x7, 0x4)
write$FUSE_LK(r1, &(0x7f0000000100)={0x28, 0xffffffffffffffda, 0x0, {{0x9}}}, 0x28)

0s ago: executing program 1 (id=2939):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000080)={0x2, 0x32314742, 0x2, @discrete={0x7, 0xbe78}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = add_key(&(0x7f0000000000)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0xffff, 0xb, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000200), 0x2, r4}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=""/40, &(0x7f00000001c0), &(0x7f0000000200), 0x1, r4}, 0x38)
io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, &(0x7f0000000000)={0x1}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
keyctl$reject(0x13, r3, 0xd360e359, 0x6, r3)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$cuse(0xffffff9c, 0x0, 0x2, 0x0)
syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000180)=@default_ibss_ssid, 0x6, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newtaction={0x14, 0x30, 0x100, 0x70bd2a}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r6, r6, 0x0, 0x200900)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

kernel console output (not intermixed with test programs):

rogram: false inactive
[  234.009939][T12434] vivid-001: RDS Music: false inactive
[  234.016850][T12434] vivid-001: ==================  END STATUS  ==================
[  234.066233][   T61] usb 6-1: USB disconnect, device number 7
[  234.092462][   T61] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  234.330699][T12447] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  234.332707][T12447] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  234.335352][T12447] vhci_hcd vhci_hcd.0: Device attached
[  234.607649][   T53] usb 46-1: SetAddress Request (6) to port 0
[  234.609543][   T53] usb 46-1: new SuperSpeed USB device number 6 using vhci_hcd
[  234.901521][T12448] vhci_hcd: connection reset by peer
[  234.903636][  T103] vhci_hcd: stop threads
[  234.905561][  T103] vhci_hcd: release socket
[  234.908428][  T103] vhci_hcd: disconnect device
[  234.969814][T12454] overlayfs: conflicting options: nfs_export=on,metacopy=on
[  235.051610][   T60] IPVS: starting estimator thread 0...
[  235.061049][T12457] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[  235.147810][T12458] IPVS: using max 39 ests per chain, 93600 per kthread
[  236.346936][   T60] kernel write not supported for file /1426/gid_map (pid: 60 comm: kworker/2:1)
[  236.499243][T12516] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2333'.
[  236.585932][T12519] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2334'.
[  237.149035][  T843] usb 48-1: device descriptor read/8, error -110
[  237.384462][T12548] fuse: Unknown parameter '0x0000000000000003'
[  237.531872][T12552] fuse: Unknown parameter '00000000000000000000005'
[  237.562739][  T843] usb usb48-port1: attempt power cycle
[  238.201694][  T843] usb usb48-port1: unable to enumerate USB device
[  238.371719][T12570] fuse: Unknown parameter '0x0000000000000003'
[  238.520019][ T6083] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  239.120370][ T6083] usb 9-1: Using ep0 maxpacket: 16
[  239.123258][ T6083] usb 9-1: too many endpoints for config 0 interface 0 altsetting 4: 255, using maximum allowed: 30
[  239.126659][ T6083] usb 9-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  239.130773][ T6083] usb 9-1: config 0 interface 0 has no altsetting 0
[  239.132833][ T6083] usb 9-1: New USB device found, idVendor=20a0, idProduct=4287, bcdDevice= 0.00
[  239.135620][ T6083] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.139972][ T6083] usb 9-1: config 0 descriptor??
[  239.555103][ T6083] hid-u2fzero 0003:20A0:4287.0006: hidraw0: USB HID v0.00 Device [HID 20a0:4287] on usb-dummy_hcd.4-1/input0
[  239.566581][ T6083] hid-u2fzero 0003:20A0:4287.0006: NitroKey U2F LED initialised
[  239.569228][ T6083] hid-u2fzero 0003:20A0:4287.0006: NitroKey U2F RNG initialised
[  239.697780][T12598] fuse: Unknown parameter '0x0000000000000003'
[  239.710859][   T53] usb 46-1: device descriptor read/8, error -110
[  239.820288][ T3243] usb 9-1: USB disconnect, device number 7
[  240.102209][   T53] usb usb46-port1: attempt power cycle
[  240.436925][T12616] ptrace attach of "/syz-executor exec"[12617] was attempted by "/syz-executor exec"[12616]
[  240.672850][   T53] usb usb46-port1: unable to enumerate USB device
[  240.819073][T12621] fuse: Unknown parameter '0x0000000000000003'
[  241.362057][   T40] audit: type=1804 audit(1760485437.261:784): pid=12639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2374" name="/newroot/487/file0" dev="tmpfs" ino=2544 res=1 errno=0
[  241.423972][T12633] /dev/sr0: Can't open blockdev
[  241.701469][T12640] syz.1.2373 (12640) used greatest stack depth: 19528 bytes left
[  242.159389][T12657] fuse: Unknown parameter '0x0000000000000003'
[  242.569489][T12662] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  242.571678][T12662] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  242.578178][T12662] vhci_hcd vhci_hcd.0: Device attached
[  242.843171][   T53] usb 48-1: SetAddress Request (6) to port 0
[  242.845933][   T53] usb 48-1: new SuperSpeed USB device number 6 using vhci_hcd
[  243.109276][T12663] vhci_hcd: connection reset by peer
[  243.112225][   T46] vhci_hcd: stop threads
[  243.117376][   T46] vhci_hcd: release socket
[  243.120198][   T46] vhci_hcd: disconnect device
[  243.270895][T12682] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  243.272980][T12682] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  243.276303][T12682] vhci_hcd vhci_hcd.0: Device attached
[  243.573592][ T6083] usb 46-1: SetAddress Request (10) to port 0
[  243.575696][ T6083] usb 46-1: new SuperSpeed USB device number 10 using vhci_hcd
[  243.624252][T12688] FAULT_INJECTION: forcing a failure.
[  243.624252][T12688] name failslab, interval 1, probability 0, space 0, times 0
[  243.628710][T12688] CPU: 2 UID: 0 PID: 12688 Comm: syz.1.2391 Not tainted syzkaller #0 PREEMPT(full) 
[  243.628731][T12688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  243.628741][T12688] Call Trace:
[  243.628754][T12688]  <TASK>
[  243.628759][T12688]  dump_stack_lvl+0x16c/0x1f0
[  243.628800][T12688]  should_fail_ex+0x512/0x640
[  243.628830][T12688]  ? __kmalloc_noprof+0xca/0x880
[  243.628865][T12688]  should_failslab+0xc2/0x120
[  243.628877][T12688]  __kmalloc_noprof+0xdd/0x880
[  243.628888][T12688]  ? __kernel_text_address+0xd/0x40
[  243.628902][T12688]  ? unwind_get_return_address+0x59/0xa0
[  243.628916][T12688]  ? acpi_ns_internalize_name+0x161/0x2e0
[  243.628934][T12688]  ? acpi_ns_internalize_name+0x161/0x2e0
[  243.628948][T12688]  acpi_ns_internalize_name+0x161/0x2e0
[  243.628963][T12688]  ? __pfx_acpi_ns_internalize_name+0x10/0x10
[  243.628977][T12688]  ? acpi_ut_trace_ptr+0x1d2/0x2a0
[  243.628989][T12688]  ? __pfx_stack_trace_save+0x10/0x10
[  243.629006][T12688]  ? look_up_lock_class+0x59/0x150
[  243.629025][T12688]  acpi_ns_get_node_unlocked+0x180/0x4f0
[  243.629041][T12688]  ? __pfx_acpi_ns_get_node_unlocked+0x10/0x10
[  243.629057][T12688]  ? mark_held_locks+0x49/0x80
[  243.629072][T12688]  ? acpi_os_wait_semaphore+0x212/0x3f0
[  243.629085][T12688]  ? acpi_ns_get_node+0x6c/0xf0
[  243.629099][T12688]  acpi_ns_get_node+0x6c/0xf0
[  243.629114][T12688]  acpi_get_handle+0x10a/0x280
[  243.629129][T12688]  ? __pfx_acpi_get_handle+0x10/0x10
[  243.629148][T12688]  acpi_has_method+0x7a/0xc0
[  243.629160][T12688]  ? __pfx_acpi_has_method+0x10/0x10
[  243.629172][T12688]  ? find_held_lock+0x2b/0x80
[  243.629187][T12688]  acpi_pci_set_power_state+0xa4/0x290
[  243.629200][T12688]  pci_power_up+0x80/0x530
[  243.629212][T12688]  ? is_bpf_text_address+0x94/0x1a0
[  243.629224][T12688]  ? __pfx_pci_power_up+0x10/0x10
[  243.629236][T12688]  ? widen_string+0xdc/0x2d0
[  243.629246][T12688]  ? __kernel_text_address+0xd/0x40
[  243.629262][T12688]  pci_pm_power_up_and_verify_state+0x6a/0x240
[  243.629279][T12688]  ? __pfx_pci_pm_power_up_and_verify_state+0x10/0x10
[  243.629295][T12688]  ? find_held_lock+0x2b/0x80
[  243.629311][T12688]  pci_pm_runtime_resume+0xa1/0x270
[  243.629325][T12688]  ? __pfx_pci_pm_runtime_resume+0x10/0x10
[  243.629337][T12688]  __rpm_callback+0xc8/0x610
[  243.629354][T12688]  ? __pfx_pci_pm_runtime_resume+0x10/0x10
[  243.629372][T12688]  rpm_callback+0x1b7/0x200
[  243.629389][T12688]  ? __pfx_pci_pm_runtime_resume+0x10/0x10
[  243.629402][T12688]  rpm_resume+0xd16/0x1320
[  243.629415][T12688]  ? __do_fast_syscall_32+0x7c/0x300
[  243.629434][T12688]  ? __pfx_rpm_resume+0x10/0x10
[  243.629451][T12688]  ? do_raw_spin_lock+0x12c/0x2b0
[  243.629470][T12688]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  243.629490][T12688]  __pm_runtime_resume+0xb6/0x170
[  243.629505][T12688]  i801_access+0x13a/0x2090
[  243.629533][T12688]  ? __pfx_i801_access+0x10/0x10
[  243.629561][T12688]  __i2c_smbus_xfer+0x4f0/0x1020
[  243.629581][T12688]  ? __pfx_i801_access+0x10/0x10
[  243.629597][T12688]  ? __pfx___i2c_smbus_xfer+0x10/0x10
[  243.629613][T12688]  ? rt_mutex_slowtrylock+0xc9/0x100
[  243.629634][T12688]  i2c_smbus_xfer+0x200/0x3c0
[  243.629660][T12688]  i2cdev_ioctl_smbus+0x237/0x960
[  243.629679][T12688]  ? __pfx_i2cdev_ioctl_smbus+0x10/0x10
[  243.629690][T12688]  ? __might_fault+0xe3/0x190
[  243.629708][T12688]  ? __might_fault+0xe3/0x190
[  243.629737][T12688]  compat_i2cdev_ioctl+0x434/0x530
[  243.629760][T12688]  ? hook_file_ioctl_common+0x145/0x410
[  243.629779][T12688]  ? __pfx_compat_i2cdev_ioctl+0x10/0x10
[  243.629797][T12688]  ? __fget_files+0x20e/0x3c0
[  243.629823][T12688]  ? __pfx_compat_i2cdev_ioctl+0x10/0x10
[  243.629843][T12688]  __ia32_compat_sys_ioctl+0x242/0x370
[  243.629861][T12688]  __do_fast_syscall_32+0x7c/0x300
[  243.629885][T12688]  do_fast_syscall_32+0x32/0x80
[  243.629909][T12688]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  243.629928][T12688] RIP: 0023:0xf7f71579
[  243.629941][T12688] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  243.629953][T12688] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  243.629969][T12688] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000720
[  243.629979][T12688] RDX: 0000000080000300 RSI: 0000000000000000 RDI: 0000000000000000
[  243.629989][T12688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  243.629998][T12688] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  243.630007][T12688] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.630027][T12688]  </TASK>
[  243.683610][T12683] vhci_hcd: connection reset by peer
[  243.779989][  T103] vhci_hcd: stop threads
[  243.781815][  T103] vhci_hcd: release socket
[  243.784245][  T103] vhci_hcd: disconnect device
[  243.988653][T12705] FAULT_INJECTION: forcing a failure.
[  243.988653][T12705] name failslab, interval 1, probability 0, space 0, times 0
[  243.992999][T12705] CPU: 2 UID: 0 PID: 12705 Comm: syz.2.2399 Not tainted syzkaller #0 PREEMPT(full) 
[  243.993016][T12705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  243.993023][T12705] Call Trace:
[  243.993028][T12705]  <TASK>
[  243.993037][T12705]  dump_stack_lvl+0x16c/0x1f0
[  243.993059][T12705]  should_fail_ex+0x512/0x640
[  243.993077][T12705]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  243.993095][T12705]  should_failslab+0xc2/0x120
[  243.993107][T12705]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  243.993123][T12705]  ? __d_alloc+0x32/0xae0
[  243.993142][T12705]  ? __d_alloc+0x32/0xae0
[  243.993158][T12705]  __d_alloc+0x32/0xae0
[  243.993176][T12705]  d_alloc_parallel+0x111/0x1480
[  243.993193][T12705]  ? find_held_lock+0x2b/0x80
[  243.993209][T12705]  ? __pfx_d_alloc_parallel+0x10/0x10
[  243.993225][T12705]  ? __d_lookup+0x266/0x4a0
[  243.993240][T12705]  lookup_open.isra.0+0x665/0x1580
[  243.993258][T12705]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  243.993281][T12705]  ? lookup_fast+0x156/0x610
[  243.993297][T12705]  path_openat+0x893/0x2cb0
[  243.993317][T12705]  ? __pfx_path_openat+0x10/0x10
[  243.993334][T12705]  ? __lock_acquire+0xb8a/0x1c90
[  243.993347][T12705]  do_filp_open+0x20b/0x470
[  243.993364][T12705]  ? __pfx_do_filp_open+0x10/0x10
[  243.993390][T12705]  ? alloc_fd+0x471/0x7d0
[  243.993409][T12705]  do_sys_openat2+0x11b/0x1d0
[  243.993422][T12705]  ? __pfx_do_sys_openat2+0x10/0x10
[  243.993436][T12705]  ? __fget_files+0x20e/0x3c0
[  243.993454][T12705]  __ia32_compat_sys_open+0x146/0x1e0
[  243.993467][T12705]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  243.993483][T12705]  ? rcu_is_watching+0x12/0xc0
[  243.993499][T12705]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  243.993520][T12705]  __do_fast_syscall_32+0x7c/0x300
[  243.993540][T12705]  do_fast_syscall_32+0x32/0x80
[  243.993558][T12705]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  243.993572][T12705] RIP: 0023:0xf7f14579
[  243.993582][T12705] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  243.993593][T12705] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  243.993605][T12705] RAX: ffffffffffffffda RBX: 0000000080000440 RCX: 0000000000000080
[  243.993612][T12705] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000000
[  243.993618][T12705] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  243.993624][T12705] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  243.993631][T12705] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.993645][T12705]  </TASK>
[  244.666615][T12729] infiniband syz1: set active
[  244.668372][T12729] infiniband syz1: added syz_tun
[  244.697338][T12729] RDS/IB: syz1: added
[  244.701223][T12729] smc: adding ib device syz1 with port count 1
[  244.704486][T12729] smc:    ib device syz1 port 1 has no pnetid
[  245.484049][T12754] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2411'.
[  245.678103][T12756] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2412'.
[  245.989722][T12779] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  246.118034][T12785] 9pnet_fd: Insufficient options for proto=fd
[  246.525828][T12820] netlink: 'syz.2.2436': attribute type 1 has an invalid length.
[  246.540981][T12820] 8021q: adding VLAN 0 to HW filter on device bond1
[  246.551760][T12823] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2437'.
[  246.567175][T12820] bond1: (slave veth5): Enslaving as an active interface with a down link
[  246.579945][T12820] bond1: (slave syz_tun): making interface the new active one
[  246.582952][T12820] syz_tun: entered promiscuous mode
[  246.584789][T12820] bond1: (slave syz_tun): Enslaving as an active interface with an up link
[  246.877729][T12850] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  246.879818][T12850] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  246.882516][T12850] vhci_hcd vhci_hcd.0: Device attached
[  246.932174][T12862] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2454'.
[  246.982676][   T40] audit: type=1326 audit(1760485442.887:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12864 comm="syz.5.2455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000
[  247.156051][   T10] usb 42-1: SetAddress Request (10) to port 0
[  247.158164][   T10] usb 42-1: new SuperSpeed USB device number 10 using vhci_hcd
[  247.496722][T12855] vhci_hcd: connection reset by peer
[  247.500573][  T103] vhci_hcd: stop threads
[  247.502188][  T103] vhci_hcd: release socket
[  247.503773][  T103] vhci_hcd: disconnect device
[  247.876676][   T53] usb 48-1: device descriptor read/8, error -110
[  248.287370][   T53] usb usb48-port1: attempt power cycle
[  248.885019][ T6083] usb 46-1: device descriptor read/8, error -110
[  249.108387][   T53] usb usb48-port1: unable to enumerate USB device
[  249.380817][ T6083] usb usb46-port1: attempt power cycle
[  249.471171][T12922] rdma_rxe: rxe_newlink: failed to add syz_tun
[  249.715992][T12928] FAULT_INJECTION: forcing a failure.
