last executing test programs:

1.578304919s ago: executing program 2 (id=734):
ustat(0x800, 0x0)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
ustat(0x5, &(0x7f0000000280))
ustat(0x24, &(0x7f0000000500))
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x1d}, @l2cap_cid_signaling={{0x19}, [@l2cap_info_req={{0xa, 0x5, 0x2}, {0x10}}, @l2cap_conf_rsp={{0x5, 0xf1, 0x6}, {0x2884, 0x5, 0xe984}}, @l2cap_create_chan_req={{0xc, 0x5, 0x5}, {0x0, 0xfff7, 0x9}}]}}, 0x22)
syz_emit_vhci(0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
r1 = dup(r0)
syz_emit_vhci(0x0, 0x0)
ustat(0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
syz_emit_vhci(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x1214040, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000100)={'pimreg1\x00', &(0x7f00000002c0)=@ethtool_regs={0x4, 0xf, 0xfb, "792f8156470c231097f1603526e80abc4207f2bbbb59c3e3cb3f9e6f36d4a5b1c7699b5b962a04ec5d762d1e3d535fcf645100f10d818d56a70bb6bc731f6566db657121d5bbc663d299d5bb7cb3654ee78941560c18d5afba54e7181254867eb0e65d99e9c3ba7f032c538b9b17161dc361510f3da3e6fab51ca24350f594555ec9ad3f316bc7e99cff303c4dce7c7811e081e5b35bddbfcd90f48a7d4eed411dcc7e03906b420e77cfb76bd7e78db7d7321e1633752f4cc55f83b0ac081932901758ced765a853327a24be13bc675191f1901109ca15be568e0d66f213db26198d66c41de8a9bcb437ca4b2dbacbf0b6314747a87541a57c5245"}})
umount2(&(0x7f0000000000)='./file0\x00', 0x8)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000002ac0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_cmd_rej_unk={{0x1, 0xf, 0x2}, {0x3}}}}, 0xf)
sendmsg$NL80211_CMD_START_AP(r0, 0x0, 0x0)

1.360475931s ago: executing program 1 (id=738):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f90224fc602f1a99000a740100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x5000000)

1.26003357s ago: executing program 1 (id=740):
mremap(&(0x7f0000002000/0x4000)=nil, 0x200000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000002000/0x4000)=nil)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0xdfffffff, 0x5e490420, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x3731, {0x0, 0x7f69ff17f1e1ab77}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc5001, 0x104)

729.487215ms ago: executing program 2 (id=753):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0xf000, 0x61, 0x10, 0x8}, [@ldst={0x3, 0x3, 0x3, 0x1c10a1, 0x0, 0x98}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xf7}, 0x48)

729.333588ms ago: executing program 0 (id=754):
syz_emit_ethernet(0x86, &(0x7f0000000140)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @multicast1}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x3, 0x0, "eea2ce15f073cfc7b867a8f1eae374992b05d96de4fee8723648ec884824c0fa", "dad132180b5c87e3c4ce5aace7bd878f", {"bfb382e7c4f35588608b6b77d4179781", "5c1ef82da223af7e119100d169d1153d"}}}}}}}, 0x0)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x149000, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r0, 0xc4c03d12, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x4)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000340)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x6005, &(0x7f0000000540)=0xa, 0x6, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000940)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha384\x00'}, 0x58)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ff5000/0xb000)=nil, 0xb000, 0x0, 0x16132, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffd000/0x3000)=nil)
brk(0x55555ede6001)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYRES8=r1, @ANYRES32=r3, @ANYBLOB="01000000020c00001c0012000c0000000000000000000042a3c587645930e40000"], 0x3c}}, 0x801)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x40000, 0x3f00}, [@IFLA_MASTER={0x8, 0xa, r3}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_FORWARD_DELAY={0x8, 0x1, 0x40012}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x8850)
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000b40)={0x2020, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r6, &(0x7f0000000240)={0x50, 0x0, r7, {0x7, 0x2d, 0x3, 0xffffffff91010000, 0x5, 0x7, 0x3, 0x401, 0x0, 0x0, 0x10}}, 0x50)

668.43874ms ago: executing program 2 (id=755):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x2, 0xc, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xa, 0x0, 0xffffff7f}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @local}}, @sadb_key={0x2, 0x8, 0x8, 0x0, 'u'}]}, 0x60}, 0x1, 0x7}, 0x0)
r3 = fsopen(&(0x7f0000000140)='vfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000001100)='iocharset', &(0x7f0000001140)='\xe0^@&&}\'\x00', 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x2000, 0x3, 0x9a, 0x5, 0xfa, 0xd4, 0xd4, 0x0, 0x4, 0x7, 0x4f}, {0xdddd1000, 0x4000, 0xd, 0x9, 0x8, 0x3, 0x6, 0xb, 0x5, 0xe, 0x3, 0xc0}, {0xffff1000, 0xdddd1000, 0xb, 0x4f, 0x2, 0x7, 0x19, 0x1, 0x81, 0x0, 0x6, 0x5}, {0xe000, 0x2000, 0x8, 0x5, 0x3, 0x46, 0x2, 0xd, 0x6, 0x8, 0x8, 0x1}, {0x9000, 0x4000, 0x9, 0x9, 0x3, 0x9, 0xd, 0x6, 0x5, 0x9, 0xc, 0x4b}, {0x8000000, 0x0, 0x4, 0x6, 0x3, 0x7d, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x8000000, 0x4000, 0x0, 0x8, 0x5, 0x0, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0x0, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0x1, 0x2, 0x7}, {0xdddd1000, 0x5}, {0x4, 0x9}, 0x40010000, 0x0, 0x80a0000, 0x35c, 0x1, 0x2000, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000740)={"373ab6e870bf64ef25ad87deef94c3b7350df627ea7ca6efbd6c33a19e5dde0b3718dac0c2b8e833beb9e0347000fc7332c43a3128856f23df4628fb1e54b1745094c19bc88c190192f58dda884b3296f7cd6373842bff61047e0697c9af6e9f62b88fd21621b527902efdae6efd3516c7e5a36f4aaa12cd1baa2515ab6996b4807b0d9575a9061a775ef515a40b97c34035e8e412b9200000001000000062a07ab97f50ff5deb8a5978611317016887694245b363252230bbe17ed0f591f935d8e4ae7563eeff2fdfad8a772b08ea90f63f5c4851df9aef747a4e240cec55ce1659c08d387142c5835e15291c4973ade3b2006d8870a1d739eb8e7a284e23f660b2061e31a70627be4acb16ecbe00000000000000011a2fe0690f5d580ebf35b8640441ddf47d1f67a5e2d892f14a4f88412ce3cc8ec4d0580729c8638502410837253d6ac316ee9c6a29eb5d83463ff9bdf81f31c12b04adec97fe1377d2f29067e5f6f48cc123f2c4c02afe60d224c7d974a63c1aa9b110d2187f18de3753b57c630eab26238e8201501a007da99f1d07f76c4da113859ab55792049a15c5d83051f41ae951912eb81154f2398a729b6d6c51d6850bddcd4b35b24996e4ec707d1a744dff58ea5030fcd6b46a468ac029f86be30c7c3d5708e3871fed2e63b9c3ad265350e87e9fc44696eadeecc1ff67e30b64be27f480180d26218d031380149bcc31bd712063e9c09ed5329a530800000500d79eb9d4491d82d2b7a3d7d0cf9286396fcb8c2ccf1655b3ba420c36c3fb88d788308e000000000957a98a840111c954c2a2feccd60d0000da8330cd1de951bcd767cf211a241c882b8d5e608fd1e796afeac2a7b05018b4ae6c034c4c4997868343a5d064838dd0aca0d21b429665a0a1b4fd17cd34e711cee01d2348dc5871cca7ab4e4924f600000000dbfae6788549e6000000000000d7ddfabd45803a6d1145734a82b2b9a6a87c8e118629840a027fd3f8e5a6a5dcca000000d6cd0402a64db2263b1a9de61848b1eb31b51189f4caa2fdf0c3a38275386522137fe573ec27693a337c324952480c9ae476a694010aa22095c6d8bfceb5e024cbc21d6c1d1b17fae63dc627a948c4eca7dfa3f8a5e628531472e00ed28f2d2b7fcf03b5ba1975fcc010482a08c7800b3c87587a9fea37402ffafcc9cabc16a123164765d10dafe323ce33f197af8a3cf57332dbbeedf263779ba2e402d7db15804341630437ad2277be4ff82d1aa32c15b0cf99c88c7bca0ecf47a3be490bf6079f19acdf9a71f636fff612167c849b5c149cb72d8dd98d2aa8bb0606a1214fc1f0da04476cd8c3c056ec88eefca0d331ecbd5416c356466202cb97ddfc320b7594d5ab2e9102d549ffa72300"})

579.084972ms ago: executing program 3 (id=756):
unshare(0x8000000)
mq_open(&(0x7f00000000c0)='${$\x00', 0x840, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000980)=@can_newroute={0x2c, 0x18, 0x1, 0x0, 0x0, {}, [@CGW_MOD_SET={0x15, 0x4, {{{0x4, 0x1, 0x1}, 0x6, 0x0, 0x0, 0x0, "acd0c4c8999fd7e5"}, 0x6}}]}, 0x2c}}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x81c0, 0x0)
execve(&(0x7f0000000140)='./file2\x00', 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/154, 0x9a}], 0x1}, 0x0)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0)
unshare(0x10500)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0], 0x3, 0x180000, 0x0, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000240), &(0x7f00000002c0)=0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x0, &(0x7f0000000040)})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r4, @ANYBLOB="0800a0002609000008009f000d00000004006c00"], 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
close(r1)
recvmmsg(r5, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000900)={'ip6gre0\x00', &(0x7f0000000880)={'syztnl2\x00', <r8=>0x0, 0x4, 0xc, 0x0, 0x7fff, 0x9fcdbf0e7b1e9379, @ipv4={'\x00', '\xff\xff', @remote}, @private1, 0x40, 0x7800, 0xb52a, 0xc6e}})
sendmmsg$inet(r7, &(0x7f0000000940)=[{{&(0x7f0000000340)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10, &(0x7f0000000800)=[{&(0x7f0000000500)="f8cdce6eda6cd944bb303ff78daa0fe757ad5ab46e58c9b5effb718f23691952139dbe9f8039eb05b27697a5f2c03ae994b826412411b1f8eae17e2f7f2513f2c1126b0c2eaf0497336d00bce9baf1a9894c37d338a8f73ec8ea4b0a7319993849a9f0b03edc3ab55cbc897cd99f3ca39415dce426c0caf75f44c09354847b9f13333032768acf20963b07268fad5375803077937e62886b4d7c02cf14d28a3f45c45dedc0a4e11442fd457a339d1c17d8af678b8ac648646e477218910e1ec748e01be32c0e4e4d3924fa4006b2334b0012d295", 0xd4}, {&(0x7f0000000400)="e16844837baf6bc573b77deaedae6a3ecab4bb3fcfed1cf4e78559", 0x1b}, {&(0x7f0000000600)="7dccd7878131c332367625db2107dbab523e5158e52846c741dce7c681d75a8b79e3700d7305ff104fe42b092e5b28ff9febc7907fcec0e97873dc54702bd4c5cc53bcc6dbf8ee6b14824cbc6f5734432141317c089a0ac054b60ffaaee71752cae5107bea6e0380cb2bb39a776a1ba00d74772e9e83a198c85067072369b1eabfe5c22f874221aa7a9ee43c89bf8f8fa39215", 0x93}, {&(0x7f00000006c0)="49cbc92a29b65e3955b7f9768e81e4ca42d0521e64703cb33372d16cbffb5f44c1a70620c9cfe0d6123405fbb057ab434fab334e0d42506b2d0f337f9468d39e78a02d3b0d952ae835f78d4e3bd0734b64b52b0c0acf3dcdf41ec6dff43c69c7e238023ba46515f07dc4396e22b9425fb1fee723bd01f22e635a421fc7d97389d1509bf62d3c5e70736437f7eadcacf8478163e44e216165aca4b91cfef46259925f7442d1e0a607be5542e5bbd73fca1ce2dfb27e2ca113e203918054b617b66edc9739571fe0ea7d91c11bd2fc1ef410c29028afddc91dc2832c0fa141bae1fcad90b38260f42bd8746ac364729f2da60bb21b6405c5c2eaead6c49839", 0xfe}, {&(0x7f0000000440)="e1e463329d62cae4a1409b7cf6c6a67d6fdebbeb3c226a6705bc90a9fb82a1b4fcc2fca8b1a70fecdb690f35aa4669b8da413f6973", 0x35}, {&(0x7f00000007c0)="ef6fbb586ce0271cefe8d6e2231f3492eed92adf", 0x14}], 0x6, &(0x7f00000009c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0xd}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x21}}], 0x80}}], 0x1, 0x40)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x3, 0x6, 0x401, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}}, 0x80)
close_range(r6, r0, 0x2)

510.40165ms ago: executing program 0 (id=757):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8000, 0x64}, [@IFLA_GROUP={0x8}, @IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}]}, 0x34}}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) (async, rerun: 64)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x11, 0x4, 0x0, 0xa}, 0x50) (async, rerun: 64)
r3 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) (async, rerun: 32)
r4 = fsmount(r3, 0x0, 0x0) (rerun: 32)
fchdir(r4) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e22, 0x35cd, @private2={0xfc, 0x2, '\x00', 0x1}, 0xff}, @in={0x2, 0x4e23, @private=0xa010101}, @in6={0xa, 0x4e22, 0x68a8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x790eaf69}, @in={0x2, 0x4e20, @remote}], 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

508.462323ms ago: executing program 2 (id=758):
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001655800"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r3=>0x0})
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x80000)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_generic(r6, 0x0, 0x0)
dup(r5)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000140)={0x64, r2, 0x405, 0x70bd27, 0x25dfdbff, {}, [{{0x8, 0x1, r3}, {0x48, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000401}, 0x44094)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10104}, [@IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)

420.306448ms ago: executing program 3 (id=759):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
socket$kcm(0x2, 0xa, 0x2)
write$tun(r0, 0x0, 0xfdef)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000005c0)=@mangle={'mangle\x00', 0x2, 0x6, 0x580, 0x0, 0x310, 0x0, 0x0, 0x1d8, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x6, 0x0, {[{{@ipv6={@mcast2, @ipv4={'\x00', '\xff\xff', @remote}, [0x3c8, 0xff, 0xff000000, 0xff000000], [0x0, 0xffffff00, 0xffffff00, 0xffffffff], 'gretap0\x00', 'batadv_slave_0\x00', {}, {0xff}, 0x2b, 0x5, 0x1, 0x18}, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000010000000}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x0, 0xfc, 0x6}}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0xb4}, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, [0xff], [0xffffff00], '\x00', 'bond_slave_0\x00', {}, {0xff}}, 0x0, 0xf0, 0x138, 0x48000000, {}, [@common=@dst={{0x48}, {0xff, 0x4, 0x0, [0x1, 0x7a, 0xfffd, 0x3f4, 0x0, 0x3, 0x5, 0x0, 0x8, 0x30, 0xe5, 0x4, 0x1, 0x6, 0x0, 0x1], 0x6}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 'ip6gre0\x00', {0x4}}}}, {{@ipv6={@remote, @dev={0xfe, 0x80, '\x00', 0xd}, [0x0, 0xffff00, 0xffffffff], [0xffffff00, 0xffffff00, 0xffffff00, 0xff000000], 'nr0\x00', 'vxcan1\x00', {}, {}, 0x62, 0x5, 0x3, 0x20}, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0xf}}}, {{@ipv6={@mcast1, @private0, [0xff000000, 0xffffff, 0x0, 0xffffff00], [0xffffff00, 0xffffff00, 0xff, 0xff000000], 'pim6reg1\x00', 'hsr0\x00', {}, {}, 0x6c, 0x80, 0x5, 0x61}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0)

420.216215ms ago: executing program 0 (id=760):
mkdir(0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={0x0, 0xff0f, &(0x7f0000000100)={&(0x7f0000000240)={0x18, r1, 0x7, 0x60, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}}, 0x0)

420.112994ms ago: executing program 3 (id=761):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc8)
mount(&(0x7f0000000040)=@nullb, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000080)='squashfs\x00', 0x208000, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
setxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0/file1\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0)

419.963895ms ago: executing program 0 (id=762):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x7, 0x2)
mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xc)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc8)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
setxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0/file1\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYRESHEX=r1, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000ac14143f00000000000000000000000000000200b427086ff7d30000000000000600000000000000ffff0000000000001c250800000000000200000000000000f8ffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000feffffffffffffff02000000fcffffff000000002abd700004350000241ba29921c28621350da5784d803f020901002000000000000000480003006465666c6174650000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000008000b000600000008001800400000000a001000010000000000000008000b000600000008000c"], 0x164}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x8080)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a80000000201010400000000141a000002000000240001801400018008000100e000000108000200e00000010c000280050001"], 0xa8}}, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

419.721439ms ago: executing program 1 (id=763):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0xaf6}}, {{0xa, 0x4e24, 0x0, @empty}}}, 0x108)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='.\x00', &(0x7f0000000000), 0x1000004, &(0x7f0000000240)=ANY=[@ANYBLOB="7472616e733d7669727469d9726a24334dae572102a97830303030303030ae3030303000000000"]) (async)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000080)='.\x00', &(0x7f0000000000), 0x1000004, &(0x7f0000000240)=ANY=[@ANYBLOB="7472616e733d7669727469d9726a24334dae572102a97830303030303030ae3030303000000000"])
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xfd, 0x7fff0003}]}) (async)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xfd, 0x7fff0003}]})
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x48)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x4e21, 0x0, @local, 0x100}, {0xa, 0x4e23, 0x7, @local, 0x5}, 0x1, {[0x10, 0x4800000, 0x8, 0x1, 0x100, 0xfffffff9, 0x1, 0x101]}}, 0x5c) (async)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x4e21, 0x0, @local, 0x100}, {0xa, 0x4e23, 0x7, @local, 0x5}, 0x1, {[0x10, 0x4800000, 0x8, 0x1, 0x100, 0xfffffff9, 0x1, 0x101]}}, 0x5c)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000280), &(0x7f0000000a80)=@udp6=r3, 0x1}, 0x20)
close_range(r1, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r5) (async)
r6 = dup(r5)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
read$FUSE(r6, &(0x7f0000002b00)={0x2020}, 0xfca0)
socket$kcm(0x10, 0x2, 0x0) (async)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) (async)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
clock_gettime(0x6, &(0x7f0000000040))
setsockopt$inet6_group_source_req(r4, 0x29, 0x2f, &(0x7f0000000300)={0x4, {{0xa, 0x4e23, 0x1a400, @mcast2, 0xe}}, {{0xa, 0x4e22, 0x10, @ipv4={'\x00', '\xff\xff', @remote}, 0x9e}}}, 0x108)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.net/syz1\x00', 0x200002, 0x0)

419.595413ms ago: executing program 2 (id=764):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0x4}, {0xffff}, {0x2, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0x6, 0x3, 0x3, 0x4, 0xd, 0x5, 0xb, 0x8, 0x7, 0x5, 0x6, 0x3, 0x5, 0x8, 0xf, 0x3], 0x1, [0x1, 0x10, 0x3, 0x8, 0x31d4, 0xa, 0x6, 0x3742, 0x7fff, 0x7, 0xff, 0x800, 0xcbe6, 0xd80, 0xf638, 0x1], [0x3, 0x9, 0x8, 0x5, 0x0, 0x3, 0xc, 0x6, 0x5, 0x0, 0xe, 0x8001, 0x8a67, 0x4, 0x7fff, 0xfffe]}}]}}]}, 0x8c}}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
r10 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r10, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r9, 0x1, 0xd8, 0x6, @multicast}, 0x14)
r11 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r11, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20, 0x1f00}}], 0x1, 0x8000004)

340.227446ms ago: executing program 3 (id=765):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x5, 0x2, 0xfffffffffffffffe, 0x4, 0x0, 0xfffffffe, {0x40, 0x3, 0x6, 0xffff, 0x1000, 0xfffffffffffffffc, 0x0, 0x0, 0x7, 0x2000, 0x0, r2, 0x0, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x2, 0x14c0348, 0x40, 0x1, 0xfffffff1, 0x0, 0x0, 0x0, 0x80, 0x7fffffff}}, 0x50)
r3 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
ioctl$sock_SIOCOUTQ(r3, 0x545c, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

249.150273ms ago: executing program 1 (id=766):
r0 = syz_open_dev$dri(&(0x7f0000000140), 0x2, 0x103000)
r1 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r2], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000040)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000000c0)={r2, r3, <r4=>0x0, 0x0, 0x0, 0x4, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f00000001c0)={r2, r3, r4, 0x6, 0x3, 0x1fe, 0xbe2, 0x1d, 0x401, 0x80, 0x6, 0x8})
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864d0, &(0x7f00000003c0)={0x29, 0x0, 0x0, 0xb0b0b0b0})

158.574905ms ago: executing program 1 (id=767):
ioprio_set$pid(0x2, 0x0, 0x4000)
r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0)
ioctl$BLKRRPART(r0, 0x125f, 0xf00000000000000)

158.081389ms ago: executing program 3 (id=768):
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x1f00000000000000, 0x0)

156.311977ms ago: executing program 0 (id=769):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r0, &(0x7f0000001200)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x9, 0x6a76) (async, rerun: 32)
r1 = socket$key(0xf, 0x3, 0x2) (rerun: 32)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0)

156.1555ms ago: executing program 1 (id=770):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000453000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, 0x0}], 0x1, 0x1a, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4b564d02, 0xec000000, 0xcd}]})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r3, 0xae80, 0x0) (fail_nth: 23)

78.607647ms ago: executing program 3 (id=771):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, 0x0) (fail_nth: 3)

78.263503ms ago: executing program 2 (id=772):
mremap(&(0x7f0000002000/0x4000)=nil, 0x200000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000002000/0x4000)=nil)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0xdfffffff, 0x5e490420, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x3731, {0x0, 0x7f69ff17f1e1ab77}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc5001, 0x104)

0s ago: executing program 0 (id=773):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000453000/0x18000)=nil, &(0x7f0000000500)=[@text16={0x10, 0x0}], 0x1, 0x1a, 0x0, 0x0)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
write$UHID_DESTROY(r4, &(0x7f0000000340), 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="40000000210a010800000000000000000a0000010900020073797a31000000000900010073797a3100000000140003"], 0x40}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4b564d02, 0xec000000, 0xcd}]})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