[  249.715992][T12928] name failslab, interval 1, probability 0, space 0, times 0
[  249.721206][T12928] CPU: 1 UID: 0 PID: 12928 Comm: syz.5.2477 Not tainted syzkaller #0 PREEMPT(full) 
[  249.721229][T12928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  249.721240][T12928] Call Trace:
[  249.721246][T12928]  <TASK>
[  249.721254][T12928]  dump_stack_lvl+0x16c/0x1f0
[  249.721284][T12928]  should_fail_ex+0x512/0x640
[  249.721308][T12928]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  249.721335][T12928]  should_failslab+0xc2/0x120
[  249.721353][T12928]  kmem_cache_alloc_node_noprof+0x78/0x770
[  249.721376][T12928]  ? __alloc_skb+0x2b2/0x380
[  249.721405][T12928]  ? __alloc_skb+0x2b2/0x380
[  249.721426][T12928]  ? __pfx_netlink_insert+0x10/0x10
[  249.721451][T12928]  __alloc_skb+0x2b2/0x380
[  249.721475][T12928]  ? __pfx___alloc_skb+0x10/0x10
[  249.721501][T12928]  ? netlink_autobind.isra.0+0x158/0x370
[  249.721533][T12928]  netlink_alloc_large_skb+0x69/0x140
[  249.721561][T12928]  netlink_sendmsg+0x698/0xdd0
[  249.721594][T12928]  ? __pfx_netlink_sendmsg+0x10/0x10
[  249.721624][T12928]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  249.721647][T12928]  ____sys_sendmsg+0xa98/0xc70
[  249.721670][T12928]  ? __pfx_____sys_sendmsg+0x10/0x10
[  249.721688][T12928]  ? get_compat_msghdr+0x11a/0x170
[  249.721726][T12928]  ___sys_sendmsg+0x134/0x1d0
[  249.721752][T12928]  ? __pfx____sys_sendmsg+0x10/0x10
[  249.721793][T12928]  ? find_held_lock+0x2b/0x80
[  249.721834][T12928]  __sys_sendmsg+0x16d/0x220
[  249.721860][T12928]  ? __pfx___sys_sendmsg+0x10/0x10
[  249.721898][T12928]  ? rcu_is_watching+0x12/0xc0
[  249.721927][T12928]  __do_fast_syscall_32+0x7c/0x300
[  249.721956][T12928]  do_fast_syscall_32+0x32/0x80
[  249.721983][T12928]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  249.722009][T12928] RIP: 0023:0xf701d579
[  249.722023][T12928] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  249.722039][T12928] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  249.722055][T12928] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  249.722066][T12928] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  249.722076][T12928] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  249.722086][T12928] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  249.722096][T12928] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  249.722120][T12928]  </TASK>
[  250.118758][ T6083] usb usb46-port1: unable to enumerate USB device
[  250.996412][T12956] tipc: Can't bind to reserved service type 0
[  251.484109][T12958] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[  251.486611][T12958] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  251.491095][T12958] vhci_hcd vhci_hcd.0: Device attached
[  251.590782][T12969] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2491'.
[  251.658809][T12963] vhci_hcd: connection closed
[  251.661004][   T12] vhci_hcd: stop threads
[  251.664009][   T12] vhci_hcd: release socket
[  251.665496][   T12] vhci_hcd: disconnect device
[  251.669201][   T53] vhci_hcd: vhci_device speed not set
[  251.688571][T12977] x_tables: duplicate underflow at hook 2
[  251.857159][T12985] binder: 12984:12985 ioctl c018620c 80000040 returned -1
[  251.885962][ T5945] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  251.890655][ T5945] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  251.894011][ T5945] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  251.901885][ T5945] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  251.905347][ T5945] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  252.136609][T12986] chnl_net:caif_netlink_parms(): no params data found
[  252.203137][   T10] usb 42-1: device descriptor read/8, error -110
[  252.245563][T12986] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.248693][T12986] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.252090][T12986] bridge_slave_0: entered allmulticast mode
[  252.256502][T12986] bridge_slave_0: entered promiscuous mode
[  252.283619][T12986] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.286707][T12986] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.291297][T12986] bridge_slave_1: entered allmulticast mode
[  252.294675][T12986] bridge_slave_1: entered promiscuous mode
[  252.334024][T12986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  252.341471][T12986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  252.396638][T12986] team0: Port device team_slave_0 added
[  252.400019][T12986] team0: Port device team_slave_1 added
[  252.428236][T12986] batman_adv: batadv0: Adding interface: batadv_slave_0
[  252.430520][T12986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  252.438386][T12986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  252.443087][T12986] batman_adv: batadv0: Adding interface: batadv_slave_1
[  252.445763][T12986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  252.456106][T12986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  252.535567][T12986] hsr_slave_0: entered promiscuous mode
[  252.537801][T12986] hsr_slave_1: entered promiscuous mode
[  252.543284][T13004] netlink: 'syz.4.2501': attribute type 3 has an invalid length.
[  252.546564][T13004] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2501'.
[  252.616599][   T10] usb usb42-port1: attempt power cycle
[  252.975622][T12986] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  252.979808][T12986] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  252.995481][T12986] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  253.000260][T12986] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  253.042075][T12986] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.052053][T12986] 8021q: adding VLAN 0 to HW filter on device team0
[  253.061158][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.063394][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.069028][   T81] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.071338][   T81] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.194909][T12986] 8021q: adding VLAN 0 to HW filter on device batadv0
[  253.229335][T12986] veth0_vlan: entered promiscuous mode
[  253.240815][   T10] usb usb42-port1: unable to enumerate USB device
[  253.251830][T12986] veth1_vlan: entered promiscuous mode
[  253.269088][T12986] veth0_macvtap: entered promiscuous mode
[  253.274015][T12986] veth1_macvtap: entered promiscuous mode
[  253.283955][T12986] batman_adv: batadv0: Interface activated: batadv_slave_0
[  253.289732][T12986] batman_adv: batadv0: Interface activated: batadv_slave_1
[  253.295789][   T59] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  253.299184][   T59] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  253.312450][   T59] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  253.316305][   T59] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  253.341689][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.344344][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.360043][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.362838][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.960972][ T5945] Bluetooth: hci1: command tx timeout
[  254.287894][   T40] audit: type=1326 audit(1760485450.182:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13034 comm="syz.4.2507" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x0
[  254.296734][   T40] audit: type=1326 audit(1760485450.182:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13033 comm="syz.5.2506" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x0
[  254.389123][T13042] FAULT_INJECTION: forcing a failure.
[  254.389123][T13042] name failslab, interval 1, probability 0, space 0, times 0
[  254.393209][T13042] CPU: 1 UID: 0 PID: 13042 Comm: syz.4.2507 Not tainted syzkaller #0 PREEMPT(full) 
[  254.393230][T13042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  254.393241][T13042] Call Trace:
[  254.393247][T13042]  <TASK>
[  254.393254][T13042]  dump_stack_lvl+0x16c/0x1f0
[  254.393284][T13042]  should_fail_ex+0x512/0x640
[  254.393310][T13042]  ? fs_reclaim_acquire+0xae/0x150
[  254.393326][T13042]  should_failslab+0xc2/0x120
[  254.393340][T13042]  __kmalloc_noprof+0xdd/0x880
[  254.393359][T13042]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  254.393388][T13042]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  254.393409][T13042]  tomoyo_realpath_from_path+0xc2/0x6e0
[  254.393434][T13042]  ? tomoyo_profile+0x47/0x60
[  254.393462][T13042]  tomoyo_path_number_perm+0x245/0x580
[  254.393481][T13042]  ? tomoyo_path_number_perm+0x237/0x580
[  254.393504][T13042]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  254.393554][T13042]  ? find_held_lock+0x2b/0x80
[  254.393577][T13042]  ? hook_file_ioctl_common+0x145/0x410
[  254.393605][T13042]  ? __fget_files+0x20e/0x3c0
[  254.393632][T13042]  security_file_ioctl_compat+0x9b/0x240
[  254.393656][T13042]  __ia32_compat_sys_ioctl+0xc3/0x370
[  254.393681][T13042]  __do_fast_syscall_32+0x7c/0x300
[  254.393719][T13042]  do_fast_syscall_32+0x32/0x80
[  254.393744][T13042]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.393765][T13042] RIP: 0023:0xf7f56579
[  254.393779][T13042] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  254.393793][T13042] RSP: 002b:00000000f540455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  254.393808][T13042] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000c008561c
[  254.393818][T13042] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  254.393827][T13042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  254.393835][T13042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  254.393843][T13042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  254.393865][T13042]  </TASK>
[  254.393872][T13042] ERROR: Out of memory at tomoyo_realpath_from_path.
[  254.654352][T13048] usb usb8: usbfs: process 13048 (syz.1.2509) did not claim interface 0 before use
[  255.084280][T13042] Process accounting resumed
[  255.324935][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  255.327148][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  256.042253][ T5938] Bluetooth: hci1: command tx timeout
[  256.552254][T13075] syzkaller0: entered promiscuous mode
[  256.554920][T13075] syzkaller0: entered allmulticast mode
[  257.414159][ T5938] Bluetooth: hci2: command 0x0406 tx timeout
[  257.861862][T13102] FAULT_INJECTION: forcing a failure.
[  257.861862][T13102] name failslab, interval 1, probability 0, space 0, times 0
[  257.866760][T13102] CPU: 2 UID: 0 PID: 13102 Comm: syz.1.2529 Not tainted syzkaller #0 PREEMPT(full) 
[  257.866774][T13102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  257.866781][T13102] Call Trace:
[  257.866785][T13102]  <TASK>
[  257.866789][T13102]  dump_stack_lvl+0x16c/0x1f0
[  257.866809][T13102]  should_fail_ex+0x512/0x640
[  257.866826][T13102]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  257.866843][T13102]  should_failslab+0xc2/0x120
[  257.866853][T13102]  kmem_cache_alloc_node_noprof+0x78/0x770
[  257.866867][T13102]  ? __alloc_skb+0x2b2/0x380
[  257.866881][T13102]  ? __pfx_tcp_current_mss+0x10/0x10
[  257.866899][T13102]  ? __alloc_skb+0x2b2/0x380
[  257.866912][T13102]  __alloc_skb+0x2b2/0x380
[  257.866927][T13102]  ? __pfx___alloc_skb+0x10/0x10
[  257.866941][T13102]  ? _parse_integer_limit+0x17f/0x1d0
[  257.866959][T13102]  tcp_stream_alloc_skb+0x34/0x560
[  257.866974][T13102]  tcp_sendmsg_locked+0x12d9/0x42e0
[  257.866996][T13102]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  257.867010][T13102]  ? do_raw_spin_lock+0x12c/0x2b0
[  257.867024][T13102]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  257.867040][T13102]  ? __local_bh_enable_ip+0xa4/0x120
[  257.867058][T13102]  tcp_sendmsg+0x2e/0x50
[  257.867069][T13102]  ? __pfx_tcp_sendmsg+0x10/0x10
[  257.867082][T13102]  inet_sendmsg+0xb9/0x140
[  257.867097][T13102]  __sys_sendto+0x43c/0x520
[  257.867112][T13102]  ? __pfx___sys_sendto+0x10/0x10
[  257.867137][T13102]  ? ksys_write+0x1ac/0x250
[  257.867151][T13102]  ? __pfx_ksys_write+0x10/0x10
[  257.867167][T13102]  __ia32_sys_sendto+0xdd/0x1b0
[  257.867181][T13102]  ? lockdep_hardirqs_on+0x7c/0x110
[  257.867197][T13102]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  257.867214][T13102]  __do_fast_syscall_32+0x7c/0x300
[  257.867231][T13102]  do_fast_syscall_32+0x32/0x80
[  257.867248][T13102]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  257.867261][T13102] RIP: 0023:0xf7f82579
[  257.867270][T13102] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  257.867280][T13102] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  257.867290][T13102] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  257.867297][T13102] RDX: 0000000000000004 RSI: 0000000040040011 RDI: 0000000000000000
[  257.867303][T13102] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  257.867309][T13102] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  257.867314][T13102] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  257.867328][T13102]  </TASK>
[  258.133662][ T5945] Bluetooth: hci1: command tx timeout
[  258.147223][T13106] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  258.174564][   T60] libceph: connect (1)[c::]:6789 error -101
[  258.180898][   T60] libceph: mon0 (1)[c::]:6789 connect error
[  258.315115][T13109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  258.427561][T13110] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  258.449320][   T60] libceph: connect (1)[c::]:6789 error -101
[  258.451967][   T60] libceph: mon0 (1)[c::]:6789 connect error
[  258.824194][   T59] syz_tun: left promiscuous mode
[  258.975215][   T60] libceph: connect (1)[c::]:6789 error -101
[  258.977176][   T60] libceph: mon0 (1)[c::]:6789 connect error
[  259.369278][T13106] ceph: No mds server is up or the cluster is laggy
[  259.749626][T13139] syzkaller0: entered promiscuous mode
[  259.752086][T13139] syzkaller0: entered allmulticast mode
[  259.763831][T13139] FAULT_INJECTION: forcing a failure.
[  259.763831][T13139] name failslab, interval 1, probability 0, space 0, times 0
[  259.768620][T13139] CPU: 2 UID: 0 PID: 13139 Comm: syz.4.2541 Not tainted syzkaller #0 PREEMPT(full) 
[  259.768643][T13139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  259.768654][T13139] Call Trace:
[  259.768661][T13139]  <TASK>
[  259.768668][T13139]  dump_stack_lvl+0x16c/0x1f0
[  259.768700][T13139]  should_fail_ex+0x512/0x640
[  259.768731][T13139]  should_failslab+0xc2/0x120
[  259.768750][T13139]  kmem_cache_alloc_noprof+0x75/0x6e0
[  259.768773][T13139]  ? skb_clone+0x190/0x3f0
[  259.768804][T13139]  ? skb_clone+0x190/0x3f0
[  259.768833][T13139]  skb_clone+0x190/0x3f0
[  259.768857][T13139]  netem_enqueue+0x1ae1/0x3680
[  259.768884][T13139]  ? __pfx_netem_enqueue+0x10/0x10
[  259.768901][T13139]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  259.768930][T13139]  __dev_queue_xmit+0x2252/0x4490
[  259.768960][T13139]  ? find_held_lock+0x2b/0x80
[  259.768983][T13139]  ? __might_fault+0xe3/0x190
[  259.769007][T13139]  ? __might_fault+0xe3/0x190
[  259.769027][T13139]  ? __might_fault+0x13b/0x190
[  259.769049][T13139]  ? __pfx___dev_queue_xmit+0x10/0x10
[  259.769075][T13139]  ? _copy_from_iter+0x15d/0x1720
[  259.769123][T13139]  ? __pfx_packet_parse_headers+0x10/0x10
[  259.769145][T13139]  ? skb_copy_datagram_from_iter+0x4f0/0x740
[  259.769167][T13139]  ? dev_get_by_index+0x17c/0x380
[  259.769194][T13139]  packet_xmit+0x23e/0x360
[  259.769217][T13139]  packet_sendmsg+0x2756/0x5850
[  259.769251][T13139]  ? __pfx___might_resched+0x10/0x10
[  259.769282][T13139]  ? aa_sk_perm+0x2f4/0xb10
[  259.769306][T13139]  ? __pfx_packet_sendmsg+0x10/0x10
[  259.769326][T13139]  ? __pfx_aa_sk_perm+0x10/0x10
[  259.769346][T13139]  ? __might_fault+0xe3/0x190
[  259.769374][T13139]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  259.769398][T13139]  __sys_sendto+0x4a3/0x520
[  259.769423][T13139]  ? __pfx___sys_sendto+0x10/0x10
[  259.769468][T13139]  ? ksys_write+0x1ac/0x250
[  259.769493][T13139]  ? __pfx_ksys_write+0x10/0x10
[  259.769521][T13139]  __ia32_sys_sendto+0xdd/0x1b0
[  259.769542][T13139]  ? lockdep_hardirqs_on+0x7c/0x110
[  259.769566][T13139]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  259.769593][T13139]  __do_fast_syscall_32+0x7c/0x300
[  259.769623][T13139]  do_fast_syscall_32+0x32/0x80
[  259.769649][T13139]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  259.769671][T13139] RIP: 0023:0xf7f56579
[  259.769686][T13139] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  259.769703][T13139] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  259.769721][T13139] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800005c0
[  259.769732][T13139] RDX: 00000000000005ea RSI: 0000000000000040 RDI: 00000000800001c0
[  259.769742][T13139] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  259.769751][T13139] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  259.769762][T13139] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  259.769787][T13139]  </TASK>
[  260.205336][ T5945] Bluetooth: hci1: command tx timeout
[  260.620313][T13180] FAULT_INJECTION: forcing a failure.