failure.
[   81.714549][ T6881] name failslab, interval 1, probability 0, space 0, times 0
[   81.720053][ T6881] CPU: 2 UID: 0 PID: 6881 Comm: syz.3.332 Not tainted syzkaller #0 PREEMPT(full) 
[   81.720076][ T6881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   81.720086][ T6881] Call Trace:
[   81.720093][ T6881]  <TASK>
[   81.720100][ T6881]  dump_stack_lvl+0x100/0x190
[   81.720127][ T6881]  should_fail_ex.cold+0x5/0xa
[   81.720154][ T6881]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   81.720195][ T6881]  should_failslab+0xc2/0x120
[   81.720217][ T6881]  kmem_cache_alloc_noprof+0x83/0x780
[   81.720238][ T6881]  ? skb_clone+0x190/0x400
[   81.720281][ T6881]  ? skb_clone+0x190/0x400
[   81.720303][ T6881]  skb_clone+0x190/0x400
[   81.720327][ T6881]  netlink_deliver_tap+0xaed/0xcc0
[   81.720357][ T6881]  netlink_unicast+0x70c/0x870
[   81.720385][ T6881]  ? __pfx_netlink_unicast+0x10/0x10
[   81.720411][ T6881]  ? genl_rcv_msg+0x4be/0x800
[   81.720434][ T6881]  netlink_ack+0x655/0xb80
[   81.720471][ T6881]  netlink_rcv_skb+0x333/0x420
[   81.720496][ T6881]  ? __pfx_genl_rcv_msg+0x10/0x10
[   81.720513][ T6881]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   81.720548][ T6881]  ? netlink_deliver_tap+0x1ae/0xcc0
[   81.720576][ T6881]  genl_rcv+0x28/0x40
[   81.720600][ T6881]  netlink_unicast+0x5aa/0x870
[   81.720629][ T6881]  ? __pfx_netlink_unicast+0x10/0x10
[   81.720663][ T6881]  netlink_sendmsg+0x8b0/0xda0
[   81.720693][ T6881]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.720716][ T6881]  ? __might_fault+0x70/0x140
[   81.720743][ T6881]  ____sys_sendmsg+0xa54/0xc30
[   81.720762][ T6881]  ? __pfx_____sys_sendmsg+0x10/0x10
[   81.720790][ T6881]  ___sys_sendmsg+0x190/0x1e0
[   81.720809][ T6881]  ? __pfx____sys_sendmsg+0x10/0x10
[   81.720838][ T6881]  ? find_held_lock+0x2b/0x80
[   81.720877][ T6881]  __sys_sendmsg+0x170/0x220
[   81.720901][ T6881]  ? __pfx___sys_sendmsg+0x10/0x10
[   81.720939][ T6881]  do_syscall_64+0xc9/0xf80
[   81.720961][ T6881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.720979][ T6881] RIP: 0033:0x7fbe9f19aeb9
[   81.720993][ T6881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   81.721009][ T6881] RSP: 002b:00007fbea00fa028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.721026][ T6881] RAX: ffffffffffffffda RBX: 00007fbe9f415fa0 RCX: 00007fbe9f19aeb9
[   81.721037][ T6881] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005
[   81.721047][ T6881] RBP: 00007fbea00fa090 R08: 0000000000000000 R09: 0000000000000000
[   81.721057][ T6881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.721067][ T6881] R13: 00007fbe9f416038 R14: 00007fbe9f415fa0 R15: 00007ffd308a86a8
[   81.721091][ T6881]  </TASK>
[   82.001420][ T6896] netlink: 'syz.0.339': attribute type 1 has an invalid length.
[   82.058843][ T6898] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   82.157655][ T5948] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[   82.161860][ T5948] CPU: 0 UID: 0 PID: 5948 Comm: kworker/u33:8 Not tainted syzkaller #0 PREEMPT(full) 
[   82.161878][ T5948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   82.161886][ T5948] Workqueue: hci3 hci_rx_work
[   82.161903][ T5948] Call Trace:
[   82.161908][ T5948]  <TASK>
[   82.161912][ T5948]  dump_stack_lvl+0x100/0x190
[   82.161929][ T5948]  sysfs_warn_dup.cold+0x1c/0x28
[   82.161945][ T5948]  sysfs_create_dir_ns+0x24b/0x2b0
[   82.161962][ T5948]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   82.161978][ T5948]  ? find_held_lock+0x2b/0x80
[   82.161992][ T5948]  ? kobject_add_internal+0x25f/0x930
[   82.162007][ T5948]  ? kobject_add_internal+0x25f/0x930
[   82.162022][ T5948]  ? do_raw_spin_unlock+0x145/0x1e0
[   82.162042][ T5948]  kobject_add_internal+0x2c8/0x930
[   82.162058][ T5948]  kobject_add+0x16a/0x1e0
[   82.162072][ T5948]  ? __pfx_kobject_add+0x10/0x10
[   82.162085][ T5948]  ? class_to_subsys+0x10f/0x150
[   82.162102][ T5948]  ? kobject_put+0xb9/0x640
[   82.162114][ T5948]  ? _raw_spin_unlock+0x28/0x50
[   82.162135][ T5948]  device_add+0x294/0x1950
[   82.162149][ T5948]  ? __pfx_dev_set_name+0x10/0x10
[   82.162165][ T5948]  ? __pfx_device_add+0x10/0x10
[   82.162178][ T5948]  ? mgmt_send_event_skb+0x2fb/0x460
[   82.162194][ T5948]  hci_conn_add_sysfs+0x1a3/0x260
[   82.162209][ T5948]  le_conn_complete_evt+0x11cb/0x1f40
[   82.162224][ T5948]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   82.162240][ T5948]  hci_le_conn_complete_evt+0x23c/0x3a0
[   82.162255][ T5948]  ? skb_pull_data+0x15f/0x1e0
[   82.162268][ T5948]  hci_le_meta_evt+0x34a/0x5f0
[   82.162282][ T5948]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   82.162296][ T5948]  hci_event_packet+0x682/0x11c0
[   82.162309][ T5948]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   82.162322][ T5948]  ? __pfx_hci_event_packet+0x10/0x10
[   82.162336][ T5948]  ? kcov_remote_start+0x374/0x660
[   82.162352][ T5948]  ? lockdep_hardirqs_on+0x78/0x100
[   82.162367][ T5948]  hci_rx_work+0x451/0xfc0
[   82.162382][ T5948]  process_one_work+0x9c2/0x1840
[   82.162400][ T5948]  ? __pfx_process_one_work+0x10/0x10
[   82.162417][ T5948]  ? assign_work+0x19c/0x250
[   82.162430][ T5948]  worker_thread+0x5da/0xe40
[   82.162445][ T5948]  ? __pfx_worker_thread+0x10/0x10
[   82.162458][ T5948]  ? kthread+0x17d/0x730
[   82.162469][ T5948]  ? __pfx_worker_thread+0x10/0x10
[   82.162480][ T5948]  kthread+0x3b3/0x730
[   82.162497][ T5948]  ? __pfx_kthread+0x10/0x10
[   82.162508][ T5948]  ? ret_from_fork+0x79/0xaf0
[   82.162521][ T5948]  ? ret_from_fork+0x79/0xaf0
[   82.162534][ T5948]  ? rcu_is_watching+0x12/0xc0
[   82.162550][ T5948]  ? __pfx_kthread+0x10/0x10
[   82.162577][ T5948]  ret_from_fork+0x754/0xaf0
[   82.162590][ T5948]  ? __pfx_ret_from_fork+0x10/0x10
[   82.162605][ T5948]  ? __switch_to+0x7b9/0x10c0
[   82.162621][ T5948]  ? __pfx_kthread+0x10/0x10
[   82.162634][ T5948]  ret_from_fork_asm+0x1a/0x30
[   82.162652][ T5948]  </TASK>
[   82.162703][ T5948] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   82.272920][ T5948] Bluetooth: hci3: failed to register connection device
[   83.084899][   T40] kauditd_printk_skb: 18 callbacks suppressed
[   83.084916][   T40] audit: type=1400 audit(1769544603.427:301): avc:  denied  { ioctl } for  pid=6925 comm="syz.1.349" path="socket:[14804]" dev="sockfs" ino=14804 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   83.322404][ T5948] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   83.325386][ T5948] Bluetooth: hci1: Injecting HCI hardware error event
[   83.328386][ T5948] Bluetooth: hci1: hardware error 0x00
[   83.398472][   T40] audit: type=1400 audit(1769544603.737:302): avc:  denied  { read } for  pid=6929 comm="syz.1.350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   83.625971][ T6937] netlink: 'syz.0.353': attribute type 1 has an invalid length.
[   83.640151][ T6937] 8021q: adding VLAN 0 to HW filter on device bond2
[   83.652670][ T6937] ip6erspan0: entered allmulticast mode
[   83.657205][ T6937] bond2: (slave ip6erspan0): making interface the new active one
[   83.664767][ T6937] bond2: (slave ip6erspan0): Enslaving as an active interface with an up link
[   83.709204][   T40] audit: type=1400 audit(1769544604.047:303): avc:  denied  { shutdown } for  pid=6939 comm="syz.3.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.717889][ T5935] Bluetooth: hci0: unexpected event for opcode 0x0c05
[   83.720315][ T5935] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[   83.723840][   T40] audit: type=1400 audit(1769544604.067:304): avc:  denied  { getopt } for  pid=6939 comm="syz.3.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.730200][   T40] audit: type=1400 audit(1769544604.067:305): avc:  denied  { connect } for  pid=6939 comm="syz.3.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.737736][   T40] audit: type=1400 audit(1769544604.067:306): avc:  denied  { ioctl } for  pid=6939 comm="syz.3.354" path="socket:[16651]" dev="sockfs" ino=16651 ioctlcmd=0x3d02 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.768212][ T6953] iommufd_mock iommufd_mock0: Adding to iommu group 9
[   83.773283][ T6953] iommufd_mock iommufd_mock1: Adding to iommu group 10
[   83.857747][ T5935] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[   83.861968][ T5935] CPU: 0 UID: 0 PID: 5935 Comm: kworker/u33:2 Not tainted syzkaller #0 PREEMPT(full) 
[   83.861985][ T5935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   83.861994][ T5935] Workqueue: hci2 hci_rx_work
[   83.862010][ T5935] Call Trace:
[   83.862015][ T5935]  <TASK>
[   83.862020][ T5935]  dump_stack_lvl+0x100/0x190
[   83.862038][ T5935]  sysfs_warn_dup.cold+0x1c/0x28
[   83.862053][ T5935]  sysfs_create_dir_ns+0x24b/0x2b0
[   83.862071][ T5935]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   83.862088][ T5935]  ? find_held_lock+0x2b/0x80
[   83.862102][ T5935]  ? kobject_add_internal+0x25f/0x930
[   83.862116][ T5935]  ? kobject_add_internal+0x25f/0x930
[   83.862132][ T5935]  ? do_raw_spin_unlock+0x145/0x1e0
[   83.862146][ T5935]  kobject_add_internal+0x2c8/0x930
[   83.862164][ T5935]  kobject_add+0x16a/0x1e0
[   83.862177][ T5935]  ? __pfx_kobject_add+0x10/0x10
[   83.862190][ T5935]  ? class_to_subsys+0x10f/0x150
[   83.862206][ T5935]  ? kobject_put+0xb9/0x640
[   83.862218][ T5935]  ? _raw_spin_unlock+0x28/0x50
[   83.862237][ T5935]  device_add+0x294/0x1950
[   83.862251][ T5935]  ? __pfx_dev_set_name+0x10/0x10
[   83.862266][ T5935]  ? __pfx_device_add+0x10/0x10
[   83.862284][ T5935]  ? mgmt_send_event_skb+0x2fb/0x460
[   83.862300][ T5935]  hci_conn_add_sysfs+0x1a3/0x260
[   83.862314][ T5935]  le_conn_complete_evt+0x11cb/0x1f40
[   83.862330][ T5935]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   83.862346][ T5935]  hci_le_conn_complete_evt+0x23c/0x3a0
[   83.862359][ T5935]  ? skb_pull_data+0x15f/0x1e0
[   83.862373][ T5935]  hci_le_meta_evt+0x34a/0x5f0
[   83.862388][ T5935]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   83.862404][ T5935]  hci_event_packet+0x682/0x11c0
[   83.862418][ T5935]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   83.862432][ T5935]  ? __pfx_hci_event_packet+0x10/0x10
[   83.862445][ T5935]  ? kcov_remote_start+0x374/0x660
[   83.862461][ T5935]  ? lockdep_hardirqs_on+0x78/0x100
[   83.862475][ T5935]  hci_rx_work+0x451/0xfc0
[   83.862490][ T5935]  process_one_work+0x9c2/0x1840
[   83.862508][ T5935]  ? __pfx_process_one_work+0x10/0x10
[   83.862524][ T5935]  ? assign_work+0x19c/0x250
[   83.862537][ T5935]  worker_thread+0x5da/0xe40
[   83.862555][ T5935]  ? kthread+0x17d/0x730
[   83.862564][ T5935]  ? __pfx_worker_thread+0x10/0x10
[   83.862576][ T5935]  kthread+0x3b3/0x730
[   83.862588][ T5935]  ? __pfx_kthread+0x10/0x10
[   83.862598][ T5935]  ? ret_from_fork+0x79/0xaf0
[   83.862611][ T5935]  ? ret_from_fork+0x79/0xaf0
[   83.862623][ T5935]  ? rcu_is_watching+0x12/0xc0
[   83.862637][ T5935]  ? __pfx_kthread+0x10/0x10
[   83.862649][ T5935]  ret_from_fork+0x754/0xaf0
[   83.862662][ T5935]  ? __pfx_ret_from_fork+0x10/0x10
[   83.862675][ T5935]  ? __switch_to+0x7b9/0x10c0
[   83.862690][ T5935]  ? __pfx_kthread+0x10/0x10
[   83.862701][ T5935]  ret_from_fork_asm+0x1a/0x30
[   83.862718][ T5935]  </TASK>
[   83.862732][ T5935] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   83.957369][ T5935] Bluetooth: hci2: failed to register connection device
[   84.033694][   T40] audit: type=1400 audit(1769544604.377:307): avc:  denied  { listen } for  pid=6968 comm="syz.3.365" lport=33646 faddr=::ffff:100.1.1.1 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   84.123849][ T6975] __nla_validate_parse: 4 callbacks suppressed
[   84.123861][ T6975] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.367'.
[   84.162248][ T6978] mmap: syz.0.368 (6978) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   84.246112][   T40] audit: type=1400 audit(1769544604.587:308): avc:  denied  { write } for  pid=6981 comm="syz.0.370" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   84.303486][ T6982] fuse: root generation should be zero
[   84.425987][   T40] audit: type=1400 audit(1769544604.767:309): avc:  denied  { connect } for  pid=6988 comm="syz.0.373" laddr=::ffff:0.0.0.0 lport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   84.435337][   T40] audit: type=1400 audit(1769544604.767:310): avc:  denied  { write } for  pid=6988 comm="syz.0.373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   84.587752][ T6998] FAULT_INJECTION: forcing a failure.
[   84.587752][ T6998] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   84.594897][ T6998] CPU: 2 UID: 0 PID: 6998 Comm: syz.1.377 Not tainted syzkaller #0 PREEMPT(full) 
[   84.594913][ T6998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   84.594919][ T6998] Call Trace:
[   84.594924][ T6998]  <TASK>
[   84.594929][ T6998]  dump_stack_lvl+0x100/0x190
[   84.594948][ T6998]  should_fail_ex.cold+0x5/0xa
[   84.594965][ T6998]  ? prepare_alloc_pages+0x16d/0x5f0
[   84.594982][ T6998]  should_fail_alloc_page+0xeb/0x140
[   84.594997][ T6998]  prepare_alloc_pages+0x1f0/0x5f0
[   84.595012][ T6998]  ? rcu_is_watching+0x12/0xc0
[   84.595028][ T6998]  __alloc_frozen_pages_noprof+0x193/0x2410
[   84.595041][ T6998]  ? kasan_save_stack+0x3f/0x50
[   84.595052][ T6998]  ? kasan_save_stack+0x30/0x50
[   84.595063][ T6998]  ? kasan_save_track+0x14/0x30
[   84.595075][ T6998]  ? __kasan_kmalloc+0xaa/0xb0
[   84.595086][ T6998]  ? __kvmalloc_node_noprof+0x34d/0xac0
[   84.595097][ T6998]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[   84.595109][ T6998]  ? mmu_topup_memory_caches+0xbc/0x170
[   84.595122][ T6998]  ? kvm_mmu_load+0xd6/0x23e0
[   84.595135][ T6998]  ? vcpu_run+0x39ee/0x5ca0
[   84.595148][ T6998]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   84.595163][ T6998]  ? kvm_vcpu_ioctl+0x730/0x16d0
[   84.595173][ T6998]  ? __x64_sys_ioctl+0x18e/0x210
[   84.595182][ T6998]  ? do_syscall_64+0xc9/0xf80
[   84.595218][ T6998]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.595235][ T6998]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   84.595256][ T6998]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   84.595273][ T6998]  ? policy_nodemask+0xed/0x4f0
[   84.595288][ T6998]  alloc_pages_mpol+0x1fb/0x550
[   84.595304][ T6998]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   84.595318][ T6998]  ? trace_kmalloc+0x83/0xb0
[   84.595331][ T6998]  ? __kvmalloc_node_noprof+0x36a/0xac0
[   84.595343][ T6998]  ? trace_kmem_cache_alloc+0x80/0xb0
[   84.595357][ T6998]  ? kmem_cache_alloc_noprof+0x2ff/0x780
[   84.595372][ T6998]  alloc_pages_noprof+0x131/0x390
[   84.595387][ T6998]  get_free_pages_noprof+0x10/0xb0
[   84.595401][ T6998]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[   84.595417][ T6998]  mmu_topup_memory_caches+0xbc/0x170
[   84.595432][ T6998]  kvm_mmu_load+0xd6/0x23e0
[   84.595459][ T6998]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   84.595470][ T6998]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   84.595479][ T6998]  ? kvm_msr_allowed+0x47/0x450
[   84.595495][ T6998]  ? __pfx_kvm_mmu_load+0x10/0x10
[   84.595512][ T6998]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   84.595525][ T6998]  ? kvm_check_and_inject_events+0x961/0x10c0
[   84.595542][ T6998]  vcpu_run+0x39ee/0x5ca0
[   84.595559][ T6998]  ? __lock_acquire+0x4a5/0x2630
[   84.595572][ T6998]  ? __pfx_vcpu_run+0x10/0x10
[   84.595592][ T6998]  ? rcu_is_watching+0x12/0xc0
[   84.595608][ T6998]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   84.595622][ T6998]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   84.595642][ T6998]  kvm_vcpu_ioctl+0x730/0x16d0
[   84.595654][ T6998]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   84.595666][ T6998]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   84.595682][ T6998]  ? do_vfs_ioctl+0x226/0x13e0
[   84.595693][ T6998]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   84.595701][ T6998]  ? ioctl_has_perm.constprop.0.isra.0+0x380/0x540
[   84.595715][ T6998]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   84.595736][ T6998]  ? selinux_file_ioctl+0x139/0x290
[   84.595746][ T6998]  ? selinux_file_ioctl+0xb4/0x290
[   84.595758][ T6998]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   84.595770][ T6998]  __x64_sys_ioctl+0x18e/0x210
[   84.595781][ T6998]  do_syscall_64+0xc9/0xf80
[   84.595794][ T6998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.595804][ T6998] RIP: 0033:0x7f60de99aeb9
[   84.595815][ T6998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   84.595824][ T6998] RSP: 002b:00007f60df889028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   84.595836][ T6998] RAX: ffffffffffffffda RBX: 00007f60dec15fa0 RCX: 00007f60de99aeb9
[   84.595842][ T6998] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   84.595848][ T6998] RBP: 00007f60df889090 R08: 0000000000000000 R09: 0000000000000000
[   84.595854][ T6998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   84.595860][ T6998] R13: 00007f60dec16038 R14: 00007f60dec15fa0 R15: 00007ffde376d348
[   84.595874][ T6998]  </TASK>
[   84.768830][ T7007] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   84.771555][ T7007] IPv6: NLM_F_CREATE should be set when creating new route
[   84.803987][ T7009] netlink: 24 bytes leftover after parsing attributes in process `syz.2.380'.
[   84.926293][ T7025] FAULT_INJECTION: forcing a failure.
[   84.926293][ T7025] name failslab, interval 1, probability 0, space 0, times 0
[   84.930490][ T7025] CPU: 1 UID: 0 PID: 7025 Comm: syz.1.383 Not tainted syzkaller #0 PREEMPT(full) 
[   84.930509][ T7025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   84.930518][ T7025] Call Trace:
[   84.930524][ T7025]  <TASK>
[   84.930530][ T7025]  dump_stack_lvl+0x100/0x190
[   84.930558][ T7025]  should_fail_ex.cold+0x5/0xa
[   84.930588][ T7025]  should_failslab+0xc2/0x120
[   84.930612][ T7025]  kmem_cache_alloc_noprof+0x83/0x780
[   84.930634][ T7025]  ? lock_acquire+0x17c/0x330
[   84.930650][ T7025]  ? skb_clone+0x190/0x400
[   84.930669][ T7025]  ? skb_clone+0x190/0x400
[   84.930682][ T7025]  skb_clone+0x190/0x400
[   84.930697][ T7025]  dev_queue_xmit_nit+0x255/0xa60
[   84.930716][ T7025]  dev_hard_start_xmit+0x2fb/0x6c0
[   84.930729][ T7025]  __dev_queue_xmit+0x6dd/0x46f0
[   84.930745][ T7025]  ? __pfx___dev_queue_xmit+0x10/0x10
[   84.930764][ T7025]  ? __asan_memcpy+0x3c/0x60
[   84.930775][ T7025]  ? __asan_memcpy+0x3c/0x60
[   84.930786][ T7025]  ? __skb_clone+0x570/0x760
[   84.930801][ T7025]  netlink_deliver_tap+0xa4d/0xcc0
[   84.930818][ T7025]  netlink_unicast+0x650/0x870
[   84.930835][ T7025]  ? __pfx_netlink_unicast+0x10/0x10
[   84.930855][ T7025]  netlink_sendmsg+0x8b0/0xda0
[   84.930873][ T7025]  ? __pfx_netlink_sendmsg+0x10/0x10
[   84.930887][ T7025]  ? __might_fault+0x70/0x140
[   84.930903][ T7025]  ____sys_sendmsg+0xa54/0xc30
[   84.930914][ T7025]  ? __pfx_____sys_sendmsg+0x10/0x10
[   84.930929][ T7025]  ___sys_sendmsg+0x190/0x1e0
[   84.930941][ T7025]  ? __pfx____sys_sendmsg+0x10/0x10
[   84.930957][ T7025]  ? find_held_lock+0x2b/0x80
[   84.930978][ T7025]  __sys_sendmsg+0x170/0x220
[   84.930992][ T7025]  ? __pfx___sys_sendmsg+0x10/0x10
[   84.931013][ T7025]  do_syscall_64+0xc9/0xf80
[   84.931026][ T7025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.931037][ T7025] RIP: 0033:0x7f60de99aeb9
[   84.931045][ T7025] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   84.931055][ T7025] RSP: 002b:00007f60df868028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.931066][ T7025] RAX: ffffffffffffffda RBX: 00007f60dec16090 RCX: 00007f60de99aeb9
[   84.931072][ T7025] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[   84.931078][ T7025] RBP: 00007f60df868090 R08: 0000000000000000 R09: 0000000000000000
[   84.931085][ T7025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.931091][ T7025] R13: 00007f60dec16128 R14: 00007f60dec16090 R15: 00007ffde376d348
[   84.931104][ T7025]  </TASK>
[   85.065345][ T7021] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   85.220754][ T7031] netlink: 224 bytes leftover after parsing attributes in process `syz.0.388'.
[   85.256063][ T7033] FAULT_INJECTION: forcing a failure.
[   85.256063][ T7033] name failslab, interval 1, probability 0, space 0, times 0
[   85.262127][ T7033] CPU: 1 UID: 0 PID: 7033 Comm: syz.0.389 Not tainted syzkaller #0 PREEMPT(full) 
[   85.262152][ T7033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.262162][ T7033] Call Trace:
[   85.262168][ T7033]  <TASK>
[   85.262175][ T7033]  dump_stack_lvl+0x100/0x190
[   85.262202][ T7033]  should_fail_ex.cold+0x5/0xa
[   85.262231][ T7033]  should_failslab+0xc2/0x120
[   85.262253][ T7033]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[   85.262271][ T7033]  __kmalloc_noprof+0xf6/0x9c0
[   85.262288][ T7033]  ? __pfx___might_resched+0x10/0x10
[   85.262314][ T7033]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[   85.262331][ T7033]  genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[   85.262354][ T7033]  genl_family_rcv_msg_doit+0xc7/0x300
[   85.262373][ T7033]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   85.262389][ T7033]  ? genl_get_cmd+0x3ef/0x720
[   85.262422][ T7033]  ? __sys_sendmsg+0x170/0x220
[   85.262443][ T7033]  ? do_syscall_64+0xc9/0xf80
[   85.262460][ T7033]  ? __radix_tree_lookup+0x217/0x2b0
[   85.262490][ T7033]  genl_rcv_msg+0x560/0x800
[   85.262515][ T7033]  ? __pfx_genl_rcv_msg+0x10/0x10
[   85.262532][ T7033]  ? __pfx_smc_pnet_get+0x10/0x10
[   85.262554][ T7033]  ? __lock_acquire+0x4a5/0x2630
[   85.262576][ T7033]  netlink_rcv_skb+0x159/0x420
[   85.262600][ T7033]  ? __pfx_genl_rcv_msg+0x10/0x10
[   85.262618][ T7033]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   85.262651][ T7033]  ? netlink_deliver_tap+0x1ae/0xcc0
[   85.262679][ T7033]  genl_rcv+0x28/0x40
[   85.262702][ T7033]  netlink_unicast+0x5aa/0x870
[   85.262730][ T7033]  ? __pfx_netlink_unicast+0x10/0x10
[   85.262763][ T7033]  netlink_sendmsg+0x8b0/0xda0
[   85.262791][ T7033]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.262814][ T7033]  ? __might_fault+0x70/0x140
[   85.262841][ T7033]  ____sys_sendmsg+0xa54/0xc30
[   85.262860][ T7033]  ? __pfx_____sys_sendmsg+0x10/0x10
[   85.262887][ T7033]  ___sys_sendmsg+0x190/0x1e0
[   85.262906][ T7033]  ? __pfx____sys_sendmsg+0x10/0x10
[   85.262935][ T7033]  ? find_held_lock+0x2b/0x80
[   85.262974][ T7033]  __sys_sendmsg+0x170/0x220
[   85.262996][ T7033]  ? __pfx___sys_sendmsg+0x10/0x10
[   85.263045][ T7033]  do_syscall_64+0xc9/0xf80
[   85.263065][ T7033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.263082][ T7033] RIP: 0033:0x7f49ebb9aeb9
[   85.263097][ T7033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   85.263113][ T7033] RSP: 002b:00007f49e9df6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   85.263130][ T7033] RAX: ffffffffffffffda RBX: 00007f49ebe15fa0 RCX: 00007f49ebb9aeb9
[   85.263142][ T7033] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[   85.263152][ T7033] RBP: 00007f49e9df6090 R08: 0000000000000000 R09: 0000000000000000
[   85.263162][ T7033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.263171][ T7033] R13: 00007f49ebe16038 R14: 00007f49ebe15fa0 R15: 00007ffcf6b88278
[   85.263218][ T7033]  </TASK>
[   85.390573][ T5948] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   85.476256][ T7038] netlink: 'syz.2.391': attribute type 10 has an invalid length.
[   85.478869][ T7038] netlink: 40 bytes leftover after parsing attributes in process `syz.2.391'.
[   85.530419][ T7040] openvswitch: netlink: nsh attr 0 has unexpected len 3 expected 0
[   85.535203][ T7040] netlink: 'syz.2.391': attribute type 21 has an invalid length.
[   85.605779][ T7043] bridge_slave_0: left allmulticast mode
[   85.607976][ T7043] bridge_slave_0: left promiscuous mode
[   85.611093][ T7043] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.615710][ T7043] bridge_slave_1: left allmulticast mode
[   85.617634][ T7043] bridge_slave_1: left promiscuous mode
[   85.619580][ T7043] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.625362][ T7043] bond0: (slave bond_slave_0): Releasing backup interface
[   85.630125][ T7043] bond0: (slave bond_slave_1): Releasing backup interface
[   85.638728][ T7043] team0: Port device team_slave_0 removed
[   85.643008][ T7043] team0: Port device team_slave_1 removed
[   85.645863][ T7043] batman_adv: batadv0: Removing interface: batadv_slave_0
[   85.649554][ T7043] batman_adv: batadv0: Removing interface: batadv_slave_1
[   85.654849][ T7043] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   85.661952][ T7044] team0: Mode changed to "activebackup"
[   85.666535][ T7043] vlan0: entered promiscuous mode
[   85.727342][ T7048] tipc: Started in network mode
[   85.728936][ T7048] tipc: Node identity 4246, cluster identity 4711
[   85.732233][ T7048] tipc: Node number set to 16966
[   85.734912][ T7048] tipc: Cannot configure node identity twice
[   85.758997][ T7052] netlink: 24 bytes leftover after parsing attributes in process `syz.3.396'.
[   85.767458][ T7054] netlink: 12 bytes leftover after parsing attributes in process `syz.2.397'.
[   85.813730][ T5948] block nbd1: Receive control failed (result -107)
[   85.836814][ T7059] xt_CONNSECMARK: invalid mode: 0
[   86.459269][ T7094] netlink: 'syz.3.411': attribute type 2 has an invalid length.
[   86.462669][ T7094] netlink: 'syz.3.411': attribute type 1 has an invalid length.
[   86.465417][ T7094] netlink: 'syz.3.411': attribute type 1 has an invalid length.
[   86.636529][ T7103] netlink: 4 bytes leftover after parsing attributes in process `syz.3.415'.
[   86.672594][ T7107] fuse: Bad value for 'rootmode'
[   86.895845][ T7116] warning: `syz.2.421' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   86.920432][ T5948] Bluetooth: hci3: command 0x0405 tx timeout
[   87.132827][ T7135] netlink: 12 bytes leftover after parsing attributes in process `syz.1.426'.
[   87.259445][ T7141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.427'.
[   87.658214][ T7155] Cannot find add_set index 0 as target
[   87.752317][ T7159] FAULT_INJECTION: forcing a failure.
[   87.752317][ T7159] name failslab, interval 1, probability 0, space 0, times 0
[   87.756838][ T7159] CPU: 3 UID: 0 PID: 7159 Comm: syz.2.435 Not tainted syzkaller #0 PREEMPT(full) 
[   87.756853][ T7159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   87.756860][ T7159] Call Trace:
[   87.756865][ T7159]  <TASK>
[   87.756870][ T7159]  dump_stack_lvl+0x100/0x190
[   87.756888][ T7159]  should_fail_ex.cold+0x5/0xa
[   87.756907][ T7159]  should_failslab+0xc2/0x120
[   87.756922][ T7159]  ? tomoyo_realpath_from_path+0xb6/0x690
[   87.756934][ T7159]  __kmalloc_noprof+0xf6/0x9c0
[   87.756948][ T7159]  ? tomoyo_realpath_from_path+0xb6/0x690
[   87.756959][ T7159]  tomoyo_realpath_from_path+0xb6/0x690
[   87.756975][ T7159]  tomoyo_path_number_perm+0x23c/0x580
[   87.756991][ T7159]  ? tomoyo_path_number_perm+0x22e/0x580
[   87.757008][ T7159]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   87.757038][ T7159]  ? find_held_lock+0x2b/0x80
[   87.757052][ T7159]  ? hook_file_ioctl_common+0x146/0x410
[   87.757065][ T7159]  ? __fget_files+0x215/0x3d0
[   87.757080][ T7159]  ? __fget_files+0x21f/0x3d0
[   87.757095][ T7159]  security_file_ioctl+0xd3/0x230
[   87.757107][ T7159]  __x64_sys_ioctl+0xb7/0x210
[   87.757118][ T7159]  do_syscall_64+0xc9/0xf80
[   87.757131][ T7159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.757143][ T7159] RIP: 0033:0x7f4e43b9aeb9
[   87.757152][ T7159] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.757163][ T7159] RSP: 002b:00007f4e44afa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   87.757174][ T7159] RAX: ffffffffffffffda RBX: 00007f4e43e15fa0 RCX: 00007f4e43b9aeb9
[   87.757181][ T7159] RDX: 0000200000000740 RSI: 000000004400ae8f RDI: 0000000000000005
[   87.757187][ T7159] RBP: 00007f4e44afa090 R08: 0000000000000000 R09: 0000000000000000
[   87.757193][ T7159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.757199][ T7159] R13: 00007f4e43e16038 R14: 00007f4e43e15fa0 R15: 00007ffd90cdd9f8
[   87.757213][ T7159]  </TASK>
[   87.757218][ T7159] ERROR: Out of memory at tomoyo_realpath_from_path.
[   87.819499][ T7163] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   87.908645][ T7166] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   87.920964][ T7166] team0: Unable to change to the same mode the team is in
[   87.960148][ T7170] openvswitch: netlink: Unexpected mask (mask=200440, allowed=10048)
[   87.965305][ T7170] openvswitch: netlink: Unexpected mask (mask=200440, allowed=10048)
[   88.064020][ T7175] FAULT_INJECTION: forcing a failure.
[   88.064020][ T7175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.066151][ T7179] FAULT_INJECTION: forcing a failure.
[   88.066151][ T7179] name failslab, interval 1, probability 0, space 0, times 0
[   88.068352][ T7175] CPU: 0 UID: 0 PID: 7175 Comm: syz.2.440 Not tainted syzkaller #0 PREEMPT(full) 
[   88.068368][ T7175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   88.068375][ T7175] Call Trace:
[   88.068379][ T7175]  <TASK>
[   88.068388][ T7175]  dump_stack_lvl+0x100/0x190
[   88.068407][ T7175]  should_fail_ex.cold+0x5/0xa
[   88.068425][ T7175]  _copy_to_user+0x32/0xd0
[   88.068442][ T7175]  simple_read_from_buffer+0xcb/0x170
[   88.068455][ T7175]  proc_fail_nth_read+0x1af/0x230
[   88.068470][ T7175]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.068485][ T7175]  ? rw_verify_area+0xce/0x6d0
[   88.068495][ T7175]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.068510][ T7175]  vfs_read+0x1e4/0xb30
[   88.068522][ T7175]  ? __pfx_vfs_read+0x10/0x10
[   88.068532][ T7175]  ? find_held_lock+0x2b/0x80
[   88.068547][ T7175]  ? __fget_files+0x215/0x3d0
[   88.068562][ T7175]  ? __fget_files+0x21f/0x3d0
[   88.068578][ T7175]  ksys_read+0x12a/0x250
[   88.068590][ T7175]  ? __pfx_ksys_read+0x10/0x10
[   88.068601][ T7175]  ? fput+0x79/0x100
[   88.068617][ T7175]  do_syscall_64+0xc9/0xf80
[   88.068631][ T7175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.068642][ T7175] RIP: 0033:0x7f4e43b5b78e
[   88.068651][ T7175] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   88.068661][ T7175] RSP: 002b:00007f4e44af9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   88.068672][ T7175] RAX: ffffffffffffffda RBX: 00007f4e44afa6c0 RCX: 00007f4e43b5b78e
[   88.068679][ T7175] RDX: 000000000000000f RSI: 00007f4e44afa0a0 RDI: 0000000000000006
[   88.068685][ T7175] RBP: 00007f4e44afa090 R08: 0000000000000000 R09: 0000000000000000
[   88.068691][ T7175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.068697][ T7175] R13: 00007f4e43e16038 R14: 00007f4e43e15fa0 R15: 00007ffd90cdd9f8
[   88.068711][ T7175]  </TASK>
[   88.139249][ T7181] xt_CONNSECMARK: invalid mode: 0
[   88.140765][ T7179] CPU: 3 UID: 0 PID: 7179 Comm: syz.3.449 Not tainted syzkaller #0 PREEMPT(full) 
[   88.140782][ T7179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   88.140788][ T7179] Call Trace:
[   88.140792][ T7179]  <TASK>
[   88.140796][ T7179]  dump_stack_lvl+0x100/0x190
[   88.140815][ T7179]  should_fail_ex.cold+0x5/0xa
[   88.140834][ T7179]  should_failslab+0xc2/0x120
[   88.140848][ T7179]  ? tomoyo_encode2+0xfb/0x3c0
[   88.140859][ T7179]  __kmalloc_noprof+0xf6/0x9c0
[   88.140874][ T7179]  ? tomoyo_encode2+0xfb/0x3c0
[   88.140884][ T7179]  tomoyo_encode2+0xfb/0x3c0
[   88.140898][ T7179]  tomoyo_encode+0x29/0x50
[   88.140909][ T7179]  tomoyo_realpath_from_path+0x18c/0x690
[   88.140924][ T7179]  tomoyo_path_number_perm+0x23c/0x580
[   88.140940][ T7179]  ? tomoyo_path_number_perm+0x22e/0x580
[   88.140958][ T7179]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   88.140987][ T7179]  ? find_held_lock+0x2b/0x80
[   88.141001][ T7179]  ? hook_file_ioctl_common+0x146/0x410
[   88.141015][ T7179]  ? __fget_files+0x215/0x3d0
[   88.141030][ T7179]  ? __fget_files+0x21f/0x3d0
[   88.141045][ T7179]  security_file_ioctl+0xd3/0x230
[   88.141057][ T7179]  __x64_sys_ioctl+0xb7/0x210
[   88.141068][ T7179]  do_syscall_64+0xc9/0xf80
[   88.141082][ T7179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.141093][ T7179] RIP: 0033:0x7fbe9f19aeb9
[   88.141102][ T7179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   88.141112][ T7179] RSP: 002b:00007fbea00fa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   88.141123][ T7179] RAX: ffffffffffffffda RBX: 00007fbe9f415fa0 RCX: 00007fbe9f19aeb9
[   88.141130][ T7179] RDX: 0000200000000a40 RSI: 00000000c0d05605 RDI: 0000000000000003
[   88.141136][ T7179] RBP: 00007fbea00fa090 R08: 0000000000000000 R09: 0000000000000000
[   88.141143][ T7179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.141149][ T7179] R13: 00007fbe9f416038 R14: 00007fbe9f415fa0 R15: 00007ffd308a86a8
[   88.141163][ T7179]  </TASK>
[   88.141175][ T7179] ERROR: Out of memory at tomoyo_realpath_from_path.
[   88.258908][   T40] kauditd_printk_skb: 17 callbacks suppressed
[   88.258925][   T40] audit: type=1400 audit(1769544608.597:328): avc:  denied  { append } for  pid=7184 comm="syz.2.444" name="001" dev="devtmpfs" ino=767 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   88.387673][   T40] audit: type=1400 audit(1769544608.727:329): avc:  denied  { mounton } for  pid=7193 comm="syz.0.448" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   88.394574][ T7194] faux_driver vgem: [drm] Unknown color mode 9; guessing buffer size.
[   88.403249][   T40] audit: type=1400 audit(1769544608.747:330): avc:  denied  { mount } for  pid=7193 comm="syz.0.448" name="/" dev="pstore" ino=5626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[   88.411278][   T40] audit: type=1400 audit(1769544608.757:331): avc:  denied  { map } for  pid=7193 comm="syz.0.448" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   88.418640][   T40] audit: type=1400 audit(1769544608.757:332): avc:  denied  { execute } for  pid=7193 comm="syz.0.448" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   88.467615][ T7190] syzkaller0: entered promiscuous mode
[   88.470047][ T7190] syzkaller0: entered allmulticast mode
[   88.502739][ T7198] netlink: 'syz.2.450': attribute type 11 has an invalid length.
[   88.505927][ T7198] netlink: 44 bytes leftover after parsing attributes in process `syz.2.450'.
[   88.699101][ T5948] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[   89.181687][   T40] audit: type=1400 audit(1769544609.527:333): avc:  denied  { write } for  pid=7237 comm="syz.1.468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   89.236288][   T40] audit: type=1400 audit(1769544609.577:334): avc:  denied  { create } for  pid=7237 comm="syz.1.468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   89.243979][   T40] audit: type=1400 audit(1769544609.577:335): avc:  denied  { bind } for  pid=7237 comm="syz.1.468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   89.252175][   T40] audit: type=1400 audit(1769544609.577:336): avc:  denied  { getopt } for  pid=7237 comm="syz.1.468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   89.259310][ T7241] fuse: Unknown parameter 'user_i00000000000000000000'
[   89.599277][   T40] audit: type=1400 audit(1769544609.937:337): avc:  denied  { allowed } for  pid=7249 comm="syz.2.472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   89.637325][ T7252] __nla_validate_parse: 1 callbacks suppressed
[   89.637343][ T7252] netlink: 16 bytes leftover after parsing attributes in process `syz.2.473'.
[   89.894420][ T7273] fuse: Unknown parameter 'user_i00000000000000000000'
[   90.205848][ T7291] FAULT_INJECTION: forcing a failure.
[   90.205848][ T7291] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   90.210801][ T7291] CPU: 3 UID: 0 PID: 7291 Comm: syz.0.487 Not tainted syzkaller #0 PREEMPT(full) 
[   90.210826][ T7291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   90.210836][ T7291] Call Trace:
[   90.210843][ T7291]  <TASK>
[   90.210850][ T7291]  dump_stack_lvl+0x100/0x190
[   90.210876][ T7291]  should_fail_ex.cold+0x5/0xa
[   90.210917][ T7291]  ? prepare_alloc_pages+0x16d/0x5f0
[   90.210943][ T7291]  should_fail_alloc_page+0xeb/0x140
[   90.210966][ T7291]  prepare_alloc_pages+0x1f0/0x5f0
[   90.210993][ T7291]  __alloc_frozen_pages_noprof+0x193/0x2410
[   90.211016][ T7291]  ? rcu_is_watching+0x12/0xc0
[   90.211038][ T7291]  ? trace_mm_page_alloc+0x10e/0x160
[   90.211061][ T7291]  ? __alloc_frozen_pages_noprof+0x2a0/0x2410
[   90.211078][ T7291]  ? stack_trace_save+0x8e/0xc0
[   90.211102][ T7291]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   90.211122][ T7291]  ? is_bpf_text_address+0x8a/0x1a0
[   90.211176][ T7291]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   90.211195][ T7291]  ? __get_vm_area_node+0x1ca/0x330
[   90.211222][ T7291]  ? __vmalloc_node_noprof+0xad/0xf0
[   90.211246][ T7291]  ? kernel_clone+0xfc/0x930
[   90.211269][ T7291]  ? __do_sys_clone+0xd9/0x120
[   90.211291][ T7291]  ? do_syscall_64+0xc9/0xf80
[   90.211307][ T7291]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.211332][ T7291]  alloc_pages_bulk_noprof+0x777/0x1500
[   90.211351][ T7291]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   90.211382][ T7291]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[   90.211411][ T7291]  ? alloc_pages_noprof+0x233/0x390
[   90.211439][ T7291]  __kasan_populate_vmalloc+0xf0/0x210
[   90.211462][ T7291]  alloc_vmap_area+0x935/0x2a00
[   90.211491][ T7291]  ? __pfx_alloc_vmap_area+0x10/0x10
[   90.211520][ T7291]  __get_vm_area_node+0x1ca/0x330
[   90.211547][ T7291]  __vmalloc_node_range_noprof+0x213/0x1530
[   90.211571][ T7291]  ? kernel_clone+0xfc/0x930
[   90.211601][ T7291]  ? kernel_clone+0xfc/0x930
[   90.211627][ T7291]  ? rcu_read_unlock+0x17/0x60
[   90.211655][ T7291]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   90.211681][ T7291]  ? __memcg_slab_post_alloc_hook+0x473/0x880
[   90.211711][ T7291]  ? rcu_is_watching+0x12/0xc0
[   90.211733][ T7291]  ? kernel_clone+0xfc/0x930
[   90.211749][ T7291]  __vmalloc_node_noprof+0xad/0xf0
[   90.211766][ T7291]  ? kernel_clone+0xfc/0x930
[   90.211784][ T7291]  copy_process+0x5ec/0x7890
[   90.211799][ T7291]  ? __lock_acquire+0x4a5/0x2630
[   90.211816][ T7291]  ? __pfx_copy_process+0x10/0x10
[   90.211832][ T7291]  ? find_held_lock+0x2b/0x80
[   90.211852][ T7291]  kernel_clone+0xfc/0x930
[   90.211867][ T7291]  ? find_held_lock+0x2b/0x80
[   90.211881][ T7291]  ? __pfx_kernel_clone+0x10/0x10
[   90.211905][ T7291]  __do_sys_clone+0xd9/0x120
[   90.211922][ T7291]  ? __pfx___do_sys_clone+0x10/0x10
[   90.211944][ T7291]  ? ksys_write+0x1ac/0x250
[   90.211955][ T7291]  ? __pfx_ksys_write+0x10/0x10
[   90.211971][ T7291]  do_syscall_64+0xc9/0xf80