[  260.620313][T13180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.624573][T13180] CPU: 3 UID: 0 PID: 13180 Comm: syz.1.2555 Not tainted syzkaller #0 PREEMPT(full) 
[  260.624594][T13180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.624604][T13180] Call Trace:
[  260.624610][T13180]  <TASK>
[  260.624616][T13180]  dump_stack_lvl+0x16c/0x1f0
[  260.624642][T13180]  should_fail_ex+0x512/0x640
[  260.624662][T13180]  _copy_from_user+0x2e/0xd0
[  260.624673][T13180]  copy_from_sockptr_offset+0x15c/0x1b0
[  260.624687][T13180]  ? __pfx_copy_from_sockptr_offset+0x10/0x10
[  260.624700][T13180]  ? __mutex_trylock_common+0xe9/0x250
[  260.624714][T13180]  do_tcp_setsockopt+0x729/0x2500
[  260.624728][T13180]  ? __pfx___might_resched+0x10/0x10
[  260.624745][T13180]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  260.624761][T13180]  ? get_pid_task+0xfc/0x250
[  260.624775][T13180]  ? __pfx___mutex_lock+0x10/0x10
[  260.624795][T13180]  ? __lock_acquire+0x622/0x1c90
[  260.624807][T13180]  tcp_setsockopt+0xe2/0x100
[  260.624823][T13180]  smc_setsockopt+0x1b6/0xa00
[  260.624838][T13180]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  260.624851][T13180]  ? __pfx_smc_setsockopt+0x10/0x10
[  260.624869][T13180]  ? aa_sock_opt_perm+0xfd/0x1c0
[  260.624888][T13180]  ? __pfx_smc_setsockopt+0x10/0x10
[  260.624901][T13180]  do_sock_setsockopt+0xf3/0x1d0
[  260.624914][T13180]  __sys_setsockopt+0x120/0x1a0
[  260.624931][T13180]  __ia32_sys_setsockopt+0xbc/0x160
[  260.624946][T13180]  ? lockdep_hardirqs_on+0x7c/0x110
[  260.624965][T13180]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  260.624985][T13180]  __do_fast_syscall_32+0x7c/0x300
[  260.625002][T13180]  do_fast_syscall_32+0x32/0x80
[  260.625019][T13180]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  260.625032][T13180] RIP: 0023:0xf7f82579
[  260.625040][T13180] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  260.625051][T13180] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  260.625061][T13180] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000006
[  260.625068][T13180] RDX: 0000000000000021 RSI: 0000000080000000 RDI: 0000000000000010
[  260.625074][T13180] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  260.625080][T13180] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  260.625086][T13180] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  260.625099][T13180]  </TASK>
[  260.702089][    C3] vkms_vblank_simulate: vblank timer overrun
[  260.865541][ T1328] usb 10-1: new full-speed USB device number 2 using dummy_hcd
[  261.165098][ T1328] usb 10-1: device descriptor read/64, error -71
[  261.291298][T13204] tipc: Started in network mode
[  261.292912][T13204] tipc: Node identity 1a00ca1e3a97, cluster identity 4711
[  261.295258][T13204] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  261.298020][T13204] syzkaller0: entered promiscuous mode
[  261.299740][T13204] syzkaller0: entered allmulticast mode
[  261.311054][T13204] tipc: Resetting bearer <eth:syzkaller0>
[  261.314621][T13203] tipc: Resetting bearer <eth:syzkaller0>
[  261.325133][T13203] tipc: Disabling bearer <eth:syzkaller0>
[  261.405848][ T1328] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  261.536001][ T1328] usb 10-1: device descriptor read/64, error -71
[  261.656191][ T1328] usb usb10-port1: attempt power cycle
[  262.016311][ T1328] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[  262.036814][ T1328] usb 10-1: device descriptor read/8, error -71
[  262.250030][T13234] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow
[  262.256878][T13234] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  262.273345][T13232] input: syz1 as /devices/virtual/input/input11
[  262.328274][ T1328] usb 10-1: new full-speed USB device number 5 using dummy_hcd
[  262.420652][ T1328] usb 10-1: device descriptor read/8, error -71
[  262.517662][T13245] syz_tun: entered allmulticast mode
[  262.531115][T13244] syz_tun: left allmulticast mode
[  262.538646][ T1328] usb usb10-port1: unable to enumerate USB device
[  263.828065][T13269] syz_tun: entered allmulticast mode
[  263.830554][T13269] FAULT_INJECTION: forcing a failure.
[  263.830554][T13269] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  263.834912][T13269] CPU: 3 UID: 0 PID: 13269 Comm: syz.4.2587 Not tainted syzkaller #0 PREEMPT(full) 
[  263.834926][T13269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  263.834932][T13269] Call Trace:
[  263.834937][T13269]  <TASK>
[  263.834941][T13269]  dump_stack_lvl+0x16c/0x1f0
[  263.834960][T13269]  should_fail_ex+0x512/0x640
[  263.834979][T13269]  should_fail_alloc_page+0xe7/0x130
[  263.834991][T13269]  prepare_alloc_pages+0x3c2/0x610
[  263.835004][T13269]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  263.835025][T13269]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  263.835042][T13269]  ? __lock_acquire+0x622/0x1c90
[  263.835055][T13269]  ? kernel_text_address+0x8d/0x100
[  263.835067][T13269]  ? find_held_lock+0x2b/0x80
[  263.835081][T13269]  ? __kernel_text_address+0xd/0x40
[  263.835095][T13269]  ? lock_acquire+0x179/0x350
[  263.835105][T13269]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  263.835119][T13269]  ? policy_nodemask+0xea/0x4e0
[  263.835131][T13269]  alloc_pages_mpol+0x1fb/0x550
[  263.835141][T13269]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  263.835155][T13269]  folio_alloc_mpol_noprof+0x36/0x2f0
[  263.835168][T13269]  vma_alloc_folio_noprof+0xed/0x1e0
[  263.835181][T13269]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  263.835193][T13269]  ? rcu_read_unlock+0x2d/0xb0
[  263.835209][T13269]  do_wp_page+0x11d8/0x52b0
[  263.835223][T13269]  ? __pfx_do_wp_page+0x10/0x10
[  263.835234][T13269]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  263.835247][T13269]  ? ___pte_offset_map+0x2ad/0x4f0
[  263.835265][T13269]  __handle_mm_fault+0x1ae3/0x2aa0
[  263.835279][T13269]  ? mt_find+0x3e2/0xa20
[  263.835296][T13269]  ? __pfx___handle_mm_fault+0x10/0x10
[  263.835308][T13269]  ? __pfx_mt_find+0x10/0x10
[  263.835331][T13269]  ? find_vma+0xbf/0x140
[  263.835346][T13269]  ? __pfx_find_vma+0x10/0x10
[  263.835363][T13269]  handle_mm_fault+0x589/0xd10
[  263.835375][T13269]  ? __pkru_allows_pkey+0x11/0xb0
[  263.835390][T13269]  do_user_addr_fault+0x7a6/0x1370
[  263.835404][T13269]  ? rcu_is_watching+0x12/0xc0
[  263.835421][T13269]  exc_page_fault+0x64/0xc0
[  263.835436][T13269]  asm_exc_page_fault+0x26/0x30
[  263.835446][T13269] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[  263.835462][T13269] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca e9 d1 82 03 00 90 90 90 90 90 90 90 90 90 90
[  263.835472][T13269] RSP: 0018:ffffc90002d979a8 EFLAGS: 00050293
[  263.835480][T13269] RAX: 0000000000000020 RBX: 0000000000000020 RCX: 0000000080002ed8
[  263.835487][T13269] RDX: ffff888023b08000 RSI: ffffffff892af020 RDI: 0000000000000005
[  263.835493][T13269] RBP: ffffc90002d97d48 R08: 0000000000000005 R09: 0000000000000000
[  263.835499][T13269] R10: 0000000080000002 R11: 0000000000000001 R12: 0000000000000000
[  263.835505][T13269] R13: 0000000080002ec0 R14: ffffc90002d97d8c R15: 0000000080000002
[  263.835516][T13269]  ? ____sys_recvmsg+0x3b0/0x6b0
[  263.835531][T13269]  ____sys_recvmsg+0x3bb/0x6b0
[  263.835545][T13269]  ? __pfx_____sys_recvmsg+0x10/0x10
[  263.835555][T13269]  ? import_iovec+0x86/0xb0
[  263.835571][T13269]  ? __lock_acquire+0x622/0x1c90
[  263.835583][T13269]  ___sys_recvmsg+0x114/0x1a0
[  263.835599][T13269]  ? __pfx____sys_recvmsg+0x10/0x10
[  263.835616][T13269]  ? find_held_lock+0x2b/0x80
[  263.835639][T13269]  do_recvmmsg+0x55d/0x750
[  263.835657][T13269]  ? __pfx_do_recvmmsg+0x10/0x10
[  263.835671][T13269]  ? find_held_lock+0x2b/0x80
[  263.835684][T13269]  ? __might_fault+0xe3/0x190
[  263.835697][T13269]  ? __might_fault+0x13b/0x190
[  263.835716][T13269]  ? __pfx_get_old_timespec32+0x10/0x10
[  263.835728][T13269]  ? __fget_files+0x20e/0x3c0
[  263.835741][T13269]  ? handle_mm_fault+0x1f0/0xd10
[  263.835754][T13269]  __sys_recvmmsg+0x110/0x280
[  263.835783][T13269]  ? __pfx___sys_recvmmsg+0x10/0x10
[  263.835801][T13269]  ? __pfx_ksys_write+0x10/0x10
[  263.835818][T13269]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  263.835835][T13269]  ? lockdep_hardirqs_on+0x7c/0x110
[  263.835850][T13269]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  263.835866][T13269]  __do_fast_syscall_32+0x7c/0x300
[  263.835888][T13269]  do_fast_syscall_32+0x32/0x80
[  263.835904][T13269]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  263.835917][T13269] RIP: 0023:0xf7f56579
[  263.835925][T13269] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  263.835936][T13269] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  263.835945][T13269] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080002ec0
[  263.835951][T13269] RDX: 0000000000000ec0 RSI: 0000000000000002 RDI: 00000000800001c0
[  263.835957][T13269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  263.835963][T13269] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  263.835969][T13269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  263.835982][T13269]  </TASK>
[  263.836214][T13268] syz_tun: left allmulticast mode
[  264.688007][ T3243] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  264.789951][T13292] FAULT_INJECTION: forcing a failure.
[  264.789951][T13292] name failslab, interval 1, probability 0, space 0, times 0
[  264.794720][T13292] CPU: 0 UID: 0 PID: 13292 Comm: syz.2.2592 Not tainted syzkaller #0 PREEMPT(full) 
[  264.794744][T13292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  264.794754][T13292] Call Trace:
[  264.794762][T13292]  <TASK>
[  264.794769][T13292]  dump_stack_lvl+0x16c/0x1f0
[  264.794798][T13292]  should_fail_ex+0x512/0x640
[  264.794825][T13292]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  264.794844][T13292]  should_failslab+0xc2/0x120
[  264.794863][T13292]  kmem_cache_alloc_noprof+0x75/0x6e0
[  264.794886][T13292]  ? skb_clone+0x190/0x3f0
[  264.794917][T13292]  ? skb_clone+0x190/0x3f0
[  264.794942][T13292]  skb_clone+0x190/0x3f0
[  264.794969][T13292]  netlink_deliver_tap+0xabd/0xd30
[  264.795001][T13292]  netlink_unicast+0x64c/0x870
[  264.795032][T13292]  ? __pfx_netlink_unicast+0x10/0x10
[  264.795069][T13292]  netlink_sendmsg+0x8c8/0xdd0
[  264.795100][T13292]  ? __pfx_netlink_sendmsg+0x10/0x10
[  264.795129][T13292]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  264.795152][T13292]  ____sys_sendmsg+0xa98/0xc70
[  264.795175][T13292]  ? __pfx_____sys_sendmsg+0x10/0x10
[  264.795193][T13292]  ? get_compat_msghdr+0x11a/0x170
[  264.795229][T13292]  ___sys_sendmsg+0x134/0x1d0
[  264.795256][T13292]  ? __pfx____sys_sendmsg+0x10/0x10
[  264.795297][T13292]  ? find_held_lock+0x2b/0x80
[  264.795342][T13292]  __sys_sendmsg+0x16d/0x220
[  264.795369][T13292]  ? __pfx___sys_sendmsg+0x10/0x10
[  264.795409][T13292]  ? rcu_is_watching+0x12/0xc0
[  264.795438][T13292]  __do_fast_syscall_32+0x7c/0x300
[  264.795468][T13292]  do_fast_syscall_32+0x32/0x80
[  264.795495][T13292]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  264.795524][T13292] RIP: 0023:0xf7f14579
[  264.795539][T13292] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  264.795554][T13292] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  264.795571][T13292] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000580
[  264.795582][T13292] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  264.795592][T13292] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  264.795602][T13292] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  264.795612][T13292] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  264.795637][T13292]  </TASK>
[  264.809035][  T842] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  264.858963][ T3243] usb 9-1: config 0 has no interfaces?
[  264.901519][ T3243] usb 9-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  264.904338][ T3243] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.906817][ T3243] usb 9-1: Product: syz
[  264.908221][ T3243] usb 9-1: Manufacturer: syz
[  264.909673][ T3243] usb 9-1: SerialNumber: syz
[  264.912980][ T3243] usb 9-1: config 0 descriptor??
[  265.018235][  T842] usb 6-1: Using ep0 maxpacket: 32
[  265.021154][  T842] usb 6-1: config 0 has an invalid interface number: 209 but max is 0
[  265.023726][  T842] usb 6-1: config 0 has no interface number 0
[  265.025764][  T842] usb 6-1: config 0 interface 209 has no altsetting 0
[  265.030404][  T842] usb 6-1: New USB device found, idVendor=1f71, idProduct=3306, bcdDevice=1b.23
[  265.033243][  T842] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.036400][  T842] usb 6-1: Product: syz
[  265.038273][  T842] usb 6-1: Manufacturer: syz
[  265.040253][  T842] usb 6-1: SerialNumber: syz
[  265.043344][  T842] usb 6-1: config 0 descriptor??
[  265.271702][T13288] 
: renamed from bridge_slave_0 (while UP)
[  265.284468][  T842] usb 6-1: USB disconnect, device number 8
[  266.049016][T13324] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2602'.
[  266.763118][T13340] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input12
[  267.104801][   T60] usb 9-1: USB disconnect, device number 8
[  267.147972][   T40] audit: type=1326 audit(1760485463.033:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  267.160701][   T40] audit: type=1326 audit(1760485463.033:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f56598 code=0x7ffc0000
[  267.167397][   T40] audit: type=1326 audit(1760485463.033:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f56598 code=0x7ffc0000
[  267.174101][   T40] audit: type=1326 audit(1760485463.033:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  267.182787][   T40] audit: type=1326 audit(1760485463.033:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  267.192059][   T40] audit: type=1326 audit(1760485463.033:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  267.203167][   T40] audit: type=1326 audit(1760485463.033:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  267.211847][   T40] audit: type=1326 audit(1760485463.033:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f56598 code=0x7ffc0000
[  267.220676][   T40] audit: type=1326 audit(1760485463.033:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  267.229323][   T40] audit: type=1326 audit(1760485463.033:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.4.2611" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x7ffc0000
[  267.394525][T13374] FAULT_INJECTION: forcing a failure.
[  267.394525][T13374] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.398646][T13374] CPU: 3 UID: 0 PID: 13374 Comm: syz.2.2619 Not tainted syzkaller #0 PREEMPT(full) 
[  267.398659][T13374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  267.398666][T13374] Call Trace:
[  267.398670][T13374]  <TASK>
[  267.398674][T13374]  dump_stack_lvl+0x16c/0x1f0
[  267.398709][T13374]  should_fail_ex+0x512/0x640
[  267.398733][T13374]  _copy_from_user+0x2e/0xd0
[  267.398744][T13374]  get_compat_msghdr+0xa7/0x170
[  267.398764][T13374]  ? __pfx_get_compat_msghdr+0x10/0x10
[  267.398784][T13374]  ___sys_sendmsg+0x1ae/0x1d0
[  267.398805][T13374]  ? __pfx____sys_sendmsg+0x10/0x10
[  267.398827][T13374]  ? find_held_lock+0x2b/0x80
[  267.398850][T13374]  __sys_sendmsg+0x16d/0x220
[  267.398866][T13374]  ? __pfx___sys_sendmsg+0x10/0x10
[  267.398887][T13374]  ? rcu_is_watching+0x12/0xc0
[  267.398903][T13374]  __do_fast_syscall_32+0x7c/0x300
[  267.398921][T13374]  do_fast_syscall_32+0x32/0x80
[  267.398938][T13374]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  267.398951][T13374] RIP: 0023:0xf7f14579
[  267.398960][T13374] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  267.398970][T13374] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  267.398981][T13374] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  267.398987][T13374] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  267.398993][T13374] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  267.398999][T13374] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  267.399005][T13374] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  267.399018][T13374]  </TASK>
[  267.453079][    C3] vkms_vblank_simulate: vblank timer overrun
[  269.472646][T13429] FAULT_INJECTION: forcing a failure.