[   90.211984][ T7291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.211995][ T7291] RIP: 0033:0x7f49ebb9aeb9
[   90.212006][ T7291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   90.212016][ T7291] RSP: 002b:00007f49e9dd4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   90.212027][ T7291] RAX: ffffffffffffffda RBX: 00007f49ebe16090 RCX: 00007f49ebb9aeb9
[   90.212034][ T7291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   90.212040][ T7291] RBP: 00007f49e9dd5090 R08: 0000000000000000 R09: 0000000000000000
[   90.212061][ T7291] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   90.212067][ T7291] R13: 00007f49ebe16128 R14: 00007f49ebe16090 R15: 00007ffcf6b88278
[   90.212081][ T7291]  </TASK>
[   90.212231][ T7291] syz.0.487: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   90.357711][ T7291] CPU: 0 UID: 0 PID: 7291 Comm: syz.0.487 Not tainted syzkaller #0 PREEMPT(full) 
[   90.357736][ T7291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   90.357747][ T7291] Call Trace:
[   90.357754][ T7291]  <TASK>
[   90.357762][ T7291]  dump_stack_lvl+0x100/0x190
[   90.357791][ T7291]  warn_alloc.cold+0x95/0x1c1
[   90.357819][ T7291]  ? __pfx_warn_alloc+0x10/0x10
[   90.357840][ T7291]  ? kfree+0x1c7/0x690
[   90.357855][ T7291]  ? __get_vm_area_node+0x2c5/0x330
[   90.357884][ T7291]  ? __get_vm_area_node+0x2c5/0x330
[   90.357907][ T7291]  ? __get_vm_area_node+0x1dc/0x330
[   90.357931][ T7291]  ? __get_vm_area_node+0x208/0x330
[   90.357962][ T7291]  __vmalloc_node_range_noprof+0xbf4/0x1530
[   90.357996][ T7291]  ? kernel_clone+0xfc/0x930
[   90.358025][ T7291]  ? rcu_read_unlock+0x17/0x60
[   90.358052][ T7291]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   90.358079][ T7291]  ? __memcg_slab_post_alloc_hook+0x473/0x880
[   90.358110][ T7291]  ? rcu_is_watching+0x12/0xc0
[   90.358141][ T7291]  ? kernel_clone+0xfc/0x930
[   90.358166][ T7291]  __vmalloc_node_noprof+0xad/0xf0
[   90.358193][ T7291]  ? kernel_clone+0xfc/0x930
[   90.358220][ T7291]  copy_process+0x5ec/0x7890
[   90.358246][ T7291]  ? __lock_acquire+0x4a5/0x2630
[   90.358274][ T7291]  ? __pfx_copy_process+0x10/0x10
[   90.358300][ T7291]  ? find_held_lock+0x2b/0x80
[   90.358333][ T7291]  kernel_clone+0xfc/0x930
[   90.358358][ T7291]  ? find_held_lock+0x2b/0x80
[   90.358382][ T7291]  ? __pfx_kernel_clone+0x10/0x10
[   90.358421][ T7291]  __do_sys_clone+0xd9/0x120
[   90.358448][ T7291]  ? __pfx___do_sys_clone+0x10/0x10
[   90.358483][ T7291]  ? ksys_write+0x1ac/0x250
[   90.358502][ T7291]  ? __pfx_ksys_write+0x10/0x10
[   90.358528][ T7291]  do_syscall_64+0xc9/0xf80
[   90.358551][ T7291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.358569][ T7291] RIP: 0033:0x7f49ebb9aeb9
[   90.358583][ T7291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   90.358600][ T7291] RSP: 002b:00007f49e9dd4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   90.358617][ T7291] RAX: ffffffffffffffda RBX: 00007f49ebe16090 RCX: 00007f49ebb9aeb9
[   90.358628][ T7291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   90.358639][ T7291] RBP: 00007f49e9dd5090 R08: 0000000000000000 R09: 0000000000000000
[   90.358649][ T7291] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   90.358659][ T7291] R13: 00007f49ebe16128 R14: 00007f49ebe16090 R15: 00007ffcf6b88278
[   90.358684][ T7291]  </TASK>
[   90.358691][ T7291] Mem-Info:
[   90.466521][ T7291] active_anon:9201 inactive_anon:0 isolated_anon:0
[   90.466521][ T7291]  active_file:11764 inactive_file:40702 isolated_file:0
[   90.466521][ T7291]  unevictable:3816 dirty:691 writeback:0
[   90.466521][ T7291]  slab_reclaimable:12253 slab_unreclaimable:66953
[   90.466521][ T7291]  mapped:26142 shmem:2392 pagetables:1244
[   90.466521][ T7291]  sec_pagetables:302 bounce:0
[   90.466521][ T7291]  kernel_misc_reclaimable:0
[   90.466521][ T7291]  free:453780 free_pcp:18547 free_cma:0
[   90.482596][ T7291] Node 0 active_anon:36804kB inactive_anon:0kB active_file:47056kB inactive_file:162604kB unevictable:11728kB isolated(anon):0kB isolated(file):0kB mapped:104568kB dirty:2764kB writeback:0kB shmem:6032kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13056kB pagetables:4788kB sec_pagetables:1208kB all_unreclaimable? no Balloon:0kB
[   90.496006][ T7291] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:128kB pagetables:188kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   90.508368][ T7291] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   90.520826][ T7291] lowmem_reserve[]: 0 1231 1231 1231 1231
[   90.523308][ T7291] Node 0 DMA32 free:196492kB boost:0kB min:27488kB low:34360kB high:41232kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36804kB inactive_anon:0kB active_file:47056kB inactive_file:162604kB unevictable:11728kB writepending:2764kB zspages:0kB present:2080628kB managed:1261172kB mlocked:8192kB bounce:0kB free_pcp:59792kB local_pcp:15584kB free_cma:0kB
[   90.537054][ T7291] lowmem_reserve[]: 0 0 0 0 0
[   90.539127][ T7291] Node 1 Normal free:1603268kB boost:0kB min:39752kB low:49688kB high:59624kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:3536kB writepending:0kB zspages:0kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:14252kB local_pcp:2476kB free_cma:0kB
[   90.552459][ T7291] lowmem_reserve[]: 0 0 0 0 0
[   90.554521][ T7291] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   90.559882][ T7291] Node 0 DMA32: 69*4kB (UM) 735*8kB (UME) 478*16kB (UM) 143*32kB (U) 207*64kB (UM) 160*128kB (UM) 32*256kB (UM) 20*512kB (UM) 9*1024kB (UM) 5*2048kB (UM) 26*4096kB (M) = 196492kB
[   90.567528][ T7291] Node 1 Normal: 7*4kB (UME) 23*8kB (UE) 17*16kB (UME) 9*32kB (UME) 11*64kB (UME) 10*128kB (UME) 4*256kB (UE) 4*512kB (UM) 2*1024kB (U) 1*2048kB (M) 389*4096kB (ME) = 1603268kB
[   90.575237][ T7291] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   90.579247][ T7291] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   90.583261][ T7291] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   90.587232][ T7291] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   90.591078][ T7291] 54854 total pagecache pages
[   90.593132][ T7291] 0 pages in swap cache
[   90.594893][ T7291] Free swap  = 124996kB
[   90.596654][ T7291] Total swap = 124996kB
[   90.598470][ T7291] 1048443 pages RAM
[   90.600145][ T7291] 0 pages HighMem/MovableOnly
[   90.602288][ T7291] 283839 pages reserved
[   90.604229][ T7291] 0 pages cma reserved
[   90.647553][ T7295] fuse: Unknown parameter 'user_id00000000000000000000'
[   90.763457][ T7303] netlink: 32 bytes leftover after parsing attributes in process `syz.2.493'.
[   90.839394][ T7304] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   90.970584][ T7322] fuse: Unknown parameter 'user_id00000000000000000000'
[   90.975405][ T7318] netlink: 4 bytes leftover after parsing attributes in process `syz.2.499'.
[   90.983476][ T7318] netlink: 5984 bytes leftover after parsing attributes in process `syz.2.499'.
[   91.157488][ T7338] fuse: Bad value for 'fd'
[   91.566591][ T7353] fuse: Unknown parameter 'user_id00000000000000000000'
[   91.621482][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.624067][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.626512][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.629676][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.635074][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.637708][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.644665][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.647863][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.651371][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.654454][ T5933] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   91.663741][ T5933] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   91.688328][ T7360] fido_id[7360]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   91.775537][ T7356] syzkaller0: entered promiscuous mode
[   91.777911][ T7356] syzkaller0: entered allmulticast mode
[   91.968811][ T5935] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[   92.053533][ T7391] netlink: 8 bytes leftover after parsing attributes in process `syz.2.526'.
[   92.111702][ T7396] netlink: 224 bytes leftover after parsing attributes in process `syz.1.528'.
[   92.164970][ T7401] ip6gre2: entered promiscuous mode
[   92.167078][ T7401] ip6gre2: entered allmulticast mode
[   92.276624][ T7408] fuse: Bad value for 'fd'
[   92.328606][ T7416] netlink: 16 bytes leftover after parsing attributes in process `syz.0.537'.
[   92.336633][ T7416] netlink: 12 bytes leftover after parsing attributes in process `syz.0.537'.
[   92.339679][ T7416] netlink: 12 bytes leftover after parsing attributes in process `syz.0.537'.
[   92.398803][ T5935] Bluetooth: hci2: Invalid handle: 0x7f00 > 0x0eff
[   92.444746][ T7423] netlink: 16 bytes leftover after parsing attributes in process `syz.0.541'.
[   92.578524][ T7434] =======================================================
[   92.578524][ T7434] WARNING: The mand mount option has been deprecated and
[   92.578524][ T7434]          and is ignored by this kernel. Remove the mand
[   92.578524][ T7434]          option from the mount to silence this warning.
[   92.578524][ T7434] =======================================================
[   92.596344][ T7430] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   92.615395][ T7430] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[   92.619045][ T7430] overlayfs: failed to look up (tracing) for ino (-66)
[   92.774880][ T7442] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   92.885522][ T7446] netlink: 'syz.3.549': attribute type 1 has an invalid length.
[   92.911662][ T7446] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[   92.911667][ T5948] Bluetooth: hci2: command tx timeout
[   92.918259][ T7446] bond2: (slave vxcan3): Error -95 calling set_mac_address
[   93.078583][ T7452] GUP no longer grows the stack in syz.3.551 (7452): 200000004000-20000000a000 (200000002000)
[   93.082621][ T7452] CPU: 3 UID: 0 PID: 7452 Comm: syz.3.551 Not tainted syzkaller #0 PREEMPT(full) 
[   93.082638][ T7452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   93.082646][ T7452] Call Trace:
[   93.082651][ T7452]  <TASK>
[   93.082656][ T7452]  dump_stack_lvl+0x100/0x190
[   93.082674][ T7452]  gup_vma_lookup.cold+0x83/0x96
[   93.082691][ T7452]  __get_user_pages+0x241/0x34d0
[   93.082712][ T7452]  ? find_held_lock+0x2b/0x80
[   93.082728][ T7452]  ? mtree_load+0x311/0xa40
[   93.082820][ T7452]  ? __pfx___get_user_pages+0x10/0x10
[   93.082841][ T7452]  get_user_pages_remote+0x3d2/0xb10
[   93.082858][ T7452]  ? mas_new_root+0x660/0x6e0
[   93.082872][ T7452]  ? __pfx_get_user_pages_remote+0x10/0x10
[   93.082889][ T7452]  ? __access_remote_vm+0x84d/0xa70
[   93.082907][ T7452]  __access_remote_vm+0x3ba/0xa70
[   93.082924][ T7452]  ? do_raw_spin_lock+0x128/0x260
[   93.082937][ T7452]  ? __pfx___access_remote_vm+0x10/0x10
[   93.082969][ T7452]  ? alloc_pages_noprof+0x233/0x390
[   93.082986][ T7452]  proc_pid_cmdline_read+0x4f2/0x8c0
[   93.083004][ T7452]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   93.083020][ T7452]  ? rw_verify_area+0xce/0x6d0
[   93.083032][ T7452]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   93.083047][ T7452]  vfs_readv+0x5d8/0x8d0
[   93.083063][ T7452]  ? __pfx_vfs_readv+0x10/0x10
[   93.083084][ T7452]  ? __fget_files+0x21f/0x3d0
[   93.083106][ T7452]  ? do_preadv+0x1ac/0x270
[   93.083142][ T7452]  do_preadv+0x1ac/0x270
[   93.083161][ T7452]  ? __pfx_do_preadv+0x10/0x10
[   93.083173][ T7452]  ? kcov_ioctl+0x16a/0x720
[   93.083193][ T7452]  do_syscall_64+0xc9/0xf80
[   93.083207][ T7452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.083219][ T7452] RIP: 0033:0x7fbe9f19aeb9
[   93.083229][ T7452] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   93.083240][ T7452] RSP: 002b:00007fbea00fa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   93.083251][ T7452] RAX: ffffffffffffffda RBX: 00007fbe9f415fa0 RCX: 00007fbe9f19aeb9
[   93.083258][ T7452] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[   93.083265][ T7452] RBP: 00007fbe9f208c1f R08: 0000000000000000 R09: 0000000000000000
[   93.083271][ T7452] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[   93.083277][ T7452] R13: 00007fbe9f416038 R14: 00007fbe9f415fa0 R15: 00007ffd308a86a8
[   93.083291][ T7452]  </TASK>
[   93.243926][ T7462] Cannot find add_set index 0 as target
[   93.269912][ T7464] FAULT_INJECTION: forcing a failure.
[   93.269912][ T7464] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   93.277098][ T7464] CPU: 0 UID: 0 PID: 7464 Comm: syz.1.557 Not tainted syzkaller #0 PREEMPT(full) 
[   93.277123][ T7464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   93.277134][ T7464] Call Trace:
[   93.277141][ T7464]  <TASK>
[   93.277148][ T7464]  dump_stack_lvl+0x100/0x190
[   93.277178][ T7464]  should_fail_ex.cold+0x5/0xa
[   93.277202][ T7464]  ? prepare_alloc_pages+0x16d/0x5f0
[   93.277230][ T7464]  should_fail_alloc_page+0xeb/0x140
[   93.277254][ T7464]  prepare_alloc_pages+0x1f0/0x5f0
[   93.277279][ T7464]  ? rcu_is_watching+0x12/0xc0
[   93.277303][ T7464]  __alloc_frozen_pages_noprof+0x193/0x2410
[   93.277326][ T7464]  ? kasan_save_stack+0x3f/0x50
[   93.277345][ T7464]  ? kasan_save_stack+0x30/0x50
[   93.277361][ T7464]  ? kasan_save_track+0x14/0x30
[   93.277380][ T7464]  ? __kasan_kmalloc+0xaa/0xb0
[   93.277400][ T7464]  ? __kvmalloc_node_noprof+0x34d/0xac0
[   93.277419][ T7464]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[   93.277439][ T7464]  ? mmu_topup_memory_caches+0xbc/0x170
[   93.277468][ T7464]  ? kvm_mmu_load+0xd6/0x23e0
[   93.277489][ T7464]  ? vcpu_run+0x39ee/0x5ca0
[   93.277511][ T7464]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   93.277534][ T7464]  ? kvm_vcpu_ioctl+0x730/0x16d0
[   93.277549][ T7464]  ? __x64_sys_ioctl+0x18e/0x210
[   93.277564][ T7464]  ? do_syscall_64+0xc9/0xf80
[   93.277583][ T7464]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.277606][ T7464]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   93.277640][ T7464]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   93.277667][ T7464]  ? policy_nodemask+0xed/0x4f0
[   93.277691][ T7464]  alloc_pages_mpol+0x1fb/0x550
[   93.277716][ T7464]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   93.277739][ T7464]  ? trace_kmalloc+0x83/0xb0
[   93.277759][ T7464]  ? __kvmalloc_node_noprof+0x36a/0xac0
[   93.277774][ T7464]  ? trace_kmem_cache_alloc+0x80/0xb0
[   93.277798][ T7464]  ? kmem_cache_alloc_noprof+0x2ff/0x780
[   93.277822][ T7464]  alloc_pages_noprof+0x131/0x390
[   93.277847][ T7464]  get_free_pages_noprof+0x10/0xb0
[   93.277868][ T7464]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[   93.277897][ T7464]  mmu_topup_memory_caches+0xbc/0x170
[   93.277919][ T7464]  kvm_mmu_load+0xd6/0x23e0
[   93.277942][ T7464]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   93.277959][ T7464]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   93.277976][ T7464]  ? kvm_msr_allowed+0x47/0x450
[   93.278000][ T7464]  ? __pfx_kvm_mmu_load+0x10/0x10
[   93.278020][ T7464]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   93.278042][ T7464]  ? kvm_check_and_inject_events+0x961/0x10c0
[   93.278070][ T7464]  vcpu_run+0x39ee/0x5ca0
[   93.278097][ T7464]  ? __lock_acquire+0x4a5/0x2630
[   93.278118][ T7464]  ? __pfx_vcpu_run+0x10/0x10
[   93.278152][ T7464]  ? rcu_is_watching+0x12/0xc0
[   93.278177][ T7464]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   93.278197][ T7464]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   93.278229][ T7464]  kvm_vcpu_ioctl+0x730/0x16d0
[   93.278250][ T7464]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   93.278270][ T7464]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   93.278294][ T7464]  ? do_vfs_ioctl+0x226/0x13e0
[   93.278313][ T7464]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   93.278328][ T7464]  ? ioctl_has_perm.constprop.0.isra.0+0x380/0x540
[   93.278350][ T7464]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   93.278383][ T7464]  ? selinux_file_ioctl+0x139/0x290
[   93.278400][ T7464]  ? selinux_file_ioctl+0xb4/0x290
[   93.278419][ T7464]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   93.278440][ T7464]  __x64_sys_ioctl+0x18e/0x210
[   93.278463][ T7464]  do_syscall_64+0xc9/0xf80
[   93.278485][ T7464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.278503][ T7464] RIP: 0033:0x7f60de99aeb9
[   93.278517][ T7464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   93.278533][ T7464] RSP: 002b:00007f60df889028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   93.278553][ T7464] RAX: ffffffffffffffda RBX: 00007f60dec15fa0 RCX: 00007f60de99aeb9
[   93.278565][ T7464] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   93.278577][ T7464] RBP: 00007f60df889090 R08: 0000000000000000 R09: 0000000000000000
[   93.278587][ T7464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   93.278597][ T7464] R13: 00007f60dec16038 R14: 00007f60dec15fa0 R15: 00007ffde376d348
[   93.278622][ T7464]  </TASK>
[   93.340003][ T7469] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   93.453993][ T7470] team0: Unable to change to the same mode the team is in
[   93.504253][ T7473] fuse: Bad value for 'fd'
[   93.706951][   T40] kauditd_printk_skb: 29 callbacks suppressed
[   93.706963][   T40] audit: type=1400 audit(1769544614.047:367): avc:  denied  { map } for  pid=7483 comm="syz.2.566" path="pipe:[19887]" dev="pipefs" ino=19887 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   93.717457][   T40] audit: type=1400 audit(1769544614.047:368): avc:  denied  { execute } for  pid=7483 comm="syz.2.566" path="pipe:[19887]" dev="pipefs" ino=19887 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   93.833482][   T40] audit: type=1400 audit(1769544614.177:369): avc:  denied  { getopt } for  pid=7493 comm="syz.2.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   93.835283][ T7494] netlink: 'syz.2.570': attribute type 1 has an invalid length.
[   93.843885][ T7495] FAULT_INJECTION: forcing a failure.
[   93.843885][ T7495] name failslab, interval 1, probability 0, space 0, times 0
[   93.847368][ T7495] CPU: 1 UID: 0 PID: 7495 Comm: syz.1.567 Not tainted syzkaller #0 PREEMPT(full) 
[   93.847384][ T7495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   93.847391][ T7495] Call Trace:
[   93.847395][ T7495]  <TASK>
[   93.847399][ T7495]  dump_stack_lvl+0x100/0x190
[   93.847418][ T7495]  should_fail_ex.cold+0x5/0xa
[   93.847437][ T7495]  should_failslab+0xc2/0x120
[   93.847453][ T7495]  __kmalloc_node_noprof+0xfb/0x9e0
[   93.847468][ T7495]  ? __get_vm_area_node+0x1dc/0x330
[   93.847483][ T7495]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[   93.847502][ T7495]  ? __vmalloc_node_range_noprof+0x3dc/0x1530
[   93.847519][ T7495]  __vmalloc_node_range_noprof+0x3dc/0x1530
[   93.847539][ T7495]  ? kernel_clone+0xfc/0x930
[   93.847558][ T7495]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   93.847575][ T7495]  ? __memcg_slab_post_alloc_hook+0x473/0x880
[   93.847594][ T7495]  ? rcu_is_watching+0x12/0xc0
[   93.847609][ T7495]  ? kernel_clone+0xfc/0x930
[   93.847624][ T7495]  __vmalloc_node_noprof+0xad/0xf0
[   93.847641][ T7495]  ? kernel_clone+0xfc/0x930
[   93.847657][ T7495]  copy_process+0x5ec/0x7890
[   93.847673][ T7495]  ? __lock_acquire+0x4a5/0x2630
[   93.847690][ T7495]  ? __pfx_copy_process+0x10/0x10
[   93.847706][ T7495]  ? find_held_lock+0x2b/0x80
[   93.847724][ T7495]  kernel_clone+0xfc/0x930
[   93.847739][ T7495]  ? find_held_lock+0x2b/0x80
[   93.847754][ T7495]  ? __pfx_kernel_clone+0x10/0x10
[   93.847777][ T7495]  __do_sys_clone+0xd9/0x120
[   93.847793][ T7495]  ? __pfx___do_sys_clone+0x10/0x10
[   93.847814][ T7495]  ? ksys_write+0x1ac/0x250
[   93.847826][ T7495]  ? __pfx_ksys_write+0x10/0x10
[   93.847841][ T7495]  do_syscall_64+0xc9/0xf80
[   93.847854][ T7495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.847866][ T7495] RIP: 0033:0x7f60de99aeb9
[   93.847875][ T7495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   93.847886][ T7495] RSP: 002b:00007f60df867fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   93.847897][ T7495] RAX: ffffffffffffffda RBX: 00007f60dec16090 RCX: 00007f60de99aeb9
[   93.847904][ T7495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   93.847910][ T7495] RBP: 00007f60df868090 R08: 0000000000000000 R09: 0000000000000000
[   93.847916][ T7495] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   93.847922][ T7495] R13: 00007f60dec16128 R14: 00007f60dec16090 R15: 00007ffde376d348
[   93.847936][ T7495]  </TASK>
[   93.857300][ T7494] bond1: entered promiscuous mode
[   93.915000][   T40] audit: type=1400 audit(1769544614.257:370): avc:  denied  { create } for  pid=7500 comm="syz.1.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   93.916708][ T7494] 8021q: adding VLAN 0 to HW filter on device bond1
[   93.919525][   T40] audit: type=1400 audit(1769544614.257:371): avc:  denied  { ioctl } for  pid=7500 comm="syz.1.572" path="socket:[20658]" dev="sockfs" ino=20658 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   93.964719][   T40] audit: type=1400 audit(1769544614.277:372): avc:  denied  { write } for  pid=7493 comm="syz.2.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   93.970573][   T40] audit: type=1400 audit(1769544614.277:373): avc:  denied  { mount } for  pid=7493 comm="syz.2.570" name="/" dev="configfs" ino=2138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   93.978041][   T40] audit: type=1400 audit(1769544614.317:374): avc:  denied  { block_suspend } for  pid=7504 comm="syz.0.574" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   93.978658][ T7506] af_packet: tpacket_rcv: packet too big, clamped from 37 to 4294967272. macoff=96
[   93.995735][   T40] audit: type=1400 audit(1769544614.337:375): avc:  denied  { search } for  pid=7493 comm="syz.2.570" name="/" dev="configfs" ino=2138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   94.006698][   T40] audit: type=1400 audit(1769544614.337:376): avc:  denied  { setattr } for  pid=7493 comm="syz.2.570" name="/" dev="configfs" ino=2138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   94.007753][ T7499] bond1: (slave bridge1): making interface the new active one
[   94.017466][ T7499] bridge1: entered promiscuous mode
[   94.020552][ T7499] bond1: (slave bridge1): Enslaving as an active interface with an up link
[   94.114526][ T7512] netlink: 'syz.1.577': attribute type 1 has an invalid length.
[   94.164056][ T7516] syzkaller0: entered promiscuous mode
[   94.166536][ T7516] syzkaller0: entered allmulticast mode
[   94.222984][ T7518] FAULT_INJECTION: forcing a failure.
[   94.222984][ T7518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.228326][ T7518] CPU: 1 UID: 0 PID: 7518 Comm: syz.0.580 Not tainted syzkaller #0 PREEMPT(full) 
[   94.228349][ T7518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   94.228359][ T7518] Call Trace:
[   94.228366][ T7518]  <TASK>
[   94.228373][ T7518]  dump_stack_lvl+0x100/0x190
[   94.228406][ T7518]  should_fail_ex.cold+0x5/0xa
[   94.228437][ T7518]  _copy_to_user+0x32/0xd0
[   94.228460][ T7518]  simple_read_from_buffer+0xcb/0x170
[   94.228481][ T7518]  proc_fail_nth_read+0x1af/0x230
[   94.228505][ T7518]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   94.228531][ T7518]  ? rw_verify_area+0xce/0x6d0
[   94.228548][ T7518]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   94.228571][ T7518]  vfs_read+0x1e4/0xb30
[   94.228592][ T7518]  ? __pfx_vfs_read+0x10/0x10
[   94.228610][ T7518]  ? find_held_lock+0x2b/0x80
[   94.228633][ T7518]  ? __fget_files+0x215/0x3d0
[   94.228658][ T7518]  ? __fget_files+0x21f/0x3d0
[   94.228687][ T7518]  ksys_read+0x12a/0x250
[   94.228707][ T7518]  ? __pfx_ksys_read+0x10/0x10
[   94.228733][ T7518]  do_syscall_64+0xc9/0xf80
[   94.228755][ T7518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.228774][ T7518] RIP: 0033:0x7f49ebb5b78e
[   94.228792][ T7518] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   94.228809][ T7518] RSP: 002b:00007f49e9df5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   94.228826][ T7518] RAX: ffffffffffffffda RBX: 00007f49e9df66c0 RCX: 00007f49ebb5b78e
[   94.228839][ T7518] RDX: 000000000000000f RSI: 00007f49e9df60a0 RDI: 0000000000000003
[   94.228849][ T7518] RBP: 00007f49e9df6090 R08: 0000000000000000 R09: 0000000000000000
[   94.228859][ T7518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.228869][ T7518] R13: 00007f49ebe16038 R14: 00007f49ebe15fa0 R15: 00007ffcf6b88278
[   94.228893][ T7518]  </TASK>
[   94.254844][ T7520] FAULT_INJECTION: forcing a failure.
[   94.254844][ T7520] name failslab, interval 1, probability 0, space 0, times 0
[   94.295072][ T7520] CPU: 1 UID: 0 PID: 7520 Comm: syz.0.581 Not tainted syzkaller #0 PREEMPT(full) 
[   94.295089][ T7520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   94.295097][ T7520] Call Trace:
[   94.295132][ T7520]  <TASK>
[   94.295140][ T7520]  dump_stack_lvl+0x100/0x190
[   94.295164][ T7520]  should_fail_ex.cold+0x5/0xa
[   94.295189][ T7520]  should_failslab+0xc2/0x120
[   94.295204][ T7520]  __kmalloc_cache_noprof+0x80/0x810
[   94.295215][ T7520]  ? iopt_alloc_pages.part.0+0x50/0x5e0
[   94.295231][ T7520]  ? iommufd_get_object+0x261/0x470
[   94.295245][ T7520]  ? iopt_alloc_pages.part.0+0x50/0x5e0
[   94.295259][ T7520]  iopt_alloc_pages.part.0+0x50/0x5e0
[   94.295276][ T7520]  iopt_alloc_user_pages+0x9b/0x130
[   94.295292][ T7520]  iopt_map_user_pages+0x4b/0x130
[   94.295304][ T7520]  iommufd_ioas_map+0x341/0x6c0
[   94.295318][ T7520]  ? __pfx_iommufd_ioas_map+0x10/0x10
[   94.295334][ T7520]  iommufd_fops_ioctl+0x358/0x520
[   94.295348][ T7520]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[   94.295368][ T7520]  ? selinux_file_ioctl+0x139/0x290
[   94.295379][ T7520]  ? selinux_file_ioctl+0xb4/0x290
[   94.295390][ T7520]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[   94.295411][ T7520]  __x64_sys_ioctl+0x18e/0x210
[   94.295423][ T7520]  do_syscall_64+0xc9/0xf80
[   94.295436][ T7520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.295448][ T7520] RIP: 0033:0x7f49ebb9aeb9
[   94.295457][ T7520] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   94.295468][ T7520] RSP: 002b:00007f49e9df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   94.295479][ T7520] RAX: ffffffffffffffda RBX: 00007f49ebe15fa0 RCX: 00007f49ebb9aeb9
[   94.295486][ T7520] RDX: 0000200000000a00 RSI: 0000000000003b85 RDI: 0000000000000003
[   94.295492][ T7520] RBP: 00007f49e9df6090 R08: 0000000000000000 R09: 0000000000000000
[   94.295498][ T7520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.295505][ T7520] R13: 00007f49ebe16038 R14: 00007f49ebe15fa0 R15: 00007ffcf6b88278
[   94.295518][ T7520]  </TASK>
[   94.395323][ T7533] fuse: Unknown parameter '0x0000000000000003'
[   94.591476][ T7528] kvm: pic: non byte write
[   94.757943][ T7590] syzkaller0: entered promiscuous mode
[   94.760591][ T7590] syzkaller0: entered allmulticast mode
[   94.857022][ T7608] hugetlbfs: Bad value for 'uid'
[   94.859232][ T7608] hugetlbfs: Bad value for 'uid'
[   94.865463][ T7608] __nla_validate_parse: 7 callbacks suppressed
[   94.865474][ T7608] netlink: 224 bytes leftover after parsing attributes in process `syz.0.600'.
[   94.912091][ T7612] netlink: 'syz.2.602': attribute type 1 has an invalid length.
[   94.926647][ T7612] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[   94.962618][ T7615] netlink: 'syz.2.603': attribute type 4 has an invalid length.
[   95.163013][ T7641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.608'.
[   95.193524][ T7644] netlink: 8 bytes leftover after parsing attributes in process `syz.2.609'.
[   95.282598][ T7649] fuse: Unknown parameter '0x0000000000000003'
[   95.426913][ T7664] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   95.517901][ T7673] FAULT_INJECTION: forcing a failure.
[   95.517901][ T7673] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   95.524634][ T7673] CPU: 0 UID: 0 PID: 7673 Comm: syz.0.620 Not tainted syzkaller #0 PREEMPT(full) 
[   95.524650][ T7673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   95.524657][ T7673] Call Trace:
[   95.524662][ T7673]  <TASK>
[   95.524666][ T7673]  dump_stack_lvl+0x100/0x190
[   95.524702][ T7673]  should_fail_ex.cold+0x5/0xa
[   95.524718][ T7673]  ? prepare_alloc_pages+0x16d/0x5f0
[   95.524735][ T7673]  should_fail_alloc_page+0xeb/0x140
[   95.524751][ T7673]  prepare_alloc_pages+0x1f0/0x5f0
[   95.524766][ T7673]  ? rcu_is_watching+0x12/0xc0
[   95.524782][ T7673]  __alloc_frozen_pages_noprof+0x193/0x2410
[   95.524795][ T7673]  ? kasan_save_stack+0x3f/0x50
[   95.524807][ T7673]  ? kasan_save_stack+0x30/0x50
[   95.524818][ T7673]  ? kasan_save_track+0x14/0x30
[   95.524830][ T7673]  ? __kasan_kmalloc+0xaa/0xb0
[   95.524841][ T7673]  ? __kvmalloc_node_noprof+0x34d/0xac0
[   95.524853][ T7673]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[   95.524865][ T7673]  ? mmu_topup_memory_caches+0xbc/0x170
[   95.524878][ T7673]  ? kvm_mmu_load+0xd6/0x23e0
[   95.524890][ T7673]  ? vcpu_run+0x39ee/0x5ca0
[   95.524904][ T7673]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   95.524919][ T7673]  ? kvm_vcpu_ioctl+0x730/0x16d0
[   95.524929][ T7673]  ? __x64_sys_ioctl+0x18e/0x210
[   95.524938][ T7673]  ? do_syscall_64+0xc9/0xf80
[   95.524956][ T7673]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.524970][ T7673]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   95.524990][ T7673]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   95.525007][ T7673]  ? policy_nodemask+0xed/0x4f0
[   95.525023][ T7673]  alloc_pages_mpol+0x1fb/0x550
[   95.525038][ T7673]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   95.525052][ T7673]  ? trace_kmalloc+0x83/0xb0
[   95.525065][ T7673]  ? __kvmalloc_node_noprof+0x36a/0xac0
[   95.525077][ T7673]  ? trace_kmem_cache_alloc+0x80/0xb0
[   95.525091][ T7673]  ? kmem_cache_alloc_noprof+0x2ff/0x780
[   95.525105][ T7673]  alloc_pages_noprof+0x131/0x390
[   95.525121][ T7673]  get_free_pages_noprof+0x10/0xb0
[   95.525135][ T7673]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[   95.525151][ T7673]  mmu_topup_memory_caches+0xbc/0x170
[   95.525166][ T7673]  kvm_mmu_load+0xd6/0x23e0
[   95.525180][ T7673]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   95.525190][ T7673]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   95.525200][ T7673]  ? kvm_msr_allowed+0x47/0x450
[   95.525215][ T7673]  ? __pfx_kvm_mmu_load+0x10/0x10
[   95.525229][ T7673]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   95.525241][ T7673]  ? kvm_check_and_inject_events+0x961/0x10c0
[   95.525259][ T7673]  vcpu_run+0x39ee/0x5ca0
[   95.525276][ T7673]  ? __lock_acquire+0x4a5/0x2630
[   95.525289][ T7673]  ? __pfx_vcpu_run+0x10/0x10
[   95.525308][ T7673]  ? rcu_is_watching+0x12/0xc0
[   95.525324][ T7673]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   95.525339][ T7673]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   95.525363][ T7673]  kvm_vcpu_ioctl+0x730/0x16d0
[   95.525376][ T7673]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   95.525388][ T7673]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   95.525404][ T7673]  ? do_vfs_ioctl+0x226/0x13e0
[   95.525415][ T7673]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   95.525424][ T7673]  ? ioctl_has_perm.constprop.0.isra.0+0x380/0x540
[   95.525443][ T7673]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   95.525463][ T7673]  ? selinux_file_ioctl+0x139/0x290
[   95.525474][ T7673]  ? selinux_file_ioctl+0xb4/0x290
[   95.525486][ T7673]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   95.525498][ T7673]  __x64_sys_ioctl+0x18e/0x210
[   95.525509][ T7673]  do_syscall_64+0xc9/0xf80
[   95.525522][ T7673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.525533][ T7673] RIP: 0033:0x7f49ebb9aeb9
[   95.525542][ T7673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   95.525553][ T7673] RSP: 002b:00007f49e9df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   95.525564][ T7673] RAX: ffffffffffffffda RBX: 00007f49ebe15fa0 RCX: 00007f49ebb9aeb9
[   95.525571][ T7673] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   95.525577][ T7673] RBP: 00007f49e9df6090 R08: 0000000000000000 R09: 0000000000000000
[   95.525583][ T7673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   95.525590][ T7673] R13: 00007f49ebe16038 R14: 00007f49ebe15fa0 R15: 00007ffcf6b88278
[   95.525603][ T7673]  </TASK>
[   95.798673][ T7687] netlink: 'syz.0.625': attribute type 10 has an invalid length.
[   95.858046][ T7692] FAULT_INJECTION: forcing a failure.
[   95.858046][ T7692] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.862440][ T7692] CPU: 3 UID: 0 PID: 7692 Comm: syz.0.627 Not tainted syzkaller #0 PREEMPT(full) 
[   95.862455][ T7692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   95.862462][ T7692] Call Trace:
[   95.862466][ T7692]  <TASK>
[   95.862470][ T7692]  dump_stack_lvl+0x100/0x190
[   95.862505][ T7692]  should_fail_ex.cold+0x5/0xa
[   95.862525][ T7692]  _copy_from_user+0x2e/0xd0
[   95.862546][ T7692]  copy_msghdr_from_user+0x9f/0x4f0
[   95.862565][ T7692]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   95.862582][ T7692]  ___sys_sendmsg+0x106/0x1e0
[   95.862593][ T7692]  ? __pfx____sys_sendmsg+0x10/0x10
[   95.862610][ T7692]  ? find_held_lock+0x2b/0x80
[   95.862632][ T7692]  __sys_sendmsg+0x170/0x220
[   95.862646][ T7692]  ? __pfx___sys_sendmsg+0x10/0x10
[   95.862668][ T7692]  do_syscall_64+0xc9/0xf80
[   95.862682][ T7692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.862693][ T7692] RIP: 0033:0x7f49ebb9aeb9
[   95.862703][ T7692] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   95.862726][ T7692] RSP: 002b:00007f49e9df6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.862737][ T7692] RAX: ffffffffffffffda RBX: 00007f49ebe15fa0 RCX: 00007f49ebb9aeb9
[   95.862744][ T7692] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[   95.862750][ T7692] RBP: 00007f49e9df6090 R08: 0000000000000000 R09: 0000000000000000
[   95.862757][ T7692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.862763][ T7692] R13: 00007f49ebe16038 R14: 00007f49ebe15fa0 R15: 00007ffcf6b88278
[   95.862777][ T7692]  </TASK>
[   95.864359][ T7693] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   95.931003][ T7698] macvlan0: entered promiscuous mode
[   95.936317][ T7698] macvlan0: entered allmulticast mode
[   95.938384][ T7698] veth1_vlan: entered allmulticast mode
[   96.658504][ T7707] FAULT_INJECTION: forcing a failure.
[   96.658504][ T7707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.664588][ T7707] CPU: 1 UID: 0 PID: 7707 Comm: syz.3.633 Not tainted syzkaller #0 PREEMPT(full) 
[   96.664614][ T7707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   96.664625][ T7707] Call Trace:
[   96.664631][ T7707]  <TASK>
[   96.664638][ T7707]  dump_stack_lvl+0x100/0x190
[   96.664670][ T7707]  should_fail_ex.cold+0x5/0xa
[   96.664699][ T7707]  _copy_from_user+0x2e/0xd0
[   96.664723][ T7707]  memdup_user+0x6b/0xe0
[   96.664745][ T7707]  kvm_arch_vcpu_ioctl+0x309/0x53e0
[   96.664773][ T7707]  ? stack_trace_save+0x8e/0xc0
[   96.664801][ T7707]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[   96.664827][ T7707]  ? __lock_acquire+0x4a5/0x2630
[   96.664847][ T7707]  ? kasan_save_stack+0x3f/0x50
[   96.664867][ T7707]  ? kasan_save_stack+0x30/0x50
[   96.664885][ T7707]  ? kasan_save_track+0x14/0x30
[   96.664903][ T7707]  ? kasan_save_free_info+0x3b/0x70
[   96.664922][ T7707]  ? __lock_acquire+0x4a5/0x2630
[   96.664950][ T7707]  ? lock_acquire+0x17c/0x330
[   96.664967][ T7707]  ? __pfx___might_resched+0x10/0x10
[   96.664988][ T7707]  ? rcu_is_watching+0x12/0xc0
[   96.665011][ T7707]  ? trace_contention_end+0xd6/0x110
[   96.665030][ T7707]  ? __mutex_lock+0x26a/0x1b90
[   96.665052][ T7707]  ? kvm_vcpu_ioctl+0x322/0x16d0
[   96.665072][ T7707]  ? kasan_quarantine_put+0x104/0x240
[   96.665101][ T7707]  ? __pfx___mutex_lock+0x10/0x10
[   96.665124][ T7707]  ? tomoyo_path_number_perm+0x28f/0x580
[   96.665157][ T7707]  ? tomoyo_path_number_perm+0x188/0x580
[   96.665187][ T7707]  ? kvm_vcpu_ioctl+0x8a0/0x16d0
[   96.665204][ T7707]  kvm_vcpu_ioctl+0x8a0/0x16d0
[   96.665224][ T7707]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   96.665244][ T7707]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   96.665272][ T7707]  ? do_vfs_ioctl+0x226/0x13e0
[   96.665290][ T7707]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   96.665304][ T7707]  ? ioctl_has_perm.constprop.0.isra.0+0x380/0x540
[   96.665325][ T7707]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   96.665360][ T7707]  ? selinux_file_ioctl+0x139/0x290
[   96.665377][ T7707]  ? selinux_file_ioctl+0xb4/0x290
[   96.665396][ T7707]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   96.665415][ T7707]  __x64_sys_ioctl+0x18e/0x210
[   96.665433][ T7707]  do_syscall_64+0xc9/0xf80
[   96.665454][ T7707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.665471][ T7707] RIP: 0033:0x7fbe9f19aeb9
[   96.665486][ T7707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   96.665503][ T7707] RSP: 002b:00007fbea00fa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   96.665522][ T7707] RAX: ffffffffffffffda RBX: 00007fbe9f415fa0 RCX: 00007fbe9f19aeb9
[   96.665532][ T7707] RDX: 0000200000000740 RSI: 000000004400ae8f RDI: 0000000000000005
[   96.665543][ T7707] RBP: 00007fbea00fa090 R08: 0000000000000000 R09: 0000000000000000
[   96.665553][ T7707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.665564][ T7707] R13: 00007fbe9f416038 R14: 00007fbe9f415fa0 R15: 00007ffd308a86a8
[   96.665588][ T7707]  </TASK>
[   96.917088][ T7719] netlink: 'syz.2.638': attribute type 1 has an invalid length.
[   96.932583][ T7722] openvswitch: netlink: IPv4 tun info is not correct
[   96.945550][ T7719] 8021q: adding VLAN 0 to HW filter on device bond3
[   96.971811][ T7719] bond3: (slave geneve2): making interface the new active one
[   96.975948][ T7719] bond3: (slave geneve2): Enslaving as an active interface with an up link
[   96.980735][ T7565] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.985198][ T7565] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.991017][ T7565] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.994539][ T7565] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.004867][ T7726] xt_TCPMSS: Only works on TCP SYN packets
[   97.011727][ T7727] xt_TCPMSS: Only works on TCP SYN packets
[   97.032817][ T7714] FAULT_INJECTION: forcing a failure.
[   97.032817][ T7714] name failslab, interval 1, probability 0, space 0, times 0