[  269.472646][T13429] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.476402][T13429] CPU: 0 UID: 0 PID: 13429 Comm: syz.2.2636 Not tainted syzkaller #0 PREEMPT(full) 
[  269.476416][T13429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.476423][T13429] Call Trace:
[  269.476426][T13429]  <TASK>
[  269.476431][T13429]  dump_stack_lvl+0x16c/0x1f0
[  269.476473][T13429]  should_fail_ex+0x512/0x640
[  269.476495][T13429]  _copy_from_iter+0x29f/0x1720
[  269.476514][T13429]  ? __alloc_skb+0x200/0x380
[  269.476529][T13429]  ? __pfx__copy_from_iter+0x10/0x10
[  269.476546][T13429]  ? netlink_autobind.isra.0+0x158/0x370
[  269.476568][T13429]  netlink_sendmsg+0x820/0xdd0
[  269.476587][T13429]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.476605][T13429]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  269.476618][T13429]  ____sys_sendmsg+0xa98/0xc70
[  269.476630][T13429]  ? get_bio_sector_nr+0x1e0/0x3d0
[  269.476646][T13429]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.476658][T13429]  ? get_compat_msghdr+0x11a/0x170
[  269.476679][T13429]  ___sys_sendmsg+0x134/0x1d0
[  269.476696][T13429]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.476717][T13429]  ? find_held_lock+0x2b/0x80
[  269.476741][T13429]  __sys_sendmsg+0x16d/0x220
[  269.476757][T13429]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.476778][T13429]  ? rcu_is_watching+0x12/0xc0
[  269.476795][T13429]  __do_fast_syscall_32+0x7c/0x300
[  269.476812][T13429]  do_fast_syscall_32+0x32/0x80
[  269.476833][T13429]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  269.476858][T13429] RIP: 0023:0xf7f14579
[  269.476867][T13429] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  269.476877][T13429] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  269.476888][T13429] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  269.476894][T13429] RDX: 0000000004000040 RSI: 0000000000000000 RDI: 0000000000000000
[  269.476900][T13429] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  269.476906][T13429] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  269.476912][T13429] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  269.476925][T13429]  </TASK>
[  270.153229][T13443] syz.4.2641: page allocation failure: order:2, mode:0xcc1(GFP_KERNEL|GFP_DMA), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  270.158371][T13443] CPU: 3 UID: 0 PID: 13443 Comm: syz.4.2641 Not tainted syzkaller #0 PREEMPT(full) 
[  270.158388][T13443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  270.158395][T13443] Call Trace:
[  270.158401][T13443]  <TASK>
[  270.158406][T13443]  dump_stack_lvl+0x16c/0x1f0
[  270.158433][T13443]  warn_alloc+0x248/0x3a0
[  270.158457][T13443]  ? __pfx_warn_alloc+0x10/0x10
[  270.158479][T13443]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  270.158525][T13443]  __alloc_frozen_pages_noprof+0xe9b/0x2470
[  270.158572][T13443]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  270.158602][T13443]  ? lockdep_hardirqs_on+0x7c/0x110
[  270.158630][T13443]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  270.158656][T13443]  ? stack_depot_save_flags+0x3de/0x9c0
[  270.158693][T13443]  ? __kasan_kmalloc+0xaa/0xb0
[  270.158719][T13443]  ? __kmalloc_noprof+0x32f/0x880
[  270.158739][T13443]  ? comedi_isadma_alloc+0x10d/0x6e0
[  270.158757][T13443]  ? pcl816_attach+0x901/0xb20
[  270.158780][T13443]  ? comedi_device_attach+0x3b3/0x900
[  270.158810][T13443]  __alloc_pages_noprof+0xb/0x1b0
[  270.158825][T13443]  __dma_direct_alloc_pages.constprop.0+0x4c5/0x950
[  270.158848][T13443]  ? __pfx___dma_direct_alloc_pages.constprop.0+0x10/0x10
[  270.158867][T13443]  ? dma_alloc_from_dev_coherent+0x2e4/0x570
[  270.158881][T13443]  dma_direct_alloc+0x8f/0x580
[  270.158899][T13443]  dma_alloc_attrs+0x185/0x2b0
[  270.158915][T13443]  ? __pfx_dma_alloc_attrs+0x10/0x10
[  270.158930][T13443]  ? dma_direct_supported+0xca/0x220
[  270.158949][T13443]  comedi_isadma_alloc+0x3de/0x6e0
[  270.158964][T13443]  ? __pfx_comedi_isadma_alloc+0x10/0x10
[  270.158976][T13443]  ? request_threaded_irq+0x2c8/0x3e0
[  270.158989][T13443]  pcl816_attach+0x901/0xb20
[  270.159006][T13443]  comedi_device_attach+0x3b3/0x900
[  270.159024][T13443]  do_devconfig_ioctl+0x1b1/0x710
[  270.159034][T13443]  ? __mutex_lock+0x1c5/0x1060
[  270.159052][T13443]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  270.159070][T13443]  ? kasan_save_stack+0x42/0x60
[  270.159086][T13443]  ? kasan_save_stack+0x33/0x60
[  270.159101][T13443]  ? kasan_save_track+0x14/0x30
[  270.159115][T13443]  ? __kasan_save_free_info+0x3b/0x60
[  270.159128][T13443]  ? __kasan_slab_free+0x5f/0x80
[  270.159144][T13443]  ? kfree+0x2b8/0x6d0
[  270.159155][T13443]  ? tomoyo_path_number_perm+0x470/0x580
[  270.159168][T13443]  ? security_file_ioctl_compat+0x9b/0x240
[  270.159185][T13443]  comedi_unlocked_ioctl+0x165d/0x2f00
[  270.159202][T13443]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  270.159224][T13443]  ? kasan_quarantine_put+0x10a/0x240
[  270.159239][T13443]  ? lockdep_hardirqs_on+0x7c/0x110
[  270.159256][T13443]  ? find_held_lock+0x2b/0x80
[  270.159271][T13443]  ? tomoyo_path_number_perm+0x295/0x580
[  270.159285][T13443]  ? tomoyo_path_number_perm+0x18d/0x580
[  270.159299][T13443]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  270.159314][T13443]  comedi_compat_ioctl+0x1d0/0x990
[  270.159328][T13443]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  270.159342][T13443]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  270.159358][T13443]  ? do_vfs_ioctl+0x128/0x14f0
[  270.159370][T13443]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  270.159386][T13443]  ? find_held_lock+0x2b/0x80
[  270.159400][T13443]  ? hook_file_ioctl_common+0x145/0x410
[  270.159417][T13443]  ? __fget_files+0x20e/0x3c0
[  270.159430][T13443]  ? __ia32_compat_sys_openat+0xe0/0x210
[  270.159445][T13443]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  270.159458][T13443]  __ia32_compat_sys_ioctl+0x242/0x370
[  270.159473][T13443]  __do_fast_syscall_32+0x7c/0x300
[  270.159490][T13443]  do_fast_syscall_32+0x32/0x80
[  270.159507][T13443]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  270.159521][T13443] RIP: 0023:0xf7f56579
[  270.159531][T13443] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  270.159549][T13443] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  270.159561][T13443] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000040946400
[  270.159568][T13443] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  270.159575][T13443] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  270.159581][T13443] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  270.159588][T13443] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  270.159603][T13443]  </TASK>
[  270.159608][T13443] Mem-Info:
[  270.321883][T13443] active_anon:150 inactive_anon:8900 isolated_anon:14
[  270.321883][T13443]  active_file:302 inactive_file:11340 isolated_file:0
[  270.321883][T13443]  unevictable:1768 dirty:298 writeback:0
[  270.321883][T13443]  slab_reclaimable:8388 slab_unreclaimable:67433
[  270.321883][T13443]  mapped:25518 shmem:2268 pagetables:1673
[  270.321883][T13443]  sec_pagetables:310 bounce:0
[  270.321883][T13443]  kernel_misc_reclaimable:0
[  270.321883][T13443]  free:29671 free_pcp:0 free_cma:0
[  270.322036][T13445] netlink: 'syz.4.2641': attribute type 1 has an invalid length.
[  270.338290][T13443] Node 0 active_anon:176kB inactive_anon:1672kB active_file:168kB inactive_file:300kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2280kB dirty:60kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8336kB pagetables:1376kB sec_pagetables:1144kB all_unreclaimable? no Balloon:0kB
[  270.361918][T13443] Node 0 DMA free:2024kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:12kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  270.392470][T13443] lowmem_reserve[]: 0 292 292 292 292
[  270.394679][T13443] Node 0 DMA: 4*4kB (U) 1*8kB (U) 2*16kB (U) 4*32kB (U) 1*64kB (U) 0*128kB 1*256kB (U) 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 2040kB
[  270.400396][T13443] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  270.406839][T13443] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  270.411195][T13443] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  270.415685][T13443] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  270.420837][T13443] 14449 total pagecache pages
[  270.435873][T13443] 273 pages in swap cache
[  270.448160][T13443] Free swap  = 117964kB
[  270.449511][T13443] Total swap = 124996kB
[  270.450838][T13443] 524155 pages RAM
[  270.455668][T13443] 0 pages HighMem/MovableOnly
[  270.457247][T13443] 208343 pages reserved
[  270.458712][T13443] 0 pages cma reserved
[  270.545556][T13456] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2645'.
[  271.254124][T13480] FAULT_INJECTION: forcing a failure.
[  271.254124][T13480] name failslab, interval 1, probability 0, space 0, times 0
[  271.257969][T13480] CPU: 0 UID: 0 PID: 13480 Comm: syz.2.2652 Not tainted syzkaller #0 PREEMPT(full) 
[  271.257992][T13480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  271.258002][T13480] Call Trace:
[  271.258008][T13480]  <TASK>
[  271.258014][T13480]  dump_stack_lvl+0x16c/0x1f0
[  271.258043][T13480]  should_fail_ex+0x512/0x640
[  271.258083][T13480]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  271.258105][T13480]  should_failslab+0xc2/0x120
[  271.258124][T13480]  kmem_cache_alloc_noprof+0x75/0x6e0
[  271.258145][T13480]  ? skb_clone+0x190/0x3f0
[  271.258174][T13480]  ? skb_clone+0x190/0x3f0
[  271.258196][T13480]  skb_clone+0x190/0x3f0
[  271.258221][T13480]  netlink_deliver_tap+0xabd/0xd30
[  271.258252][T13480]  netlink_unicast+0x64c/0x870
[  271.258281][T13480]  ? __pfx_netlink_unicast+0x10/0x10
[  271.258314][T13480]  netlink_sendmsg+0x8c8/0xdd0
[  271.258344][T13480]  ? __pfx_netlink_sendmsg+0x10/0x10
[  271.258372][T13480]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  271.258395][T13480]  ____sys_sendmsg+0xa98/0xc70
[  271.258417][T13480]  ? __pfx_____sys_sendmsg+0x10/0x10
[  271.258433][T13480]  ? get_compat_msghdr+0x11a/0x170
[  271.258468][T13480]  ___sys_sendmsg+0x134/0x1d0
[  271.258492][T13480]  ? __pfx____sys_sendmsg+0x10/0x10
[  271.258528][T13480]  ? find_held_lock+0x2b/0x80
[  271.258571][T13480]  __sys_sendmsg+0x16d/0x220
[  271.258596][T13480]  ? __pfx___sys_sendmsg+0x10/0x10
[  271.258630][T13480]  ? rcu_is_watching+0x12/0xc0
[  271.258656][T13480]  __do_fast_syscall_32+0x7c/0x300
[  271.258683][T13480]  do_fast_syscall_32+0x32/0x80
[  271.258721][T13480]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  271.258742][T13480] RIP: 0023:0xf7f14579
[  271.258756][T13480] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  271.258771][T13480] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  271.258787][T13480] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  271.258798][T13480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  271.258806][T13480] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  271.258816][T13480] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  271.258826][T13480] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  271.258849][T13480]  </TASK>
[  271.387649][T13488] trusted_key: encrypted_key: insufficient parameters specified
[  271.756756][T13510] netlink: set zone limit has 4 unknown bytes
[  271.768871][T13510] efs: cannot read volume header
[  272.297633][T13518] netlink: 'syz.1.2666': attribute type 3 has an invalid length.
[  272.519812][T13529] FAULT_INJECTION: forcing a failure.
[  272.519812][T13529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.524365][T13529] CPU: 2 UID: 0 PID: 13529 Comm: syz.4.2671 Not tainted syzkaller #0 PREEMPT(full) 
[  272.524380][T13529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  272.524387][T13529] Call Trace:
[  272.524391][T13529]  <TASK>
[  272.524395][T13529]  dump_stack_lvl+0x16c/0x1f0
[  272.524432][T13529]  should_fail_ex+0x512/0x640
[  272.524460][T13529]  _copy_from_user+0x2e/0xd0
[  272.524471][T13529]  memdup_user+0x6b/0xe0
[  272.524487][T13529]  msr_io+0xea/0x4e0
[  272.524502][T13529]  ? __pfx_do_set_msr+0x10/0x10
[  272.524518][T13529]  ? __pfx_msr_io+0x10/0x10
[  272.524534][T13529]  ? find_held_lock+0x2b/0x80
[  272.524551][T13529]  kvm_arch_vcpu_ioctl+0x1469/0x5570
[  272.524565][T13529]  ? kvm_arch_vcpu_ioctl+0x1444/0x5570
[  272.524580][T13529]  ? is_bpf_text_address+0x94/0x1a0
[  272.524591][T13529]  ? kernel_text_address+0x8d/0x100
[  272.524604][T13529]  ? widen_string+0xdc/0x2d0
[  272.524615][T13529]  ? __kernel_text_address+0xd/0x40
[  272.524628][T13529]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  272.524642][T13529]  ? arch_stack_walk+0xa6/0x100
[  272.524664][T13529]  ? __lock_acquire+0xb8a/0x1c90
[  272.524677][T13529]  ? kasan_save_stack+0x33/0x60
[  272.524694][T13529]  ? __mutex_trylock_common+0xe9/0x250
[  272.524705][T13529]  ? __pfx___mutex_trylock_common+0x10/0x10
[  272.524717][T13529]  ? __pfx___might_resched+0x10/0x10
[  272.524732][T13529]  ? rcu_is_watching+0x12/0xc0
[  272.524747][T13529]  ? trace_contention_end+0xdd/0x130
[  272.524758][T13529]  ? __mutex_lock+0x1c5/0x1060
[  272.524778][T13529]  ? __pfx___mutex_lock+0x10/0x10
[  272.524811][T13529]  ? kasan_quarantine_put+0x10a/0x240
[  272.524830][T13529]  ? kvm_vcpu_ioctl+0x1235/0x1690
[  272.524841][T13529]  kvm_vcpu_ioctl+0x1235/0x1690
[  272.524854][T13529]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  272.524865][T13529]  ? tomoyo_path_number_perm+0x18d/0x580
[  272.524879][T13529]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  272.524896][T13529]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  272.524912][T13529]  ? do_vfs_ioctl+0x128/0x14f0
[  272.524924][T13529]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  272.524941][T13529]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  272.524953][T13529]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  272.524964][T13529]  ? __fget_files+0x20e/0x3c0
[  272.524980][T13529]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  272.524992][T13529]  __ia32_compat_sys_ioctl+0x242/0x370
[  272.525006][T13529]  __do_fast_syscall_32+0x7c/0x300
[  272.525023][T13529]  do_fast_syscall_32+0x32/0x80
[  272.525040][T13529]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.525053][T13529] RIP: 0023:0xf7f56579
[  272.525061][T13529] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  272.525071][T13529] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  272.525081][T13529] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004008ae89
[  272.525088][T13529] RDX: 0000000080000380 RSI: 0000000000000000 RDI: 0000000000000000
[  272.525094][T13529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  272.525099][T13529] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  272.525105][T13529] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  272.525119][T13529]  </TASK>
[  272.768782][T13537] FAULT_INJECTION: forcing a failure.