[   97.046323][ T7723] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   97.048796][ T7714] CPU: 1 UID: 0 PID: 7714 Comm: syz.1.635 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   97.048827][ T7714] Tainted: [L]=SOFTLOCKUP
[   97.048833][ T7714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   97.048845][ T7714] Call Trace:
[   97.048852][ T7714]  <TASK>
[   97.048859][ T7714]  dump_stack_lvl+0x100/0x190
[   97.048888][ T7714]  should_fail_ex.cold+0x5/0xa
[   97.048920][ T7714]  should_failslab+0xc2/0x120
[   97.048944][ T7714]  __kvmalloc_node_noprof+0x101/0xac0
[   97.048969][ T7714]  ? alloc_fdtable+0x110/0x2d0
[   97.048995][ T7714]  ? alloc_fdtable+0x110/0x2d0
[   97.049015][ T7714]  alloc_fdtable+0x110/0x2d0
[   97.049037][ T7714]  dup_fd+0x995/0xd10
[   97.049076][ T7714]  copy_process+0x26cc/0x7890
[   97.049103][ T7714]  ? __lock_acquire+0x4a5/0x2630
[   97.049131][ T7714]  ? __pfx_copy_process+0x10/0x10
[   97.049158][ T7714]  ? find_held_lock+0x2b/0x80
[   97.049193][ T7714]  kernel_clone+0xfc/0x930
[   97.049218][ T7714]  ? find_held_lock+0x2b/0x80
[   97.049244][ T7714]  ? __pfx_kernel_clone+0x10/0x10
[   97.049284][ T7714]  __do_sys_clone+0xd9/0x120
[   97.049311][ T7714]  ? __pfx___do_sys_clone+0x10/0x10
[   97.049348][ T7714]  ? ksys_write+0x1ac/0x250
[   97.049369][ T7714]  ? __pfx_ksys_write+0x10/0x10
[   97.049397][ T7714]  do_syscall_64+0xc9/0xf80
[   97.049419][ T7714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.049438][ T7714] RIP: 0033:0x7f60de99aeb9
[   97.049454][ T7714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   97.049472][ T7714] RSP: 002b:00007f60df888fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   97.049490][ T7714] RAX: ffffffffffffffda RBX: 00007f60dec15fa0 RCX: 00007f60de99aeb9
[   97.049502][ T7714] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   97.049514][ T7714] RBP: 00007f60df889090 R08: 0000000000000000 R09: 0000000000000000
[   97.049525][ T7714] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   97.049536][ T7714] R13: 00007f60dec16038 R14: 00007f60dec15fa0 R15: 00007ffde376d348
[   97.049563][ T7714]  </TASK>
[   97.147540][ T7734] FAULT_INJECTION: forcing a failure.
[   97.147540][ T7734] name failslab, interval 1, probability 0, space 0, times 0
[   97.164349][ T7734] CPU: 2 UID: 0 PID: 7734 Comm: syz.0.637 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   97.164380][ T7734] Tainted: [L]=SOFTLOCKUP
[   97.164394][ T7734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   97.164406][ T7734] Call Trace:
[   97.164413][ T7734]  <TASK>
[   97.164420][ T7734]  dump_stack_lvl+0x100/0x190
[   97.164449][ T7734]  should_fail_ex.cold+0x5/0xa
[   97.164479][ T7734]  should_failslab+0xc2/0x120
[   97.164498][ T7734]  kmem_cache_alloc_noprof+0x83/0x780
[   97.164522][ T7734]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[   97.164542][ T7734]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   97.164570][ T7734]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   97.164590][ T7734]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   97.164617][ T7734]  mmu_topup_memory_caches+0x25/0x170
[   97.164638][ T7734]  kvm_mmu_load+0xd6/0x23e0
[   97.164661][ T7734]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   97.164680][ T7734]  ? kvm_lapic_sync_to_vapic+0x208/0x6d0
[   97.164702][ T7734]  ? __pfx_kvm_mmu_load+0x10/0x10
[   97.164726][ T7734]  ? vmx_update_cr8_intercept+0xf2/0x380
[   97.164757][ T7734]  vcpu_run+0x39ee/0x5ca0
[   97.164786][ T7734]  ? __lock_acquire+0x4a5/0x2630
[   97.164809][ T7734]  ? __pfx_vcpu_run+0x10/0x10
[   97.164843][ T7734]  ? rcu_is_watching+0x12/0xc0
[   97.164864][ T7734]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   97.164888][ T7734]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[   97.164921][ T7734]  kvm_vcpu_ioctl+0x730/0x16d0
[   97.164942][ T7734]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   97.164962][ T7734]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   97.164989][ T7734]  ? do_vfs_ioctl+0x226/0x13e0
[   97.165006][ T7734]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   97.165020][ T7734]  ? ioctl_has_perm.constprop.0.isra.0+0x380/0x540
[   97.165041][ T7734]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   97.165075][ T7734]  ? selinux_file_ioctl+0x139/0x290
[   97.165092][ T7734]  ? selinux_file_ioctl+0xb4/0x290
[   97.165110][ T7734]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   97.165125][ T7734]  __x64_sys_ioctl+0x18e/0x210
[   97.165140][ T7734]  do_syscall_64+0xc9/0xf80
[   97.165163][ T7734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.165179][ T7734] RIP: 0033:0x7f49ebb9aeb9
[   97.165194][ T7734] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   97.165211][ T7734] RSP: 002b:00007f49e9db4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.165229][ T7734] RAX: ffffffffffffffda RBX: 00007f49ebe16180 RCX: 00007f49ebb9aeb9
[   97.165240][ T7734] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[   97.165250][ T7734] RBP: 00007f49e9db4090 R08: 0000000000000000 R09: 0000000000000000
[   97.165260][ T7734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.165271][ T7734] R13: 00007f49ebe16218 R14: 00007f49ebe16180 R15: 00007ffcf6b88278
[   97.165295][ T7734]  </TASK>
[   97.178415][ T7739] fuse: Unknown parameter '0x0000000000000003'
[   97.213568][ T7741] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.645'.
[   97.426877][ T7754] netlink: 44 bytes leftover after parsing attributes in process `syz.2.649'.
[   97.458762][ T7756] netlink: 40 bytes leftover after parsing attributes in process `syz.3.650'.
[   97.697779][ T7768] netlink: 8 bytes leftover after parsing attributes in process `syz.3.653'.
[   98.166302][ T7785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.660'.
[   98.170016][ T7785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.660'.
[   98.296992][ T7787] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   98.302417][ T7787] veth0_to_team: entered promiscuous mode
[   98.397856][ T7795] bridge_slave_0: left allmulticast mode
[   98.401244][ T7795] bridge_slave_0: left promiscuous mode
[   98.403779][ T7795] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.414793][ T7795] bridge_slave_1: left allmulticast mode
[   98.417261][ T7795] bridge_slave_1: left promiscuous mode
[   98.419675][ T7795] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.429535][ T7795] bond0: (slave bond_slave_0): Releasing backup interface
[   98.439166][ T7795] bond0: (slave bond_slave_1): Releasing backup interface
[   98.449172][ T7795] team0: Port device team_slave_0 removed
[   98.455980][ T7795] team0: Port device team_slave_1 removed
[   98.458845][ T7795] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.462030][ T7795] batman_adv: batadv0: Removing interface: batadv_slave_0
[   98.465515][ T7795] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.468527][ T7795] batman_adv: batadv0: Removing interface: batadv_slave_1
[   98.473613][ T7795] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   98.486198][ T7797] team0: Mode changed to "activebackup"
[   98.494676][ T7795] vlan0: entered promiscuous mode
[   98.691852][ T5948] Bluetooth: hci0: Malformed Event: 0x2f
[   98.774812][ T7818] FAULT_INJECTION: forcing a failure.
[   98.774812][ T7818] name failslab, interval 1, probability 0, space 0, times 0
[   98.779861][ T7818] CPU: 3 UID: 0 PID: 7818 Comm: syz.0.672 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   98.779879][ T7818] Tainted: [L]=SOFTLOCKUP
[   98.779883][ T7818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   98.779889][ T7818] Call Trace:
[   98.779894][ T7818]  <TASK>
[   98.779899][ T7818]  dump_stack_lvl+0x100/0x190
[   98.779917][ T7818]  should_fail_ex.cold+0x5/0xa
[   98.779936][ T7818]  should_failslab+0xc2/0x120
[   98.779951][ T7818]  kmem_cache_alloc_node_noprof+0x8c/0x880
[   98.779965][ T7818]  ? __alloc_skb+0x156/0x410
[   98.779978][ T7818]  ? __alloc_skb+0x35d/0x410
[   98.779993][ T7818]  ? __alloc_skb+0x156/0x410
[   98.780005][ T7818]  __alloc_skb+0x156/0x410
[   98.780017][ T7818]  ? __alloc_skb+0x35d/0x410
[   98.780029][ T7818]  ? __pfx___alloc_skb+0x10/0x10
[   98.780041][ T7818]  ? __kernel_text_address+0xd/0x30
[   98.780054][ T7818]  ? selinux_socket_getpeersec_dgram+0x1a4/0x380
[   98.780090][ T7818]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[   98.780111][ T7818]  netlink_alloc_large_skb+0x69/0x150
[   98.780128][ T7818]  netlink_sendmsg+0x680/0xda0
[   98.780146][ T7818]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.780162][ T7818]  ? __might_fault+0x70/0x140
[   98.780177][ T7818]  ____sys_sendmsg+0xa54/0xc30
[   98.780189][ T7818]  ? __pfx_____sys_sendmsg+0x10/0x10
[   98.780209][ T7818]  ___sys_sendmsg+0x190/0x1e0
[   98.780221][ T7818]  ? __pfx____sys_sendmsg+0x10/0x10
[   98.780238][ T7818]  ? find_held_lock+0x2b/0x80
[   98.780273][ T7818]  __sys_sendmsg+0x170/0x220
[   98.780290][ T7818]  ? __pfx___sys_sendmsg+0x10/0x10
[   98.780312][ T7818]  do_syscall_64+0xc9/0xf80
[   98.780328][ T7818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.780341][ T7818] RIP: 0033:0x7f49ebb9aeb9
[   98.780350][ T7818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   98.780361][ T7818] RSP: 002b:00007f49e9df6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   98.780372][ T7818] RAX: ffffffffffffffda RBX: 00007f49ebe15fa0 RCX: 00007f49ebb9aeb9
[   98.780379][ T7818] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[   98.780385][ T7818] RBP: 00007f49e9df6090 R08: 0000000000000000 R09: 0000000000000000
[   98.780392][ T7818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.780398][ T7818] R13: 00007f49ebe16038 R14: 00007f49ebe15fa0 R15: 00007ffcf6b88278
[   98.780411][ T7818]  </TASK>
[   98.826822][ T7820] netlink: 28 bytes leftover after parsing attributes in process `syz.3.673'.
[   98.880410][   T60] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[   99.042076][   T60] usb 7-1: config 0 has an invalid interface number: 205 but max is 0
[   99.045134][   T60] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   99.050716][   T60] usb 7-1: config 0 has no interface number 0
[   99.053467][   T60] usb 7-1: config 0 interface 205 has no altsetting 0
[   99.058501][   T60] usb 7-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[   99.064260][   T60] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.065177][ T7828] FAULT_INJECTION: forcing a failure.
[   99.065177][ T7828] name failslab, interval 1, probability 0, space 0, times 0
[   99.067758][   T60] usb 7-1: Product: syz
[   99.071882][ T7828] CPU: 2 UID: 0 PID: 7828 Comm: syz.3.676 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   99.071905][ T7828] Tainted: [L]=SOFTLOCKUP
[   99.071910][ T7828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   99.071919][ T7828] Call Trace:
[   99.071923][ T7828]  <TASK>
[   99.071929][ T7828]  dump_stack_lvl+0x100/0x190
[   99.071951][ T7828]  should_fail_ex.cold+0x5/0xa
[   99.071975][ T7828]  should_failslab+0xc2/0x120
[   99.071993][ T7828]  ? tomoyo_realpath_from_path+0xb6/0x690
[   99.072009][ T7828]  __kmalloc_noprof+0xf6/0x9c0
[   99.072027][ T7828]  ? tomoyo_realpath_from_path+0xb6/0x690
[   99.072042][ T7828]  tomoyo_realpath_from_path+0xb6/0x690
[   99.072061][ T7828]  tomoyo_path_number_perm+0x23c/0x580
[   99.072088][ T7828]  ? tomoyo_path_number_perm+0x22e/0x580
[   99.072110][ T7828]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   99.072149][ T7828]  ? find_held_lock+0x2b/0x80
[   99.072166][ T7828]  ? hook_file_ioctl_common+0x146/0x410
[   99.072183][ T7828]  ? __fget_files+0x215/0x3d0
[   99.072203][ T7828]  ? __fget_files+0x21f/0x3d0
[   99.072222][ T7828]  security_file_ioctl+0xd3/0x230
[   99.072237][ T7828]  __x64_sys_ioctl+0xb7/0x210
[   99.072252][ T7828]  do_syscall_64+0xc9/0xf80
[   99.072269][ T7828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.072284][ T7828] RIP: 0033:0x7fbe9f19aeb9
[   99.072295][ T7828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   99.072309][ T7828] RSP: 002b:00007fbea00fa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   99.072324][ T7828] RAX: ffffffffffffffda RBX: 00007fbe9f415fa0 RCX: 00007fbe9f19aeb9
[   99.072333][ T7828] RDX: 0000000000000000 RSI: 000000008400ae8e RDI: 0000000000000005
[   99.072342][ T7828] RBP: 00007fbea00fa090 R08: 0000000000000000 R09: 0000000000000000
[   99.072351][ T7828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.072359][ T7828] R13: 00007fbe9f416038 R14: 00007fbe9f415fa0 R15: 00007ffd308a86a8
[   99.072377][ T7828]  </TASK>
[   99.072383][ T7828] ERROR: Out of memory at tomoyo_realpath_from_path.
[   99.074251][   T60] usb 7-1: Manufacturer: syz
[   99.163694][   T60] usb 7-1: SerialNumber: syz
[   99.167998][   T60] usb 7-1: config 0 descriptor??
[   99.173464][   T60] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[   99.178359][   T60] dvb-usb: bulk message failed: -22 (3/0)
[   99.203132][   T60] dvb-usb: will use the device's hardware PID filter (table count: 16).
[   99.206289][   T60] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[   99.209987][   T60] usb 7-1: media controller created
[   99.212777][   T60] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   99.219285][   T60] dvb-usb: bulk message failed: -22 (6/0)
[   99.221273][   T60] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[   99.228129][   T60] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input5
[   99.236245][   T40] kauditd_printk_skb: 11 callbacks suppressed
[   99.236257][   T40] audit: type=1400 audit(1769544619.577:388): avc:  denied  { read } for  pid=5324 comm="acpid" name="event4" dev="devtmpfs" ino=2882 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   99.238090][   T60] dvb-usb: schedule remote query interval to 150 msecs.
[   99.238188][   T40] audit: type=1400 audit(1769544619.577:389): avc:  denied  { open } for  pid=5324 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2882 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   99.245144][   T60] dvb-usb: bulk message failed: -22 (3/0)
[   99.254749][   T40] audit: type=1400 audit(1769544619.577:390): avc:  denied  { ioctl } for  pid=5324 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2882 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   99.269337][   T40] audit: type=1400 audit(1769544619.617:391): avc:  denied  { connect } for  pid=7829 comm="syz.3.677" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   99.280417][   T60] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[   99.391684][   T60] dvb-usb: bulk message failed: -22 (1/0)
[   99.395043][   T60] dvb-usb: error while querying for an remote control event.
[   99.398105][   T40] audit: type=1400 audit(1769544619.737:392): avc:  denied  { create } for  pid=7811 comm="syz.2.669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   99.406435][   T40] audit: type=1400 audit(1769544619.737:393): avc:  denied  { read } for  pid=7811 comm="syz.2.669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   99.479645][ T7838] tmpfs: Bad value for 'mpol'
[   99.487564][   T40] audit: type=1400 audit(1769544619.827:394): avc:  denied  { setcurrent } for  pid=7837 comm="syz.1.679" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   99.495616][   T40] audit: type=1401 audit(1769544619.827:395): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[   99.507549][   T40] audit: type=1400 audit(1769544619.857:396): avc:  denied  { unmount } for  pid=5930 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[   99.511356][ T7838] 9pnet_fd: p9_fd_create_unix (7838): problem connecting socket: ./file0: -111
[   99.537932][   T40] audit: type=1400 audit(1769544619.877:397): avc:  denied  { mount } for  pid=7840 comm="syz.3.680" name="/" dev="ramfs" ino=21069 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   99.551396][   T60] dvb-usb: bulk message failed: -22 (1/0)
[   99.553386][   T60] dvb-usb: error while querying for an remote control event.
[   99.564162][ T5940] usb 7-1: USB disconnect, device number 4
[   99.601811][ T5940] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[   99.786422][ T7847] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   99.847800][ T7867] FAULT_INJECTION: forcing a failure.
[   99.847800][ T7867] name failslab, interval 1, probability 0, space 0, times 0
[   99.853205][ T7867] CPU: 1 UID: 0 PID: 7867 Comm: syz.0.688 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   99.853234][ T7867] Tainted: [L]=SOFTLOCKUP
[   99.853241][ T7867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   99.853252][ T7867] Call Trace:
[   99.853258][ T7867]  <TASK>
[   99.853265][ T7867]  dump_stack_lvl+0x100/0x190
[   99.853293][ T7867]  should_fail_ex.cold+0x5/0xa
[   99.853331][ T7867]  should_failslab+0xc2/0x120
[   99.853355][ T7867]  kmem_cache_alloc_noprof+0x83/0x780
[   99.853378][ T7867]  ? prepare_creds+0x2c/0x950
[   99.853404][ T7867]  ? prepare_creds+0x2c/0x950
[   99.853424][ T7867]  prepare_creds+0x2c/0x950
[   99.853447][ T7867]  copy_creds+0xa7/0xa50
[   99.853473][ T7867]  copy_process+0x1029/0x7890
[   99.853498][ T7867]  ? __lock_acquire+0x4a5/0x2630
[   99.853526][ T7867]  ? __pfx_copy_process+0x10/0x10
[   99.853551][ T7867]  ? find_held_lock+0x2b/0x80
[   99.853585][ T7867]  kernel_clone+0xfc/0x930
[   99.853608][ T7867]  ? find_held_lock+0x2b/0x80
[   99.853632][ T7867]  ? __pfx_kernel_clone+0x10/0x10
[   99.853668][ T7867]  __do_sys_clone+0xd9/0x120
[   99.853693][ T7867]  ? __pfx___do_sys_clone+0x10/0x10
[   99.853727][ T7867]  ? ksys_write+0x1ac/0x250
[   99.853744][ T7867]  ? __pfx_ksys_write+0x10/0x10
[   99.853765][ T7867]  do_syscall_64+0xc9/0xf80
[   99.853786][ T7867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.853801][ T7867] RIP: 0033:0x7f49ebb9aeb9
[   99.853812][ T7867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   99.853827][ T7867] RSP: 002b:00007f49e9dd4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   99.853844][ T7867] RAX: ffffffffffffffda RBX: 00007f49ebe16090 RCX: 00007f49ebb9aeb9
[   99.853855][ T7867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[   99.853865][ T7867] RBP: 00007f49e9dd5090 R08: 0000000000000000 R09: 0000000000000000
[   99.853874][ T7867] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   99.853883][ T7867] R13: 00007f49ebe16128 R14: 00007f49ebe16090 R15: 00007ffcf6b88278
[   99.853904][ T7867]  </TASK>
[   99.913278][ T7870] libceph: resolve '4' (ret=-3): failed
[   99.952046][ T7870] netlink: 'syz.2.691': attribute type 2 has an invalid length.
[   99.955116][ T7870] __nla_validate_parse: 3 callbacks suppressed
[   99.955131][ T7870] netlink: 46 bytes leftover after parsing attributes in process `syz.2.691'.
[  100.105733][ T7878] overlayfs: failed to get index nlink (file1/file0, err=-61)
[  100.200478][ T7880] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.696'.
[  100.261803][ T7884] netlink: 224 bytes leftover after parsing attributes in process `syz.0.698'.
[  100.417783][ T7890] netlink: 'syz.0.701': attribute type 1 has an invalid length.
[  100.432549][ T7890] macvlan2: entered promiscuous mode
[  100.434414][ T7890] macvlan2: entered allmulticast mode
[  100.436752][ T7890] bond3: entered promiscuous mode
[  100.438811][ T7890] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  100.445599][ T7890] bond3: left promiscuous mode
[  100.653608][ T7907] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  100.660413][ T7907] FAULT_INJECTION: forcing a failure.