[  272.768782][T13537] name failslab, interval 1, probability 0, space 0, times 0
[  272.772745][T13537] CPU: 3 UID: 0 PID: 13537 Comm: syz.4.2673 Not tainted syzkaller #0 PREEMPT(full) 
[  272.772761][T13537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  272.772767][T13537] Call Trace:
[  272.772772][T13537]  <TASK>
[  272.772776][T13537]  dump_stack_lvl+0x16c/0x1f0
[  272.772796][T13537]  should_fail_ex+0x512/0x640
[  272.772813][T13537]  ? fs_reclaim_acquire+0xae/0x150
[  272.772824][T13537]  should_failslab+0xc2/0x120
[  272.772835][T13537]  kmem_cache_alloc_noprof+0x75/0x6e0
[  272.772849][T13537]  ? __pfx_map_id_range_down+0x10/0x10
[  272.772863][T13537]  ? security_inode_alloc+0x3b/0x2b0
[  272.772877][T13537]  ? security_inode_alloc+0x3b/0x2b0
[  272.772887][T13537]  security_inode_alloc+0x3b/0x2b0
[  272.772899][T13537]  inode_init_always_gfp+0xce4/0x1030
[  272.772916][T13537]  alloc_inode+0x86/0x240
[  272.772927][T13537]  alloc_anon_inode+0x28/0x3e0
[  272.772943][T13537]  dma_buf_export+0x266/0xa90
[  272.772959][T13537]  drm_gem_dmabuf_export+0x40/0x200
[  272.772977][T13537]  drm_gem_prime_handle_to_dmabuf+0x753/0x8f0
[  272.772988][T13537]  ? __pfx_drm_gem_prime_handle_to_dmabuf+0x10/0x10
[  272.772998][T13537]  ? do_raw_spin_unlock+0x172/0x230
[  272.773018][T13537]  drm_prime_handle_to_fd_ioctl+0x153/0x230
[  272.773031][T13537]  drm_ioctl_kernel+0x1f4/0x3e0
[  272.773044][T13537]  ? __pfx_drm_prime_handle_to_fd_ioctl+0x10/0x10
[  272.773055][T13537]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  272.773073][T13537]  drm_ioctl+0x5c9/0xc30
[  272.773088][T13537]  ? __pfx_drm_prime_handle_to_fd_ioctl+0x10/0x10
[  272.773100][T13537]  ? __pfx_drm_ioctl+0x10/0x10
[  272.773124][T13537]  drm_compat_ioctl+0x327/0x460
[  272.773141][T13537]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  272.773158][T13537]  __ia32_compat_sys_ioctl+0x242/0x370
[  272.773172][T13537]  __do_fast_syscall_32+0x7c/0x300
[  272.773190][T13537]  do_fast_syscall_32+0x32/0x80
[  272.773207][T13537]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  272.773221][T13537] RIP: 0023:0xf7f56579
[  272.773229][T13537] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  272.773240][T13537] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  272.773250][T13537] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c00c642d
[  272.773256][T13537] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  272.773262][T13537] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  272.773268][T13537] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  272.773274][T13537] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  272.773288][T13537]  </TASK>
[  272.851688][    C3] vkms_vblank_simulate: vblank timer overrun
[  273.498084][T13566] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2685'.
[  274.125478][T13592] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2693'.
[  274.449778][   T40] kauditd_printk_skb: 58 callbacks suppressed
[  274.449789][   T40] audit: type=1326 audit(1760485470.328:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13609 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  274.450932][T13610] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  274.451739][   T40] audit: type=1326 audit(1760485470.328:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13609 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  274.458300][T13610] audit: out of memory in audit_log_start
[  274.469925][   T40] audit: type=1326 audit(1760485470.328:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13609 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  274.477290][   T40] audit: type=1326 audit(1760485470.328:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13609 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  274.484019][   T40] audit: type=1326 audit(1760485470.328:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13609 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  274.491086][   T40] audit: type=1326 audit(1760485470.328:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13609 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  274.504553][   T40] audit: type=1326 audit(1760485470.328:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13609 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  274.514610][   T40] audit: type=1326 audit(1760485470.328:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13609 comm="syz.1.2701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x7ffc0000
[  274.556963][T13620] FAULT_INJECTION: forcing a failure.
[  274.556963][T13620] name failslab, interval 1, probability 0, space 0, times 0
[  274.561107][T13620] CPU: 3 UID: 0 PID: 13620 Comm: syz.1.2706 Not tainted syzkaller #0 PREEMPT(full) 
[  274.561121][T13620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  274.561128][T13620] Call Trace:
[  274.561132][T13620]  <TASK>
[  274.561136][T13620]  dump_stack_lvl+0x16c/0x1f0
[  274.561172][T13620]  should_fail_ex+0x512/0x640
[  274.561194][T13620]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  274.561206][T13620]  should_failslab+0xc2/0x120
[  274.561217][T13620]  kmem_cache_alloc_noprof+0x75/0x6e0
[  274.561231][T13620]  ? skb_clone+0x190/0x3f0
[  274.561255][T13620]  ? skb_clone+0x190/0x3f0
[  274.561270][T13620]  skb_clone+0x190/0x3f0
[  274.561287][T13620]  netlink_deliver_tap+0xabd/0xd30
[  274.561308][T13620]  netlink_unicast+0x64c/0x870
[  274.561328][T13620]  ? __pfx_netlink_unicast+0x10/0x10
[  274.561354][T13620]  netlink_sendmsg+0x8c8/0xdd0
[  274.561377][T13620]  ? __pfx_netlink_sendmsg+0x10/0x10
[  274.561396][T13620]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  274.561411][T13620]  ____sys_sendmsg+0xa98/0xc70
[  274.561425][T13620]  ? __pfx_____sys_sendmsg+0x10/0x10
[  274.561442][T13620]  ? get_compat_msghdr+0x11a/0x170
[  274.561465][T13620]  ___sys_sendmsg+0x134/0x1d0
[  274.561482][T13620]  ? __pfx____sys_sendmsg+0x10/0x10
[  274.561505][T13620]  ? find_held_lock+0x2b/0x80
[  274.561530][T13620]  __sys_sendmsg+0x16d/0x220
[  274.561547][T13620]  ? __pfx___sys_sendmsg+0x10/0x10
[  274.561572][T13620]  ? rcu_is_watching+0x12/0xc0
[  274.561593][T13620]  __do_fast_syscall_32+0x7c/0x300
[  274.561612][T13620]  do_fast_syscall_32+0x32/0x80
[  274.561629][T13620]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  274.561643][T13620] RIP: 0023:0xf7f82579
[  274.561652][T13620] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  274.561663][T13620] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  274.561674][T13620] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  274.561681][T13620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  274.561689][T13620] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  274.561695][T13620] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  274.561701][T13620] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  274.561715][T13620]  </TASK>
[  274.565226][T13622] netlink: 'syz.2.2707': attribute type 1 has an invalid length.
[  274.597702][T13629] /dev/nullb0: Can't open blockdev
[  274.649914][   T24] IPVS: starting estimator thread 0...
[  274.674761][T13622] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  274.764784][T13631] IPVS: using max 42 ests per chain, 100800 per kthread
[  275.874428][T13677] 9pnet_fd: Insufficient options for proto=fd
[  275.896117][T13671] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.912937][T13683] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2723'.
[  275.916432][T13683] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2723'.
[  275.973140][T13671] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.100774][T13671] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.149882][T13698] FAULT_INJECTION: forcing a failure.
[  276.149882][T13698] name failslab, interval 1, probability 0, space 0, times 0
[  276.153647][T13698] CPU: 0 UID: 0 PID: 13698 Comm: syz.2.2729 Not tainted syzkaller #0 PREEMPT(full) 
[  276.153662][T13698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.153669][T13698] Call Trace:
[  276.153673][T13698]  <TASK>
[  276.153678][T13698]  dump_stack_lvl+0x16c/0x1f0
[  276.153710][T13698]  should_fail_ex+0x512/0x640
[  276.153727][T13698]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  276.153739][T13698]  should_failslab+0xc2/0x120
[  276.153750][T13698]  kmem_cache_alloc_noprof+0x75/0x6e0
[  276.153765][T13698]  ? skb_clone+0x190/0x3f0
[  276.153784][T13698]  ? skb_clone+0x190/0x3f0
[  276.153798][T13698]  skb_clone+0x190/0x3f0
[  276.153814][T13698]  netlink_deliver_tap+0xabd/0xd30
[  276.153834][T13698]  netlink_unicast+0x64c/0x870
[  276.153853][T13698]  ? __pfx_netlink_unicast+0x10/0x10
[  276.153874][T13698]  netlink_sendmsg+0x8c8/0xdd0
[  276.153893][T13698]  ? __pfx_netlink_sendmsg+0x10/0x10
[  276.153912][T13698]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  276.153926][T13698]  ____sys_sendmsg+0xa98/0xc70
[  276.153939][T13698]  ? __pfx_____sys_sendmsg+0x10/0x10
[  276.153951][T13698]  ? get_compat_msghdr+0x11a/0x170
[  276.153968][T13698]  ? trace_event_buffer_commit+0x204/0xac0
[  276.153988][T13698]  ___sys_sendmsg+0x134/0x1d0
[  276.154005][T13698]  ? __pfx____sys_sendmsg+0x10/0x10
[  276.154045][T13698]  ? find_held_lock+0x2b/0x80
[  276.154080][T13698]  __sys_sendmsg+0x16d/0x220
[  276.154101][T13698]  ? __pfx___sys_sendmsg+0x10/0x10
[  276.154122][T13698]  ? __pfx_bpf_trace_run2+0x10/0x10
[  276.154149][T13698]  ? syscall_trace_enter+0x1cb/0x240
[  276.154173][T13698]  ? rcu_is_watching+0x12/0xc0
[  276.154193][T13698]  __do_fast_syscall_32+0x7c/0x300
[  276.154212][T13698]  do_fast_syscall_32+0x32/0x80
[  276.154228][T13698]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  276.154241][T13698] RIP: 0023:0xf7f14579
[  276.154250][T13698] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  276.154260][T13698] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  276.154270][T13698] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  276.154277][T13698] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  276.154282][T13698] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  276.154288][T13698] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  276.154294][T13698] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  276.154308][T13698]  </TASK>
[  276.154451][T13698] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2729'.
[  276.237758][T13698] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2729'.
[  276.248756][T13659] Bluetooth: hci2: Opcode 0x0401 failed: -4
[  276.256585][T13671] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.301651][T13702] FAULT_INJECTION: forcing a failure.
[  276.301651][T13702] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.306089][T13702] CPU: 3 UID: 0 PID: 13702 Comm: syz.1.2731 Not tainted syzkaller #0 PREEMPT(full) 
[  276.306104][T13702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  276.306111][T13702] Call Trace:
[  276.306115][T13702]  <TASK>
[  276.306119][T13702]  dump_stack_lvl+0x16c/0x1f0
[  276.306138][T13702]  should_fail_ex+0x512/0x640
[  276.306157][T13702]  _copy_to_user+0x32/0xd0
[  276.306168][T13702]  __sys_bpf+0x4311/0x4980
[  276.306185][T13702]  ? __pfx___sys_bpf+0x10/0x10
[  276.306200][T13702]  ? rcu_is_watching+0x12/0xc0
[  276.306215][T13702]  ? trace_bpf_trace_printk+0x160/0x1d0
[  276.306227][T13702]  ? bpf_bprintf_cleanup+0x48/0xa0
[  276.306243][T13702]  ? bpf_trace_printk+0x126/0x190
[  276.306254][T13702]  ? __pfx_bpf_trace_printk+0x10/0x10
[  276.306270][T13702]  ? find_held_lock+0x2b/0x80
[  276.306290][T13702]  ? __might_fault+0xe3/0x190
[  276.306304][T13702]  ? __might_fault+0x13b/0x190
[  276.306317][T13702]  ? find_held_lock+0x2b/0x80
[  276.306331][T13702]  ? syscall_trace_enter+0x1cb/0x240
[  276.306346][T13702]  __ia32_sys_bpf+0x76/0xe0
[  276.306361][T13702]  __do_fast_syscall_32+0x7c/0x300
[  276.306378][T13702]  do_fast_syscall_32+0x32/0x80
[  276.306395][T13702]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  276.306408][T13702] RIP: 0023:0xf7f82579
[  276.306416][T13702] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  276.306426][T13702] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  276.306436][T13702] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000080000100
[  276.306443][T13702] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  276.306449][T13702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  276.306454][T13702] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  276.306460][T13702] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  276.306473][T13702]  </TASK>
[  276.379782][    C3] vkms_vblank_simulate: vblank timer overrun
[  276.419895][   T59] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  276.432470][   T59] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  276.441422][   T59] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  276.444655][T13712] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2734'.
[  276.448646][   T59] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  276.586232][ T6083] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  276.654290][T13731] tipc: Started in network mode
[  276.656707][T13731] tipc: Node identity 12ffd145efa3, cluster identity 4711
[  276.659550][T13731] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  276.663844][T13731] syzkaller0: entered promiscuous mode
[  276.665862][T13731] syzkaller0: entered allmulticast mode
[  276.676492][T13731] syzkaller0: mtu less than device minimum
[  276.681137][T13730] tipc: Resetting bearer <eth:syzkaller0>
[  276.694401][T13730] tipc: Disabling bearer <eth:syzkaller0>
[  276.708295][T13733] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  276.711337][T13733] syzkaller0: entered promiscuous mode
[  276.713085][T13733] syzkaller0: entered allmulticast mode
[  276.720559][T13733] tipc: Resetting bearer <eth:syzkaller0>
[  276.723031][T13732] tipc: Resetting bearer <eth:syzkaller0>
[  276.731725][ T6083] usb 9-1: device descriptor read/64, error -71
[  276.734921][T13732] tipc: Disabling bearer <eth:syzkaller0>
[  276.976724][ T6083] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  277.116296][ T6083] usb 9-1: device descriptor read/64, error -71
[  277.227282][T13741] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  277.237787][ T6083] usb usb9-port1: attempt power cycle
[  277.496721][ T5945] Bluetooth: hci2: command 0x0406 tx timeout
[  277.506639][   T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  277.576593][ T6083] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  277.608568][ T6083] usb 9-1: device descriptor read/8, error -71
[  277.656677][   T24] usb 7-1: Using ep0 maxpacket: 8
[  277.662159][   T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  277.665562][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.668724][   T24] usb 7-1: Product: syz
[  277.670284][   T24] usb 7-1: Manufacturer: syz
[  277.672039][   T24] usb 7-1: SerialNumber: syz
[  277.856905][ T6083] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  277.879408][ T6083] usb 9-1: device descriptor read/8, error -71
[  277.881728][   T24] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  277.960128][T13756] comedi comedi3: das16m1: I/O port conflict (0xcf7,16)
[  277.997287][ T6083] usb usb9-port1: unable to enumerate USB device
[  278.535718][T13763] netlink: 'syz.1.2753': attribute type 39 has an invalid length.
[  279.461005][T13770] FAULT_INJECTION: forcing a failure.
[  279.461005][T13770] name failslab, interval 1, probability 0, space 0, times 0
[  279.464827][T13770] CPU: 2 UID: 0 PID: 13770 Comm: syz.4.2756 Not tainted syzkaller #0 PREEMPT(full) 
[  279.464841][T13770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  279.464848][T13770] Call Trace:
[  279.464852][T13770]  <TASK>
[  279.464856][T13770]  dump_stack_lvl+0x16c/0x1f0
[  279.464876][T13770]  should_fail_ex+0x512/0x640
[  279.464893][T13770]  ? __kmalloc_noprof+0xca/0x880
[  279.464907][T13770]  should_failslab+0xc2/0x120
[  279.464917][T13770]  __kmalloc_noprof+0xdd/0x880
[  279.464929][T13770]  ? __pfx___mutex_trylock_common+0x10/0x10
[  279.464941][T13770]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  279.464958][T13770]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  279.464970][T13770]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  279.464983][T13770]  ? __mutex_lock+0x1c5/0x1060
[  279.465000][T13770]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  279.465018][T13770]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  279.465033][T13770]  ? rcu_is_watching+0x12/0xc0
[  279.465063][T13770]  ? bpf_lsm_capable+0x9/0x10
[  279.465077][T13770]  ? security_capable+0x7e/0x260
[  279.465100][T13770]  genl_rcv_msg+0x55c/0x800
[  279.465121][T13770]  ? __pfx_genl_rcv_msg+0x10/0x10
[  279.465138][T13770]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  279.465159][T13770]  ? __pfx_nl802154_add_llsec_dev+0x10/0x10
[  279.465177][T13770]  ? __pfx_nl802154_post_doit+0x10/0x10
[  279.465198][T13770]  ? __lock_acquire+0x622/0x1c90
[  279.465219][T13770]  netlink_rcv_skb+0x158/0x420
[  279.465233][T13770]  ? __pfx_genl_rcv_msg+0x10/0x10
[  279.465253][T13770]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  279.465277][T13770]  ? netlink_deliver_tap+0x1ae/0xd30
[  279.465306][T13770]  genl_rcv+0x28/0x40
[  279.465322][T13770]  netlink_unicast+0x5aa/0x870
[  279.465352][T13770]  ? __pfx_netlink_unicast+0x10/0x10
[  279.465389][T13770]  netlink_sendmsg+0x8c8/0xdd0
[  279.465420][T13770]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.465451][T13770]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  279.465471][T13770]  ____sys_sendmsg+0xa98/0xc70
[  279.465494][T13770]  ? __pfx_____sys_sendmsg+0x10/0x10
[  279.465510][T13770]  ? get_compat_msghdr+0x11a/0x170
[  279.465546][T13770]  ___sys_sendmsg+0x134/0x1d0
[  279.465571][T13770]  ? __pfx____sys_sendmsg+0x10/0x10
[  279.465607][T13770]  ? find_held_lock+0x2b/0x80
[  279.465645][T13770]  __sys_sendmsg+0x16d/0x220
[  279.465670][T13770]  ? __pfx___sys_sendmsg+0x10/0x10
[  279.465705][T13770]  ? rcu_is_watching+0x12/0xc0
[  279.465732][T13770]  __do_fast_syscall_32+0x7c/0x300
[  279.465761][T13770]  do_fast_syscall_32+0x32/0x80
[  279.465787][T13770]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  279.465808][T13770] RIP: 0023:0xf7f56579
[  279.465822][T13770] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  279.465840][T13770] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  279.465856][T13770] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800003c0
[  279.465867][T13770] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000
[  279.465877][T13770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  279.465888][T13770] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  279.465897][T13770] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  279.465917][T13770]  </TASK>
[  280.238971][ T1328] usb 7-1: USB disconnect, device number 5
[  280.250816][ T1328] usblp0: removed
[  280.270266][T13786] delete_channel: no stack
[  280.493071][T13794] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2766'.
[  280.534988][T13796] loop6: detected capacity change from 0 to 2560
[  280.539255][T13796] buffer_io_error: 10 callbacks suppressed
[  280.539270][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.545162][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.551141][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.554597][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.558026][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.561562][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.564975][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.568805][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.572318][T13796] ldm_validate_partition_table(): Disk read failed.
[  280.575159][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.578634][T13796] Buffer I/O error on dev loop6, logical block 0, async page read
[  280.582087][T13796] Dev loop6: unable to read RDB block 0
[  280.585666][T13796]  loop6: unable to read partition table
[  280.588421][T13796] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  280.616302][T13801] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2767'.
[  280.621804][T13801] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2767'.
[  280.777705][T13796] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[  280.780477][T13796] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  280.784061][T13796] vhci_hcd vhci_hcd.0: Device attached
[  280.794759][T13803] vhci_hcd: connection closed
[  280.795044][ T1232] vhci_hcd: stop threads
[  280.799172][ T1232] vhci_hcd: release socket
[  280.801124][ T1232] vhci_hcd: disconnect device
[  281.099060][T13815] syz.1.2771 (13815) used greatest stack depth: 19416 bytes left
[  281.375469][T13824] netlink: 1664 bytes leftover after parsing attributes in process `syz.2.2774'.
[  281.379081][T13824] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2774'.
[  281.478952][T13829] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2773'.
[  282.292539][T13850] FAULT_INJECTION: forcing a failure.
[  282.292539][T13850] name failslab, interval 1, probability 0, space 0, times 0
[  282.297192][T13850] CPU: 3 UID: 0 PID: 13850 Comm: syz.4.2783 Not tainted syzkaller #0 PREEMPT(full) 
[  282.297209][T13850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.297217][T13850] Call Trace:
[  282.297221][T13850]  <TASK>
[  282.297226][T13850]  dump_stack_lvl+0x16c/0x1f0
[  282.297247][T13850]  should_fail_ex+0x512/0x640
[  282.297265][T13850]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  282.297283][T13850]  should_failslab+0xc2/0x120
[  282.297296][T13850]  kmem_cache_alloc_node_noprof+0x78/0x770
[  282.297311][T13850]  ? __alloc_skb+0x2b2/0x380
[  282.297331][T13850]  ? __alloc_skb+0x2b2/0x380
[  282.297362][T13850]  ? __pfx_netlink_insert+0x10/0x10
[  282.297379][T13850]  __alloc_skb+0x2b2/0x380
[  282.297395][T13850]  ? __pfx___alloc_skb+0x10/0x10
[  282.297411][T13850]  ? netlink_autobind.isra.0+0x158/0x370
[  282.297447][T13850]  netlink_alloc_large_skb+0x69/0x140
[  282.297476][T13850]  netlink_sendmsg+0x698/0xdd0
[  282.297509][T13850]  ? __pfx_netlink_sendmsg+0x10/0x10
[  282.297531][T13850]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  282.297546][T13850]  ____sys_sendmsg+0xa98/0xc70
[  282.297560][T13850]  ? __pfx_____sys_sendmsg+0x10/0x10
[  282.297573][T13850]  ? get_compat_msghdr+0x11a/0x170
[  282.297596][T13850]  ___sys_sendmsg+0x134/0x1d0
[  282.297614][T13850]  ? __pfx____sys_sendmsg+0x10/0x10
[  282.297638][T13850]  ? find_held_lock+0x2b/0x80
[  282.297666][T13850]  __sys_sendmsg+0x16d/0x220
[  282.297690][T13850]  ? __pfx___sys_sendmsg+0x10/0x10
[  282.297724][T13850]  ? rcu_is_watching+0x12/0xc0
[  282.297752][T13850]  __do_fast_syscall_32+0x7c/0x300
[  282.297784][T13850]  do_fast_syscall_32+0x32/0x80
[  282.297810][T13850]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.297833][T13850] RIP: 0023:0xf7f56579
[  282.297846][T13850] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  282.297863][T13850] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  282.297881][T13850] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  282.297892][T13850] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  282.297902][T13850] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  282.297912][T13850] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  282.297922][T13850] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.297948][T13850]  </TASK>
[  282.560094][T13859] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  282.562210][T13859] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  282.566088][T13859] vhci_hcd vhci_hcd.0: Device attached
[  282.653288][   T40] kauditd_printk_skb: 23 callbacks suppressed
[  282.653306][   T40] audit: type=1800 audit(1760485478.523:887): pid=13859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2782" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  282.734268][   T46]  (unregistering): Released all slaves
[  282.758730][T13846] syz_tun: entered allmulticast mode
[  282.763330][T13842] syz_tun: left allmulticast mode
[  282.788620][T13864] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  282.864065][T13864] syzkaller0: entered promiscuous mode
[  282.866131][T13864] syzkaller0: entered allmulticast mode
[  282.930727][   T29] usb 40-1: SetAddress Request (10) to port 0
[  282.932864][   T29] usb 40-1: new SuperSpeed USB device number 10 using vhci_hcd
[  283.265749][T13860] vhci_hcd: connection reset by peer
[  283.268300][ T1175] vhci_hcd: stop threads
[  283.270005][ T1175] vhci_hcd: release socket
[  283.290394][ T1175] vhci_hcd: disconnect device
[  283.388748][   T46] hsr_slave_0: left promiscuous mode
[  283.391260][   T46] hsr_slave_1: left promiscuous mode
[  283.440559][T13876] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2788'.
[  283.913498][   T61] tipc: Node number set to 2272136662
[  284.017846][T13883] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2790'.
[  285.081689][T13863] tipc: Resetting bearer <eth:syzkaller0>
[  285.323188][T13892] Process accounting paused
[  286.558983][T13863] tipc: Disabling bearer <eth:syzkaller0>
[  286.573361][T13903] syz_tun: entered allmulticast mode
[  286.575908][T13903] syz_tun: left allmulticast mode
[  286.938582][T13919] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input13
[  287.126572][   T46] IPVS: stop unused estimator thread 0...
[  287.283488][   T60] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  287.461498][   T60] usb 6-1: config 0 has no interfaces?
[  287.467430][   T60] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  287.471281][   T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.479859][   T60] usb 6-1: Product: syz
[  287.481206][   T60] usb 6-1: Manufacturer: syz
[  287.485155][   T60] usb 6-1: SerialNumber: syz
[  287.494687][   T60] usb 6-1: config 0 descriptor??
[  287.897829][T13936] input: syz1 as /devices/virtual/input/input14
[  287.993602][   T29] usb 40-1: device descriptor read/8, error -110
[  288.404325][   T29] usb usb40-port1: attempt power cycle
[  288.646417][T13947] netlink: 'syz.5.2805': attribute type 11 has an invalid length.
[  288.662616][T13949] syz_tun: entered allmulticast mode
[  288.672334][T13948] syz_tun: left allmulticast mode
[  288.867567][T13962] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  288.973964][ T6021] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  288.996397][   T29] usb usb40-port1: unable to enumerate USB device
[  289.077467][T13968] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  289.080677][T13968] block device autoloading is deprecated and will be removed.
[  289.136213][ T6021] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  289.140783][ T6021] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  289.145294][ T6021] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  289.149070][ T6021] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  289.153960][ T6021] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  289.157802][ T6021] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.162063][ T6021] usb 9-1: config 0 descriptor??
[  289.439836][   T40] audit: type=1326 audit(1760485485.308:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.448677][   T40] audit: type=1326 audit(1760485485.308:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.474999][   T40] audit: type=1326 audit(1760485485.308:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.484000][   T40] audit: type=1326 audit(1760485485.318:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.494118][   T40] audit: type=1326 audit(1760485485.318:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.500443][T13989] FAULT_INJECTION: forcing a failure.
[  289.500443][T13989] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.506366][T13989] CPU: 1 UID: 0 PID: 13989 Comm: syz.2.2822 Not tainted syzkaller #0 PREEMPT(full) 
[  289.506390][T13989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.506401][T13989] Call Trace:
[  289.506407][T13989]  <TASK>
[  289.506414][T13989]  dump_stack_lvl+0x16c/0x1f0
[  289.506467][T13989]  should_fail_ex+0x512/0x640
[  289.506502][T13989]  _copy_from_user+0x2e/0xd0
[  289.506520][T13989]  get_compat_msghdr+0xa7/0x170
[  289.506552][T13989]  ? __pfx_get_compat_msghdr+0x10/0x10
[  289.506585][T13989]  ___sys_sendmsg+0x1ae/0x1d0
[  289.506612][T13989]  ? __pfx____sys_sendmsg+0x10/0x10
[  289.506649][T13989]  ? find_held_lock+0x2b/0x80
[  289.506687][T13989]  __sys_sendmsg+0x16d/0x220
[  289.506698][   T40] audit: type=1326 audit(1760485485.318:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.506713][T13989]  ? __pfx___sys_sendmsg+0x10/0x10
[  289.506748][T13989]  ? rcu_is_watching+0x12/0xc0
[  289.506775][T13989]  __do_fast_syscall_32+0x7c/0x300
[  289.506805][T13989]  do_fast_syscall_32+0x32/0x80
[  289.506830][T13989]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  289.506853][T13989] RIP: 0023:0xf7f14579
[  289.506866][T13989] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  289.506883][T13989] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  289.506900][T13989] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000180
[  289.506911][T13989] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  289.506921][T13989] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  289.506930][T13989] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  289.506941][T13989] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  289.506965][T13989]  </TASK>
[  289.568782][   T40] audit: type=1326 audit(1760485485.318:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.575495][   T40] audit: type=1326 audit(1760485485.318:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.582019][   T40] audit: type=1326 audit(1760485485.318:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.590992][   T40] audit: type=1326 audit(1760485485.318:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.5.2821" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000
[  289.673920][ T6021] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  289.777576][   T60] usb 6-1: USB disconnect, device number 9
[  289.873386][T14010] FAULT_INJECTION: forcing a failure.
[  289.873386][T14010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.883936][T14010] CPU: 3 UID: 0 PID: 14010 Comm: syz.2.2830 Not tainted syzkaller #0 PREEMPT(full) 
[  289.883978][T14010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.883985][T14010] Call Trace:
[  289.883990][T14010]  <TASK>
[  289.883994][T14010]  dump_stack_lvl+0x16c/0x1f0
[  289.884014][T14010]  should_fail_ex+0x512/0x640
[  289.884033][T14010]  _copy_from_user+0x2e/0xd0
[  289.884044][T14010]  do_handle_open+0xee/0xc90
[  289.884058][T14010]  ? __fget_files+0x20e/0x3c0
[  289.884073][T14010]  ? __pfx_do_handle_open+0x10/0x10
[  289.884089][T14010]  ? ksys_write+0x1ac/0x250
[  289.884103][T14010]  ? __pfx_ksys_write+0x10/0x10
[  289.884121][T14010]  ? __do_fast_syscall_32+0x7c/0x300
[  289.884138][T14010]  __do_fast_syscall_32+0x7c/0x300
[  289.884155][T14010]  do_fast_syscall_32+0x32/0x80
[  289.884171][T14010]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  289.884185][T14010] RIP: 0023:0xf7f14579
[  289.884194][T14010] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  289.884204][T14010] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000156
[  289.884215][T14010] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000100
[  289.884221][T14010] RDX: 0000000000408100 RSI: 0000000000000000 RDI: 0000000000000000
[  289.884227][T14010] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  289.884233][T14010] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  289.884239][T14010] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  289.884251][T14010]  </TASK>
[  289.959982][T13959] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  290.038645][ T6021] usb 9-1: USB disconnect, device number 13
[  290.289690][T14022] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2831'.
[  290.293504][T14024] "syz.1.2831" (14024) uses obsolete ecb(arc4) skcipher
[  290.855383][T14041] syzkaller0: entered promiscuous mode
[  290.857646][T14041] syzkaller0: entered allmulticast mode
[  291.197622][T14058] syzkaller0: entered promiscuous mode
[  291.200059][T14058] syzkaller0: entered allmulticast mode
[  291.802483][T14067] FAULT_INJECTION: forcing a failure.
[  291.802483][T14067] name failslab, interval 1, probability 0, space 0, times 0
[  291.807704][T14067] CPU: 3 UID: 0 PID: 14067 Comm: syz.4.2847 Not tainted syzkaller #0 PREEMPT(full) 
[  291.807720][T14067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  291.807726][T14067] Call Trace:
[  291.807730][T14067]  <TASK>
[  291.807734][T14067]  dump_stack_lvl+0x16c/0x1f0
[  291.807754][T14067]  should_fail_ex+0x512/0x640
[  291.807770][T14067]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  291.807787][T14067]  should_failslab+0xc2/0x120
[  291.807797][T14067]  kmem_cache_alloc_node_noprof+0x78/0x770
[  291.807811][T14067]  ? __alloc_skb+0x2b2/0x380
[  291.807829][T14067]  ? __alloc_skb+0x2b2/0x380
[  291.807842][T14067]  __alloc_skb+0x2b2/0x380
[  291.807856][T14067]  ? __pfx___alloc_skb+0x10/0x10
[  291.807869][T14067]  ? __pfx_rtnl_bridge_setlink+0x10/0x10
[  291.807890][T14067]  netlink_ack+0x15d/0xb80
[  291.807907][T14067]  ? __lock_acquire+0x622/0x1c90
[  291.807921][T14067]  netlink_rcv_skb+0x332/0x420
[  291.807930][T14067]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  291.807948][T14067]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  291.807962][T14067]  ? netlink_deliver_tap+0x1ae/0xd30
[  291.807993][T14067]  netlink_unicast+0x5aa/0x870
[  291.808013][T14067]  ? __pfx_netlink_unicast+0x10/0x10
[  291.808034][T14067]  netlink_sendmsg+0x8c8/0xdd0
[  291.808053][T14067]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.808071][T14067]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  291.808084][T14067]  ____sys_sendmsg+0xa98/0xc70
[  291.808098][T14067]  ? __pfx_____sys_sendmsg+0x10/0x10
[  291.808109][T14067]  ? get_compat_msghdr+0x11a/0x170
[  291.808130][T14067]  ___sys_sendmsg+0x134/0x1d0
[  291.808151][T14067]  ? __pfx____sys_sendmsg+0x10/0x10
[  291.808176][T14067]  ? find_held_lock+0x2b/0x80
[  291.808198][T14067]  __sys_sendmsg+0x16d/0x220
[  291.808214][T14067]  ? __pfx___sys_sendmsg+0x10/0x10
[  291.808236][T14067]  ? rcu_is_watching+0x12/0xc0
[  291.808259][T14067]  __do_fast_syscall_32+0x7c/0x300
[  291.808284][T14067]  do_fast_syscall_32+0x32/0x80
[  291.808310][T14067]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  291.808340][T14067] RIP: 0023:0xf7f56579
[  291.808355][T14067] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  291.808370][T14067] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  291.808380][T14067] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  291.808387][T14067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  291.808393][T14067] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  291.808399][T14067] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  291.808405][T14067] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  291.808418][T14067]  </TASK>
[  292.908552][T14102] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  292.910645][T14102] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  292.913302][T14102] vhci_hcd vhci_hcd.0: Device attached
[  292.915104][T14099] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  292.917200][T14099] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  292.919813][T14099] vhci_hcd vhci_hcd.0: Device attached
[  293.030024][T14103] vhci_hcd: connection closed
[  293.030350][ T1232] vhci_hcd: stop threads
[  293.034334][ T1232] vhci_hcd: release socket
[  293.036264][ T1232] vhci_hcd: disconnect device
[  293.197545][   T29] usb 46-1: SetAddress Request (14) to port 0
[  293.200098][   T29] usb 46-1: new SuperSpeed USB device number 14 using vhci_hcd
[  293.290275][T14105] vhci_hcd: connection reset by peer
[  293.292327][ T1175] vhci_hcd: stop threads
[  293.293751][ T1175] vhci_hcd: release socket
[  293.295466][ T1175] vhci_hcd: disconnect device
[  293.621149][T14125] netlink: 'syz.5.2868': attribute type 30 has an invalid length.
[  293.634562][T14125] bond3: option arp_missed_max: invalid value (0)
[  293.636723][T14125] bond3: option arp_missed_max: allowed values 1 - 255
[  293.640563][T14125] bond3 (unregistering): Released all slaves
[  293.654338][T14128] syzkaller1: entered promiscuous mode
[  293.656085][T14128] syzkaller1: entered allmulticast mode
[  294.352040][T14157] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  294.354218][T14157] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  294.357661][T14157] vhci_hcd vhci_hcd.0: Device attached
[  294.417604][   T60] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  294.569301][   T60] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  294.573443][   T60] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  294.576613][   T60] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  294.579682][   T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.584808][T14155] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  294.590190][   T60] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  294.667773][ T6083] usb 48-1: SetAddress Request (10) to port 0
[  294.670387][ T6083] usb 48-1: new SuperSpeed USB device number 10 using vhci_hcd
[  294.824020][   T34] usb 6-1: USB disconnect, device number 10
[  294.933625][T14169] mkiss: ax0: crc mode is auto.
[  294.967617][T14158] vhci_hcd: connection reset by peer
[  294.969941][ T1232] vhci_hcd: stop threads
[  294.971586][ T1232] vhci_hcd: release socket
[  294.973396][ T1232] vhci_hcd: disconnect device
[  295.058603][T14172] syz_tun: entered allmulticast mode
[  295.062249][T14171] syz_tun: left allmulticast mode
[  295.192398][T14178] FAULT_INJECTION: forcing a failure.
[  295.192398][T14178] name failslab, interval 1, probability 0, space 0, times 0
[  295.196367][T14178] CPU: 0 UID: 0 PID: 14178 Comm: syz.4.2887 Not tainted syzkaller #0 PREEMPT(full) 
[  295.196382][T14178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  295.196389][T14178] Call Trace:
[  295.196393][T14178]  <TASK>
[  295.196397][T14178]  dump_stack_lvl+0x16c/0x1f0
[  295.196433][T14178]  should_fail_ex+0x512/0x640
[  295.196455][T14178]  ? fs_reclaim_acquire+0xae/0x150
[  295.196467][T14178]  should_failslab+0xc2/0x120
[  295.196478][T14178]  __kmalloc_noprof+0xdd/0x880
[  295.196491][T14178]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  295.196510][T14178]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  295.196523][T14178]  tomoyo_realpath_from_path+0xc2/0x6e0
[  295.196540][T14178]  ? tomoyo_profile+0x47/0x60
[  295.196557][T14178]  tomoyo_path_number_perm+0x245/0x580
[  295.196569][T14178]  ? tomoyo_path_number_perm+0x237/0x580
[  295.196582][T14178]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  295.196607][T14178]  ? find_held_lock+0x2b/0x80
[  295.196622][T14178]  ? hook_file_ioctl_common+0x145/0x410
[  295.196638][T14178]  ? __fget_files+0x20e/0x3c0
[  295.196655][T14178]  security_file_ioctl_compat+0x9b/0x240
[  295.196670][T14178]  __ia32_compat_sys_ioctl+0xc3/0x370
[  295.196684][T14178]  __do_fast_syscall_32+0x7c/0x300
[  295.196702][T14178]  do_fast_syscall_32+0x32/0x80
[  295.196718][T14178]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  295.196732][T14178] RIP: 0023:0xf7f56579
[  295.196741][T14178] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  295.196751][T14178] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  295.196762][T14178] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005392
[  295.196768][T14178] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  295.196774][T14178] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  295.196780][T14178] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  295.196786][T14178] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  295.196799][T14178]  </TASK>
[  295.196804][T14178] ERROR: Out of memory at tomoyo_realpath_from_path.
[  295.508143][   T34] usb 7-1: new full-speed USB device number 6 using dummy_hcd
[  295.593952][T14193] syz_tun: entered allmulticast mode
[  295.597562][T14192] syz_tun: left allmulticast mode
[  295.690126][   T34] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  295.694188][   T34] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  295.700024][   T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  295.703847][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.923074][   T34] usb 7-1: usb_control_msg returned -32
[  295.925230][   T34] usbtmc 7-1:16.0: can't read capabilities
[  296.080871][T14202] netlink: 'syz.1.2896': attribute type 13 has an invalid length.
[  296.339017][T14202] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  296.737520][T14217] syz.4.2899 (14217): drop_caches: 1
[  296.828131][T14217] syz.4.2899 (14217): drop_caches: 1
[  297.060899][T14226] syz.4.2901 (14226): drop_caches: 1
[  297.269643][T14219] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  297.271746][T14219] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  297.275150][T14219] vhci_hcd vhci_hcd.0: Device attached
[  297.423835][T14231] vhci_hcd: connection closed
[  297.424241][  T103] vhci_hcd: stop threads
[  297.427932][  T103] vhci_hcd: release socket
[  297.431518][  T103] vhci_hcd: disconnect device
[  298.280106][   T34] usb 7-1: USB disconnect, device number 6
[  298.310209][   T29] usb 46-1: device descriptor read/8, error -110
[  298.550116][ T6021] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  298.660342][T14255] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2911'.
[  298.663718][T14255] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2911'.
[  298.700796][   T29] usb usb46-port1: attempt power cycle
[  298.712384][ T6021] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  298.716577][ T6021] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  298.720521][ T6021] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  298.724115][ T6021] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.730357][T14247] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  298.736336][ T6021] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  298.811074][T14261] FAULT_INJECTION: forcing a failure.
[  298.811074][T14261] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.815716][T14261] CPU: 0 UID: 0 PID: 14261 Comm: syz.2.2913 Not tainted syzkaller #0 PREEMPT(full) 
[  298.815730][T14261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  298.815737][T14261] Call Trace:
[  298.815741][T14261]  <TASK>
[  298.815745][T14261]  dump_stack_lvl+0x16c/0x1f0
[  298.815765][T14261]  should_fail_ex+0x512/0x640
[  298.815784][T14261]  _copy_to_iter+0x463/0x1710
[  298.815797][T14261]  ? __import_iovec+0x88/0x650
[  298.815807][T14261]  ? __pfx__copy_to_iter+0x10/0x10
[  298.815819][T14261]  ? __skb_recv_datagram+0x1b2/0x220
[  298.815842][T14261]  ? __pfx___skb_recv_datagram+0x10/0x10
[  298.815857][T14261]  simple_copy_to_iter+0x46/0x90
[  298.815870][T14261]  __skb_datagram_iter+0x129/0x900
[  298.815882][T14261]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  298.815896][T14261]  ? skb_recv_datagram+0x88/0xc0
[  298.815911][T14261]  skb_copy_datagram_iter+0x40/0x50
[  298.815925][T14261]  netlink_recvmsg+0x27e/0xa90
[  298.815943][T14261]  ? __pfx_netlink_recvmsg+0x10/0x10
[  298.815961][T14261]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  298.815976][T14261]  sock_recvmsg+0x1f9/0x250
[  298.815989][T14261]  ____sys_recvmsg+0x218/0x6b0
[  298.816003][T14261]  ? __pfx_____sys_recvmsg+0x10/0x10
[  298.816013][T14261]  ? import_iovec+0x86/0xb0
[  298.816027][T14261]  ? __lock_acquire+0x622/0x1c90
[  298.816041][T14261]  ___sys_recvmsg+0x114/0x1a0
[  298.816057][T14261]  ? __pfx____sys_recvmsg+0x10/0x10
[  298.816074][T14261]  ? find_held_lock+0x2b/0x80
[  298.816096][T14261]  do_recvmmsg+0x55d/0x750
[  298.816114][T14261]  ? __pfx_do_recvmmsg+0x10/0x10
[  298.816128][T14261]  ? find_held_lock+0x2b/0x80
[  298.816141][T14261]  ? __might_fault+0xe3/0x190
[  298.816155][T14261]  ? __might_fault+0x13b/0x190
[  298.816175][T14261]  ? __pfx_get_old_timespec32+0x10/0x10
[  298.816187][T14261]  ? __fget_files+0x20e/0x3c0
[  298.816200][T14261]  ? handle_mm_fault+0x1f0/0xd10
[  298.816214][T14261]  __sys_recvmmsg+0x110/0x280
[  298.816231][T14261]  ? __pfx___sys_recvmmsg+0x10/0x10
[  298.816247][T14261]  ? __pfx_ksys_write+0x10/0x10
[  298.816265][T14261]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  298.816281][T14261]  ? lockdep_hardirqs_on+0x7c/0x110
[  298.816297][T14261]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  298.816313][T14261]  __do_fast_syscall_32+0x7c/0x300
[  298.816331][T14261]  do_fast_syscall_32+0x32/0x80
[  298.816347][T14261]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  298.816361][T14261] RIP: 0023:0xf7f14579
[  298.816369][T14261] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  298.816380][T14261] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  298.816390][T14261] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800037c0
[  298.816397][T14261] RDX: 00000000000003b4 RSI: 0000000000002000 RDI: 0000000080003700
[  298.816403][T14261] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  298.816409][T14261] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  298.816415][T14261] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  298.816427][T14261]  </TASK>
[  298.949888][   T24] usb 6-1: USB disconnect, device number 11
[  299.013719][T14267] FAULT_INJECTION: forcing a failure.
[  299.013719][T14267] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.017757][T14267] CPU: 1 UID: 0 PID: 14267 Comm: syz.2.2916 Not tainted syzkaller #0 PREEMPT(full) 
[  299.017771][T14267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  299.017777][T14267] Call Trace:
[  299.017782][T14267]  <TASK>
[  299.017786][T14267]  dump_stack_lvl+0x16c/0x1f0
[  299.017805][T14267]  should_fail_ex+0x512/0x640
[  299.017842][T14267]  _copy_from_user+0x2e/0xd0
[  299.017853][T14267]  kvm_vm_ioctl_set_pmu_event_filter+0x256/0xb60
[  299.017870][T14267]  ? __pfx_kvm_vm_ioctl_set_pmu_event_filter+0x10/0x10
[  299.017886][T14267]  ? find_held_lock+0x2b/0x80
[  299.017901][T14267]  ? is_bpf_text_address+0x8a/0x1a0
[  299.017915][T14267]  kvm_arch_vm_ioctl+0xcc7/0x18b0
[  299.017932][T14267]  ? is_bpf_text_address+0x94/0x1a0
[  299.017943][T14267]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  299.017959][T14267]  ? __kernel_text_address+0xd/0x40
[  299.017972][T14267]  ? unwind_get_return_address+0x59/0xa0
[  299.017987][T14267]  ? arch_stack_walk+0xa6/0x100
[  299.018005][T14267]  ? __lock_acquire+0x622/0x1c90
[  299.018016][T14267]  ? __pfx_stack_trace_save+0x10/0x10
[  299.018032][T14267]  ? look_up_lock_class+0x59/0x150
[  299.018049][T14267]  ? __lock_acquire+0x622/0x1c90
[  299.018061][T14267]  ? __lock_acquire+0x622/0x1c90
[  299.018073][T14267]  ? __lock_acquire+0x622/0x1c90
[  299.018090][T14267]  ? __lock_acquire+0x622/0x1c90
[  299.018106][T14267]  ? find_held_lock+0x2b/0x80
[  299.018120][T14267]  ? is_bpf_text_address+0x8a/0x1a0
[  299.018131][T14267]  ? bpf_ksym_find+0x124/0x1c0
[  299.018146][T14267]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  299.018162][T14267]  ? is_bpf_text_address+0x94/0x1a0
[  299.018173][T14267]  ? kernel_text_address+0x8d/0x100
[  299.018184][T14267]  ? widen_string+0xdc/0x2d0
[  299.018195][T14267]  ? __kernel_text_address+0xd/0x40
[  299.018207][T14267]  ? unwind_get_return_address+0x59/0xa0
[  299.018221][T14267]  ? arch_stack_walk+0xa6/0x100
[  299.018237][T14267]  kvm_vm_ioctl+0x1a91/0x3fd0
[  299.018257][T14267]  ? stack_trace_save+0x8e/0xc0
[  299.018272][T14267]  ? __pfx_stack_trace_save+0x10/0x10
[  299.018288][T14267]  ? stack_depot_save_flags+0x29/0x9c0
[  299.018305][T14267]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  299.018320][T14267]  ? kasan_save_stack+0x42/0x60
[  299.018335][T14267]  ? kasan_save_stack+0x33/0x60
[  299.018349][T14267]  ? kasan_save_track+0x14/0x30
[  299.018363][T14267]  ? __kasan_save_free_info+0x3b/0x60
[  299.018375][T14267]  ? __kasan_slab_free+0x5f/0x80
[  299.018390][T14267]  ? kfree+0x2b8/0x6d0
[  299.018401][T14267]  ? tomoyo_path_number_perm+0x470/0x580
[  299.018413][T14267]  ? security_file_ioctl_compat+0x9b/0x240
[  299.018426][T14267]  ? __ia32_compat_sys_ioctl+0xc3/0x370
[  299.018437][T14267]  ? __do_fast_syscall_32+0x7c/0x300
[  299.018453][T14267]  ? do_fast_syscall_32+0x32/0x80
[  299.018468][T14267]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  299.018481][T14267]  ? kvm_arch_vm_compat_ioctl+0x2d0/0x470
[  299.018498][T14267]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[  299.018525][T14267]  ? kasan_quarantine_put+0x10a/0x240
[  299.018539][T14267]  ? lockdep_hardirqs_on+0x7c/0x110
[  299.018555][T14267]  ? find_held_lock+0x2b/0x80
[  299.018570][T14267]  ? tomoyo_path_number_perm+0x295/0x580
[  299.018584][T14267]  ? tomoyo_path_number_perm+0x18d/0x580
[  299.018596][T14267]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  299.018613][T14267]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  299.018628][T14267]  ? do_vfs_ioctl+0x128/0x14f0
[  299.018639][T14267]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  299.018651][T14267]  kvm_vm_compat_ioctl+0x393/0x3f0
[  299.018666][T14267]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[  299.018682][T14267]  ? find_held_lock+0x2b/0x80
[  299.018695][T14267]  ? hook_file_ioctl_common+0x145/0x410
[  299.018711][T14267]  ? __fget_files+0x20e/0x3c0
[  299.018727][T14267]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[  299.018743][T14267]  __ia32_compat_sys_ioctl+0x242/0x370
[  299.018756][T14267]  __do_fast_syscall_32+0x7c/0x300
[  299.018773][T14267]  do_fast_syscall_32+0x32/0x80
[  299.018790][T14267]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  299.018802][T14267] RIP: 0023:0xf7f14579
[  299.018810][T14267] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  299.018820][T14267] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  299.018830][T14267] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020aeb2
[  299.018836][T14267] RDX: 0000000080000300 RSI: 0000000000000000 RDI: 0000000000000000
[  299.018842][T14267] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  299.018848][T14267] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  299.018853][T14267] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  299.018866][T14267]  </TASK>
[  299.404104][   T29] usb usb46-port1: unable to enumerate USB device
[  299.462683][T14277] netlink: 'syz.2.2920': attribute type 3 has an invalid length.
[  299.613414][T14285] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2924'.
[  299.658954][T14287] syz_tun: entered allmulticast mode
[  299.662634][T14286] syz_tun: left allmulticast mode
[  299.698434][T14289] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  299.729223][T14289] syzkaller0: entered promiscuous mode
[  299.731709][T14289] syzkaller0: entered allmulticast mode
[  299.750884][ T6083] usb 48-1: device descriptor read/8, error -110
[  300.226133][ T6083] usb usb48-port1: attempt power cycle
[  300.266776][T14300] netlink: 'syz.4.2929': attribute type 3 has an invalid length.
[  300.561300][   T61] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  300.566676][T14288] tipc: Resetting bearer <eth:syzkaller0>
[  300.703832][   T29] tipc: Node number set to 4250718533
[  300.731464][   T61] usb 9-1: Using ep0 maxpacket: 32
[  300.735431][   T61] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  300.738878][   T61] usb 9-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  300.743665][   T61] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  300.749306][   T61] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  300.753460][   T61] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.756753][   T61] usb 9-1: Product: syz
[  300.758390][   T61] usb 9-1: Manufacturer: syz
[  300.760266][   T61] usb 9-1: SerialNumber: syz
[  300.802009][ T6083] usb usb48-port1: unable to enumerate USB device
[  300.863742][   T40] kauditd_printk_skb: 297 callbacks suppressed
[  300.863759][   T40] audit: type=1326 audit(1760485496.721:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14306 comm="syz.2.2931" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f14579 code=0x0
[  300.979229][   T61] usb 9-1: 0:2 : does not exist
[  301.002217][   T61] usb 9-1: USB disconnect, device number 14
[  301.902766][T14288] tipc: Disabling bearer <eth:syzkaller0>
[  301.907585][T14323] syz_tun: entered allmulticast mode
[  301.910502][T14320] syz_tun: left allmulticast mode
[  302.222419][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  302.225874][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  302.252904][   T29] ------------[ cut here ]------------
[  302.255681][   T29] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
[  302.260358][   T29] WARNING: CPU: 1 PID: 29 at net/mac80211/rate.c:401 __rate_control_send_low+0x667/0x780
[  302.264520][   T29] Modules linked in:
[  302.266612][   T29] CPU: 1 UID: 0 PID: 29 Comm: kworker/1:0 Not tainted syzkaller #0 PREEMPT(full) 
[  302.272196][   T29] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  302.276821][   T29] Workqueue: mld mld_ifc_work
[  302.278911][   T29] RIP: 0010:__rate_control_send_low+0x667/0x780
[  302.281535][   T29] Code: a4 a0 d4 00 00 00 e8 88 e4 e3 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 e0 51 e4 8c e8 ca 68 a2 f6 90 <0f> 0b 90 90 e9 20 fd ff ff 48 8b 3c 24 e8 e7 75 4b f7 e9 f5 fc ff
[  302.289450][   T29] RSP: 0018:ffffc90000576a50 EFLAGS: 00010286
[  302.292006][   T29] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817b2e58
[  302.295322][   T29] RDX: ffff88801bfd8000 RSI: ffffffff817b2e65 RDI: 0000000000000001
[  302.298582][   T29] RBP: ffff88804bc717e8 R08: 0000000000000001 R09: 0000000000000000
[  302.301818][   T29] R10: 0000000000000000 R11: 0000000000000001 R12: 00000000ffffffff
[  302.305058][   T29] R13: 0000000000000000 R14: 000000000000000c R15: ffff88804bc717f0
[  302.308295][   T29] FS:  0000000000000000(0000) GS:ffff8880978e1000(0000) knlGS:0000000000000000
[  302.312106][   T29] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  302.314995][   T29] CR2: 0000000000000000 CR3: 0000000046f52000 CR4: 0000000000352ef0
[  302.318323][   T29] Call Trace:
[  302.319714][   T29]  <TASK>
[  302.320951][   T29]  rate_control_send_low+0x52a/0x810
[  302.323295][   T29]  rate_control_get_rate+0x1be/0x5e0
[  302.325470][   T29]  ieee80211_tx_h_rate_ctrl+0xa35/0x1ae0
[  302.327798][   T29]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  302.330311][   T29]  invoke_tx_handlers_late+0x1172/0x27d0
[  302.332711][   T29]  ? find_held_lock+0x2b/0x80
[  302.334710][   T29]  ? ieee80211_tx_h_select_key+0x2c9/0x1bc0
[  302.337145][   T29]  ieee80211_tx_dequeue+0x3086/0x43f0
[  302.339405][   T29]  ? __lock_acquire+0xb8a/0x1c90
[  302.341452][   T29]  ? __pfx_ieee80211_tx_dequeue+0x10/0x10
[  302.343912][   T29]  ? do_raw_spin_lock+0x12c/0x2b0
[  302.345982][   T29]  ? ieee80211_next_txq+0xda/0xa50
[  302.348139][   T29]  ieee80211_handle_wake_tx_queue+0x19c/0x260
[  302.350664][   T29]  ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10
[  302.353450][   T29]  ? __pfx___ieee80211_schedule_txq+0x10/0x10
[  302.356078][   T29]  ? mark_held_locks+0x49/0x80
[  302.358112][   T29]  ? __local_bh_enable_ip+0xa4/0x120
[  302.360316][   T29]  ieee80211_queue_skb+0x12b2/0x1fe0
[  302.362643][   T29]  ieee80211_tx+0x2e4/0x460
[  302.364659][   T29]  ? __pfx_ieee80211_tx+0x10/0x10
[  302.366881][   T29]  ? ieee80211_skb_resize+0x22a/0x630
[  302.369178][   T29]  ? ieee80211_set_qos_hdr+0xba/0x3f0
[  302.371395][   T29]  ieee80211_xmit+0x30f/0x3e0
[  302.373378][   T29]  __ieee80211_subif_start_xmit+0x880/0x1390
[  302.375853][   T29]  ? neigh_resolve_output+0x53a/0x940
[  302.378034][   T29]  ? __pfx___ieee80211_subif_start_xmit+0x10/0x10
[  302.380525][   T29]  ? mld_sendpack+0xac1/0x1350
[  302.382573][   T29]  ? skb_network_protocol+0x126/0x6d0
[  302.384781][   T29]  ieee80211_subif_start_xmit+0x11b/0x1970
[  302.387158][   T29]  ? __pfx_ieee80211_subif_start_xmit+0x10/0x10
[  302.389679][   T29]  ? dev_hard_start_xmit+0x97/0x740
[  302.391813][   T29]  dev_hard_start_xmit+0x97/0x740
[  302.394028][   T29]  __dev_queue_xmit+0xa46/0x4490
[  302.396150][   T29]  ? __lock_acquire+0x622/0x1c90
[  302.398229][   T29]  ? __pfx___dev_queue_xmit+0x10/0x10
[  302.400386][   T29]  ? look_up_lock_class+0x6b/0x150
[  302.402602][   T29]  ? __lock_acquire+0xb8a/0x1c90
[  302.404662][   T29]  ? __asan_memcpy+0x3c/0x60
[  302.406625][   T29]  ? eth_header+0x11c/0x1f0
[  302.408489][   T29]  neigh_resolve_output+0x53a/0x940
[  302.410648][   T29]  ip6_finish_output2+0xad1/0x1cf0
[  302.412862][   T29]  ? ip6_dst_mtu_maybe_forward.constprop.0+0x1be/0x530
[  302.415668][   T29]  __ip6_finish_output+0x3cd/0x1010
[  302.417817][   T29]  ip6_output+0x253/0x710
[  302.419571][   T29]  mld_sendpack+0xac1/0x1350
[  302.421492][   T29]  ? __pfx_mld_sendpack+0x10/0x10
[  302.423694][   T29]  mld_ifc_work+0x740/0xbf0
[  302.425609][   T29]  process_one_work+0x9cf/0x1b70
[  302.427845][   T29]  ? __pfx_process_one_work+0x10/0x10
[  302.430166][   T29]  ? assign_work+0x1a0/0x250
[  302.432161][   T29]  worker_thread+0x6c8/0xf10
[  302.434155][   T29]  ? __pfx_worker_thread+0x10/0x10
[  302.436249][   T29]  kthread+0x3c5/0x780
[  302.438001][   T29]  ? __pfx_kthread+0x10/0x10
[  302.439911][   T29]  ? rcu_is_watching+0x12/0xc0
[  302.441915][   T29]  ? __pfx_kthread+0x10/0x10
[  302.443948][   T29]  ret_from_fork+0x675/0x7d0
[  302.445939][   T29]  ? __pfx_kthread+0x10/0x10
[  302.447973][   T29]  ret_from_fork_asm+0x1a/0x30
[  302.450104][   T29]  </TASK>
[  302.451469][   T29] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  302.454580][   T29] CPU: 1 UID: 0 PID: 29 Comm: kworker/1:0 Not tainted syzkaller #0 PREEMPT(full) 
[  302.458397][   T29] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  302.462696][   T29] Workqueue: mld mld_ifc_work
[  302.464651][   T29] Call Trace:
[  302.466043][   T29]  <TASK>
[  302.467265][   T29]  dump_stack_lvl+0x3d/0x1f0
[  302.469156][   T29]  vpanic+0x640/0x6f0
[  302.470835][   T29]  ? __rate_control_send_low+0x667/0x780
[  302.473176][   T29]  panic+0xca/0xd0
[  302.474876][   T29]  ? __pfx_panic+0x10/0x10
[  302.476853][   T29]  ? check_panic_on_warn+0x1f/0xb0
[  302.479061][   T29]  check_panic_on_warn+0xab/0xb0
[  302.481226][   T29]  __warn+0xf6/0x3c0
[  302.482911][   T29]  ? __pfx_vprintk_emit+0x10/0x10
[  302.485036][   T29]  ? __rate_control_send_low+0x667/0x780
[  302.487479][   T29]  report_bug+0x3c3/0x580
[  302.489350][   T29]  ? __rate_control_send_low+0x667/0x780
[  302.491790][   T29]  handle_bug+0x184/0x210
[  302.493611][   T29]  exc_invalid_op+0x17/0x50
[  302.495565][   T29]  asm_exc_invalid_op+0x1a/0x20
[  302.497656][   T29] RIP: 0010:__rate_control_send_low+0x667/0x780
[  302.500333][   T29] Code: a4 a0 d4 00 00 00 e8 88 e4 e3 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 e0 51 e4 8c e8 ca 68 a2 f6 90 <0f> 0b 90 90 e9 20 fd ff ff 48 8b 3c 24 e8 e7 75 4b f7 e9 f5 fc ff
[  302.508527][   T29] RSP: 0018:ffffc90000576a50 EFLAGS: 00010286
[  302.511165][   T29] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817b2e58
[  302.514450][   T29] RDX: ffff88801bfd8000 RSI: ffffffff817b2e65 RDI: 0000000000000001
[  302.517764][   T29] RBP: ffff88804bc717e8 R08: 0000000000000001 R09: 0000000000000000
[  302.521016][   T29] R10: 0000000000000000 R11: 0000000000000001 R12: 00000000ffffffff
[  302.524351][   T29] R13: 0000000000000000 R14: 000000000000000c R15: ffff88804bc717f0
[  302.527623][   T29]  ? __warn_printk+0x198/0x350
[  302.529683][   T29]  ? __warn_printk+0x1a5/0x350
[  302.531773][   T29]  rate_control_send_low+0x52a/0x810
[  302.534065][   T29]  rate_control_get_rate+0x1be/0x5e0
[  302.536310][   T29]  ieee80211_tx_h_rate_ctrl+0xa35/0x1ae0
[  302.538763][   T29]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  302.541360][   T29]  invoke_tx_handlers_late+0x1172/0x27d0
[  302.543751][   T29]  ? find_held_lock+0x2b/0x80
[  302.545804][   T29]  ? ieee80211_tx_h_select_key+0x2c9/0x1bc0
[  302.548328][   T29]  ieee80211_tx_dequeue+0x3086/0x43f0
[  302.550610][   T29]  ? __lock_acquire+0xb8a/0x1c90
[  302.552740][   T29]  ? __pfx_ieee80211_tx_dequeue+0x10/0x10
[  302.555118][   T29]  ? do_raw_spin_lock+0x12c/0x2b0
[  302.557214][   T29]  ? ieee80211_next_txq+0xda/0xa50
[  302.559363][   T29]  ieee80211_handle_wake_tx_queue+0x19c/0x260
[  302.561901][   T29]  ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10
[  302.564658][   T29]  ? __pfx___ieee80211_schedule_txq+0x10/0x10
[  302.567206][   T29]  ? mark_held_locks+0x49/0x80
[  302.569187][   T29]  ? __local_bh_enable_ip+0xa4/0x120
[  302.571406][   T29]  ieee80211_queue_skb+0x12b2/0x1fe0
[  302.573601][   T29]  ieee80211_tx+0x2e4/0x460
[  302.575534][   T29]  ? __pfx_ieee80211_tx+0x10/0x10
[  302.577733][   T29]  ? ieee80211_skb_resize+0x22a/0x630
[  302.580035][   T29]  ? ieee80211_set_qos_hdr+0xba/0x3f0
[  302.582283][   T29]  ieee80211_xmit+0x30f/0x3e0
[  302.584251][   T29]  __ieee80211_subif_start_xmit+0x880/0x1390
[  302.586771][   T29]  ? neigh_resolve_output+0x53a/0x940
[  302.589010][   T29]  ? __pfx___ieee80211_subif_start_xmit+0x10/0x10
[  302.591676][   T29]  ? mld_sendpack+0xac1/0x1350
[  302.593701][   T29]  ? skb_network_protocol+0x126/0x6d0
[  302.595986][   T29]  ieee80211_subif_start_xmit+0x11b/0x1970
[  302.598409][   T29]  ? __pfx_ieee80211_subif_start_xmit+0x10/0x10
[  302.600982][   T29]  ? dev_hard_start_xmit+0x97/0x740
[  302.603197][   T29]  dev_hard_start_xmit+0x97/0x740
[  302.605327][   T29]  __dev_queue_xmit+0xa46/0x4490
[  302.607436][   T29]  ? __lock_acquire+0x622/0x1c90
[  302.609517][   T29]  ? __pfx___dev_queue_xmit+0x10/0x10
[  302.611751][   T29]  ? look_up_lock_class+0x6b/0x150
[  302.613956][   T29]  ? __lock_acquire+0xb8a/0x1c90
[  302.615865][   T29]  ? __asan_memcpy+0x3c/0x60
[  302.617771][   T29]  ? eth_header+0x11c/0x1f0
[  302.619724][   T29]  neigh_resolve_output+0x53a/0x940
[  302.621981][   T29]  ip6_finish_output2+0xad1/0x1cf0
[  302.624165][   T29]  ? ip6_dst_mtu_maybe_forward.constprop.0+0x1be/0x530
[  302.627024][   T29]  __ip6_finish_output+0x3cd/0x1010
[  302.629239][   T29]  ip6_output+0x253/0x710
[  302.631173][   T29]  mld_sendpack+0xac1/0x1350
[  302.633187][   T29]  ? __pfx_mld_sendpack+0x10/0x10
[  302.635397][   T29]  mld_ifc_work+0x740/0xbf0
[  302.637392][   T29]  process_one_work+0x9cf/0x1b70
[  302.639540][   T29]  ? __pfx_process_one_work+0x10/0x10
[  302.641801][   T29]  ? assign_work+0x1a0/0x250
[  302.643727][   T29]  worker_thread+0x6c8/0xf10
[  302.645675][   T29]  ? __pfx_worker_thread+0x10/0x10
[  302.647798][   T29]  kthread+0x3c5/0x780
[  302.649519][   T29]  ? __pfx_kthread+0x10/0x10
[  302.651447][   T29]  ? rcu_is_watching+0x12/0xc0
[  302.653446][   T29]  ? __pfx_kthread+0x10/0x10
[  302.655464][   T29]  ret_from_fork+0x675/0x7d0
[  302.657398][   T29]  ? __pfx_kthread+0x10/0x10
[  302.659395][   T29]  ret_from_fork_asm+0x1a/0x30
[  302.661427][   T29]  </TASK>
[  302.663819][   T29] Kernel Offset: disabled
[  302.665637][   T29] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:40:42  Registers:
info registers vcpu 0

CPU#0
EAX=00000000 EBX=00000000 ECX=00000000 EDX=04000081
ESI=00100000 EDI=00000000 EBP=08000000 ESP=002004c8
EIP=00000000 EFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 00000000 0000ffff 00009300
CS =f000 ffff0000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT=     00000000 0000ffff
IDT=     00000000 0000ffff
CR0=00000030 CR2=00000000 CR3=00000000 CR4=00002040
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000000
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff852db115 RDI=ffffffff9adf1e40 RBP=ffffffff9adf1e00 RSP=ffffc900005763c0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=000000000000005b R14=ffffffff9adf1e00 R15=ffffffff852db0b0
RIP=ffffffff852db13f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
GS =0000 ffff8880978e1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000046f52000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000000c0000 RBX=0000000000000000 RCX=0000000000000000 RDX=00000000000509dd
RSI=0000000000000000 RDI=00000000000009dd RBP=ffff8880242f2480 RSP=ffffc9002162f920
R8 =0000000000080000 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000001
R12=ffff8880242f2fb0 R13=ffff8880242f2fb0 R14=0000000000000000 R15=ffff888024b2db50
RIP=ffffffff81987f0c RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
GS =0063 ffff8880979e1000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000004bef2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=ffff88802b43a4c0 RBX=ffff88802758a480 RCX=0000000000000000 RDX=1ffff110056a765b
RSI=ffffffff8b63d869 RDI=ffff88802b43a4d8 RBP=ffffc9000f5a69b8 RSP=ffffc9000f5a67f0
R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000001
R12=0000000000000000 R13=ffff88802758aa18 R14=ffff88802b53a4c0 R15=0000000000000001
RIP=ffffffff81989bb6 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c01300
GS =0063 ffff888097ae1000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055c0ae2dff40 CR3=0000000051102000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=a8bc928f8843530e 44158023a3213cf8 a8bc928f8843530e 44158023a3213cf8 a8bc928f8843530e 44158023a3213cf8 a8bc928f8843530e 44158023a3213cf8
ZMM18=bbad94522897d5d6 a0ab77efcf9e8faa bbad94522897d5d6 a0ab77efcf9e8faa bbad94522897d5d6 a0ab77efcf9e8faa bbad94522897d5d6 a0ab77efcf9e8faa
ZMM19=fa0f000000000000 0000000000000004 fa0f000000000000 0000000000000003 fa0f000000000000 0000000000000002 fa0f000000000000 0000000000000001
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8082000182033002 0001800301800404 9003080800048803 3208000480030880
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08000cbfa8080002 8002010000000806 08014ed001800200 0800040075e40070
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 616d5f64696a6f72 7001ffffffffffff ffffe90801800301 a008000d80020008
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000480020a080006 0102cc00080006a0 0300080006980320 08000690030fffff
ZMM25=a0ab77efa0ab77ef a0ab77efa0ab77ef a0ab77efa0ab77ef a0ab77efa0ab77ef a0ab77efa0ab77ef a0ab77efa0ab77ef a0ab77efa0ab77ef a0ab77efa0ab77ef
ZMM26=2897d5d62897d5d6 2897d5d62897d5d6 2897d5d62897d5d6 2897d5d62897d5d6 2897d5d62897d5d6 2897d5d62897d5d6 2897d5d62897d5d6 2897d5d62897d5d6
ZMM27=bbad9452bbad9452 bbad9452bbad9452 bbad9452bbad9452 bbad9452bbad9452 bbad9452bbad9452 bbad9452bbad9452 bbad9452bbad9452 bbad9452bbad9452
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=f90f0000f90f0000 f90f0000f90f0000 f90f0000f90f0000 f90f0000f90f0000 f90f0000f90f0000 f90f0000f90f0000 f90f0000f90f0000 f90f0000f90f0000