[  100.660413][ T7907] name failslab, interval 1, probability 0, space 0, times 0
[  100.664606][ T7907] CPU: 1 UID: 0 PID: 7907 Comm: syz.3.702 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  100.664625][ T7907] Tainted: [L]=SOFTLOCKUP
[  100.664629][ T7907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  100.664636][ T7907] Call Trace:
[  100.664640][ T7907]  <TASK>
[  100.664646][ T7907]  dump_stack_lvl+0x100/0x190
[  100.664667][ T7907]  should_fail_ex.cold+0x5/0xa
[  100.664687][ T7907]  should_failslab+0xc2/0x120
[  100.664702][ T7907]  kmem_cache_alloc_noprof+0x83/0x780
[  100.664716][ T7907]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  100.664728][ T7907]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  100.664743][ T7907]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  100.664756][ T7907]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  100.664772][ T7907]  mmu_topup_memory_caches+0x25/0x170
[  100.664788][ T7907]  kvm_mmu_load+0xd6/0x23e0
[  100.664801][ T7907]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  100.664813][ T7907]  ? kvm_lapic_sync_to_vapic+0x208/0x6d0
[  100.664825][ T7907]  ? __pfx_kvm_mmu_load+0x10/0x10
[  100.664840][ T7907]  ? vmx_update_cr8_intercept+0xf2/0x380
[  100.664858][ T7907]  vcpu_run+0x39ee/0x5ca0
[  100.664875][ T7907]  ? __lock_acquire+0x4a5/0x2630
[  100.664888][ T7907]  ? __pfx_vcpu_run+0x10/0x10
[  100.664908][ T7907]  ? rcu_is_watching+0x12/0xc0
[  100.664924][ T7907]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  100.664939][ T7907]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  100.664958][ T7907]  kvm_vcpu_ioctl+0x730/0x16d0
[  100.664971][ T7907]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  100.664983][ T7907]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  100.665001][ T7907]  ? do_vfs_ioctl+0x226/0x13e0
[  100.665012][ T7907]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  100.665020][ T7907]  ? ioctl_has_perm.constprop.0.isra.0+0x380/0x540
[  100.665034][ T7907]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  100.665055][ T7907]  ? selinux_file_ioctl+0x139/0x290
[  100.665065][ T7907]  ? selinux_file_ioctl+0xb4/0x290
[  100.665077][ T7907]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  100.665089][ T7907]  __x64_sys_ioctl+0x18e/0x210
[  100.665101][ T7907]  do_syscall_64+0xc9/0xf80
[  100.665119][ T7907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.665130][ T7907] RIP: 0033:0x7fbe9f19aeb9
[  100.665140][ T7907] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  100.665150][ T7907] RSP: 002b:00007fbea00d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  100.665161][ T7907] RAX: ffffffffffffffda RBX: 00007fbe9f416090 RCX: 00007fbe9f19aeb9
[  100.665168][ T7907] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  100.665174][ T7907] RBP: 00007fbea00d8090 R08: 0000000000000000 R09: 0000000000000000
[  100.665180][ T7907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  100.665186][ T7907] R13: 00007fbe9f416128 R14: 00007fbe9f416090 R15: 00007ffd308a86a8
[  100.665200][ T7907]  </TASK>
[  100.817181][ T7911] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  100.822148][ T7911] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  100.827450][ T7911] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  100.833858][ T7911] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  100.840503][ T7911] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  100.846944][ T7911] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  100.853212][ T7911] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  100.859416][ T7911] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  100.912442][ T7917] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  100.943672][ T7916] cdrom: dropping to single frame dma
[  101.178204][ T7937] netlink: 224 bytes leftover after parsing attributes in process `syz.2.715'.
[  101.209008][ T7939] netlink: 12 bytes leftover after parsing attributes in process `syz.2.716'.
[  101.384028][ T7946] FAULT_INJECTION: forcing a failure.
[  101.384028][ T7946] name failslab, interval 1, probability 0, space 0, times 0
[  101.388098][ T7946] CPU: 3 UID: 0 PID: 7946 Comm: syz.2.718 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  101.388115][ T7946] Tainted: [L]=SOFTLOCKUP
[  101.388119][ T7946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  101.388126][ T7946] Call Trace:
[  101.388130][ T7946]  <TASK>
[  101.388134][ T7946]  dump_stack_lvl+0x100/0x190
[  101.388152][ T7946]  should_fail_ex.cold+0x5/0xa
[  101.388172][ T7946]  should_failslab+0xc2/0x120
[  101.388186][ T7946]  ? tomoyo_encode2+0xfb/0x3c0
[  101.388197][ T7946]  __kmalloc_noprof+0xf6/0x9c0
[  101.388212][ T7946]  ? tomoyo_encode2+0xfb/0x3c0
[  101.388222][ T7946]  tomoyo_encode2+0xfb/0x3c0
[  101.388244][ T7946]  tomoyo_encode+0x29/0x50
[  101.388255][ T7946]  tomoyo_realpath_from_path+0x18c/0x690
[  101.388271][ T7946]  tomoyo_path_number_perm+0x23c/0x580
[  101.388287][ T7946]  ? tomoyo_path_number_perm+0x22e/0x580
[  101.388305][ T7946]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  101.388334][ T7946]  ? find_held_lock+0x2b/0x80
[  101.388348][ T7946]  ? hook_file_ioctl_common+0x146/0x410
[  101.388362][ T7946]  ? __fget_files+0x215/0x3d0
[  101.388381][ T7946]  ? __fget_files+0x21f/0x3d0
[  101.388396][ T7946]  security_file_ioctl+0xd3/0x230
[  101.388408][ T7946]  __x64_sys_ioctl+0xb7/0x210
[  101.388419][ T7946]  do_syscall_64+0xc9/0xf80
[  101.388432][ T7946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.388443][ T7946] RIP: 0033:0x7f4e43b9aeb9
[  101.388453][ T7946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  101.388463][ T7946] RSP: 002b:00007f4e44afa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  101.388474][ T7946] RAX: ffffffffffffffda RBX: 00007f4e43e15fa0 RCX: 00007f4e43b9aeb9
[  101.388481][ T7946] RDX: 0000000000000000 RSI: 000000008400ae8e RDI: 0000000000000005
[  101.388487][ T7946] RBP: 00007f4e44afa090 R08: 0000000000000000 R09: 0000000000000000
[  101.388494][ T7946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.388500][ T7946] R13: 00007f4e43e16038 R14: 00007f4e43e15fa0 R15: 00007ffd90cdd9f8
[  101.388513][ T7946]  </TASK>
[  101.388525][ T7946] ERROR: Out of memory at tomoyo_realpath_from_path.
[  101.570779][ T7948] nbd3: detected capacity change from 0 to 63
[  101.574242][ T7950] block nbd3: NBD_DISCONNECT
[  101.577953][ T7950] block nbd3: Disconnected due to user request.
[  101.580873][ T7950] block nbd3: shutting down sockets
[  101.583576][ T5942] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.587894][ T5942] Buffer I/O error on dev nbd3, logical block 2, async page read
[  101.611718][    C2] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.615609][    C2] Buffer I/O error on dev nbd3, logical block 0, async page read
[  101.619720][    C2] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.623717][    C2] Buffer I/O error on dev nbd3, logical block 1, async page read
[  101.629057][ T1181] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.633865][ T1181] Buffer I/O error on dev nbd3, logical block 3, async page read
[  101.637584][ T5942] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.643406][ T5942] Buffer I/O error on dev nbd3, logical block 0, async page read
[  101.646375][ T5942] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.649360][ T5942] Buffer I/O error on dev nbd3, logical block 1, async page read
[  101.651970][ T5942] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.655148][ T5942] Buffer I/O error on dev nbd3, logical block 2, async page read
[  101.660461][ T5942] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.663651][ T5942] Buffer I/O error on dev nbd3, logical block 3, async page read
[  101.666223][ T5942] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.669274][ T5942] Buffer I/O error on dev nbd3, logical block 0, async page read
[  101.680365][ T5942] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  101.683647][ T5942] Buffer I/O error on dev nbd3, logical block 1, async page read
[  101.686995][ T5942] ldm_validate_partition_table(): Disk read failed.
[  101.689458][ T7960] netlink: 24 bytes leftover after parsing attributes in process `syz.0.724'.
[  101.689544][ T5942] Dev nbd3: unable to read RDB block 0
[  101.695250][ T7960] netlink: 24 bytes leftover after parsing attributes in process `syz.0.724'.
[  101.699810][ T5942]  nbd3: unable to read partition table
[  101.707272][ T5942] ldm_validate_partition_table(): Disk read failed.
[  101.709743][ T5942] Dev nbd3: unable to read RDB block 0
[  101.712009][ T5942]  nbd3: unable to read partition table
[  101.815428][ T7970] FAULT_INJECTION: forcing a failure.
[  101.815428][ T7970] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.822174][ T7970] CPU: 3 UID: 0 PID: 7970 Comm: syz.2.728 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  101.822218][ T7970] Tainted: [L]=SOFTLOCKUP
[  101.822224][ T7970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  101.822235][ T7970] Call Trace:
[  101.822242][ T7970]  <TASK>
[  101.822250][ T7970]  dump_stack_lvl+0x100/0x190
[  101.822278][ T7970]  should_fail_ex.cold+0x5/0xa
[  101.822310][ T7970]  _copy_from_user+0x2e/0xd0
[  101.822336][ T7970]  kstrtouint_from_user+0xd6/0x1d0
[  101.822360][ T7970]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  101.822377][ T7970]  ? __lock_acquire+0x4a5/0x2630
[  101.822399][ T7970]  ? lock_acquire+0x17c/0x330
[  101.822421][ T7970]  proc_fail_nth_write+0x83/0x220
[  101.822446][ T7970]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  101.822478][ T7970]  vfs_write+0x2aa/0x1070
[  101.822500][ T7970]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  101.822533][ T7970]  ? __pfx_vfs_write+0x10/0x10
[  101.822550][ T7970]  ? find_held_lock+0x2b/0x80
[  101.822575][ T7970]  ? __fget_files+0x215/0x3d0
[  101.822601][ T7970]  ? __fget_files+0x21f/0x3d0
[  101.822630][ T7970]  ksys_write+0x12a/0x250
[  101.822649][ T7970]  ? __pfx_ksys_write+0x10/0x10
[  101.822670][ T7970]  ? fput+0x79/0x100
[  101.822697][ T7970]  do_syscall_64+0xc9/0xf80
[  101.822720][ T7970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.822738][ T7970] RIP: 0033:0x7f4e43b5b78e
[  101.822753][ T7970] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  101.822770][ T7970] RSP: 002b:00007f4e44af9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  101.822787][ T7970] RAX: ffffffffffffffda RBX: 00007f4e44afa6c0 RCX: 00007f4e43b5b78e
[  101.822799][ T7970] RDX: 0000000000000001 RSI: 00007f4e44afa0a0 RDI: 0000000000000005
[  101.822810][ T7970] RBP: 00007f4e44afa090 R08: 0000000000000000 R09: 0000000000000000
[  101.822820][ T7970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.822830][ T7970] R13: 00007f4e43e16038 R14: 00007f4e43e15fa0 R15: 00007ffd90cdd9f8
[  101.822856][ T7970]  </TASK>
[  101.946897][ T7976] program syz.2.730 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  101.952099][ T7978] process 'syz.2.730' launched './file1' with NULL argv: empty string added
[  102.013190][ T5948] Bluetooth: Unknown BR/EDR signaling command 0x0c
[  102.013240][ T5948] Bluetooth: Wrong link type (-22)
[  102.038115][ T5948] Bluetooth: hci0: unexpected event 0x03 length: 12 > 11
[  102.156364][ T7994] sd 0:0:0:0: PR command failed: 1026
[  102.164956][ T7994] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[  102.167173][ T7994] sd 0:0:0:0: Add. Sense: Invalid command operation code
[  102.200023][ T7998] FAULT_INJECTION: forcing a failure.
[  102.200023][ T7998] name failslab, interval 1, probability 0, space 0, times 0
[  102.205137][ T7998] CPU: 2 UID: 0 PID: 7998 Comm: syz.3.737 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  102.205165][ T7998] Tainted: [L]=SOFTLOCKUP
[  102.205171][ T7998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  102.205181][ T7998] Call Trace:
[  102.205188][ T7998]  <TASK>
[  102.205195][ T7998]  dump_stack_lvl+0x100/0x190
[  102.205222][ T7998]  should_fail_ex.cold+0x5/0xa
[  102.205252][ T7998]  should_failslab+0xc2/0x120
[  102.205275][ T7998]  kmem_cache_alloc_noprof+0x83/0x780
[  102.205297][ T7998]  ? getname_flags.part.0+0x4c/0x540
[  102.205325][ T7998]  ? getname_flags.part.0+0x4c/0x540
[  102.205350][ T7998]  getname_flags.part.0+0x4c/0x540
[  102.205378][ T7998]  user_path_at+0x9b/0x100
[  102.205398][ T7998]  do_fchownat+0xed/0x1f0
[  102.205423][ T7998]  ? __pfx_do_fchownat+0x10/0x10
[  102.205447][ T7998]  ? __pfx_ksys_write+0x10/0x10
[  102.205469][ T7998]  __x64_sys_fchownat+0xbd/0x160
[  102.205491][ T7998]  ? do_syscall_64+0x94/0xf80
[  102.205509][ T7998]  ? lockdep_hardirqs_on+0x78/0x100
[  102.205526][ T7998]  do_syscall_64+0xc9/0xf80
[  102.205545][ T7998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.205563][ T7998] RIP: 0033:0x7fbe9f19aeb9
[  102.205577][ T7998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  102.205593][ T7998] RSP: 002b:00007fbea00fa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000104
[  102.205610][ T7998] RAX: ffffffffffffffda RBX: 00007fbe9f415fa0 RCX: 00007fbe9f19aeb9
[  102.205621][ T7998] RDX: 000000000000ee01 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  102.205631][ T7998] RBP: 00007fbea00fa090 R08: 0000000000001000 R09: 0000000000000000
[  102.205641][ T7998] R10: 000000000000ee01 R11: 0000000000000246 R12: 0000000000000001
[  102.205651][ T7998] R13: 00007fbe9f416038 R14: 00007fbe9f415fa0 R15: 00007ffd308a86a8
[  102.205674][ T7998]  </TASK>
[  102.214686][ T8000] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.738'.
[  102.526285][ T8016] fuse: Bad value for 'user_id'
[  102.528324][ T8016] fuse: Bad value for 'user_id'
[  102.535185][ T8016] erspan1: entered promiscuous mode
[  102.750626][ T8026] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  102.811478][ T1145] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.142210][ T8058] Cannot find add_set index 0 as target
[  103.205248][ T8066] 9p: Could not find request transport: virtiÙrj$3M®W!©x0000000®0000
[  103.207330][ T8068] 9p: Could not find request transport: virtiÙrj$3M®W!©x0000000®0000
[  103.266983][ T8068] netlink: 'syz.1.763': attribute type 10 has an invalid length.
[  103.267678][ T8076] netlink: 'syz.1.763': attribute type 10 has an invalid length.
[  103.276153][ T8068] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  103.301863][ T8063] netlink: 112 bytes leftover after parsing attributes in process `syz.0.762'.
[  103.338869][ T8067] syzkaller0: entered promiscuous mode
[  103.341381][ T8067] syzkaller0: entered allmulticast mode
[  103.537144][ T8092] FAULT_INJECTION: forcing a failure.
[  103.537144][ T8092] name failslab, interval 1, probability 0, space 0, times 0
[  103.543616][ T8092] CPU: 2 UID: 0 PID: 8092 Comm: syz.3.771 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  103.543647][ T8092] Tainted: [L]=SOFTLOCKUP
[  103.543653][ T8092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.543664][ T8092] Call Trace:
[  103.543670][ T8092]  <TASK>
[  103.543676][ T8092]  dump_stack_lvl+0x100/0x190
[  103.543706][ T8092]  should_fail_ex.cold+0x5/0xa
[  103.543737][ T8092]  should_failslab+0xc2/0x120
[  103.543762][ T8092]  __kmalloc_cache_noprof+0x80/0x810
[  103.543781][ T8092]  ? kvm_arch_vcpu_ioctl+0x24b1/0x53e0
[  103.543812][ T8092]  ? kvm_arch_vcpu_ioctl+0x24b1/0x53e0
[  103.543836][ T8092]  kvm_arch_vcpu_ioctl+0x24b1/0x53e0
[  103.543863][ T8092]  ? stack_trace_save+0x8e/0xc0
[  103.543889][ T8092]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  103.543913][ T8092]  ? __lock_acquire+0x4a5/0x2630
[  103.543932][ T8092]  ? kasan_save_stack+0x3f/0x50
[  103.543949][ T8092]  ? kasan_save_stack+0x30/0x50
[  103.543966][ T8092]  ? kasan_save_track+0x14/0x30
[  103.543983][ T8092]  ? kasan_save_free_info+0x3b/0x70
[  103.544043][ T8092]  ? __lock_acquire+0x4a5/0x2630
[  103.544069][ T8092]  ? lock_acquire+0x17c/0x330
[  103.544089][ T8092]  ? __pfx___might_resched+0x10/0x10
[  103.544111][ T8092]  ? rcu_is_watching+0x12/0xc0
[  103.544133][ T8092]  ? trace_contention_end+0xd6/0x110
[  103.544153][ T8092]  ? __mutex_lock+0x26a/0x1b90
[  103.544175][ T8092]  ? kvm_vcpu_ioctl+0x322/0x16d0
[  103.544197][ T8092]  ? kasan_quarantine_put+0x104/0x240
[  103.544218][ T8092]  ? __pfx___mutex_lock+0x10/0x10
[  103.544241][ T8092]  ? tomoyo_path_number_perm+0x28f/0x580
[  103.544276][ T8092]  ? tomoyo_path_number_perm+0x188/0x580
[  103.544307][ T8092]  ? kvm_vcpu_ioctl+0x8a0/0x16d0
[  103.544323][ T8092]  kvm_vcpu_ioctl+0x8a0/0x16d0
[  103.544345][ T8092]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.544365][ T8092]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  103.544392][ T8092]  ? do_vfs_ioctl+0x226/0x13e0
[  103.544409][ T8092]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  103.544424][ T8092]  ? ioctl_has_perm.constprop.0.isra.0+0x380/0x540
[  103.544446][ T8092]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  103.544481][ T8092]  ? selinux_file_ioctl+0x139/0x290
[  103.544498][ T8092]  ? selinux_file_ioctl+0xb4/0x290
[  103.544519][ T8092]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.544539][ T8092]  __x64_sys_ioctl+0x18e/0x210
[  103.544558][ T8092]  do_syscall_64+0xc9/0xf80
[  103.544577][ T8092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.544596][ T8092] RIP: 0033:0x7fbe9f19aeb9
[  103.544613][ T8092] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.544630][ T8092] RSP: 002b:00007fbea00fa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.544647][ T8092] RAX: ffffffffffffffda RBX: 00007fbe9f415fa0 RCX: 00007fbe9f19aeb9
[  103.544659][ T8092] RDX: 0000000000000000 RSI: 000000008400ae8e RDI: 0000000000000005
[  103.544669][ T8092] RBP: 00007fbea00fa090 R08: 0000000000000000 R09: 0000000000000000
[  103.544679][ T8092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.544690][ T8092] R13: 00007fbe9f416038 R14: 00007fbe9f415fa0 R15: 00007ffd308a86a8
[  103.544715][ T8092]  </TASK>
[  103.653432][   T29] ------------[ cut here ]------------
[  103.661344][ T8097] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  103.662068][ T8097] FAULT_INJECTION: forcing a failure.
[  103.662068][ T8097] name failslab, interval 1, probability 0, space 0, times 0
[  103.664639][   T29] [CRTC:37:crtc-0] vblank wait timed out
[  103.667058][ T8097] CPU: 0 UID: 0 PID: 8097 Comm: syz.1.770 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  103.667077][ T8097] Tainted: [L]=SOFTLOCKUP
[  103.667081][ T8097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.667087][ T8097] Call Trace:
[  103.667092][ T8097]  <TASK>
[  103.667098][ T8097]  dump_stack_lvl+0x100/0x190
[  103.667116][ T8097]  should_fail_ex.cold+0x5/0xa
[  103.667136][ T8097]  should_failslab+0xc2/0x120
[  103.667152][ T8097]  kmem_cache_alloc_noprof+0x83/0x780
[  103.667166][ T8097]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  103.667179][ T8097]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  103.667194][ T8097]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  103.667207][ T8097]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  103.667224][ T8097]  mmu_topup_memory_caches+0x25/0x170
[  103.667239][ T8097]  kvm_mmu_load+0xd6/0x23e0
[  103.667254][ T8097]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  103.667265][ T8097]  ? kvm_lapic_sync_to_vapic+0x208/0x6d0
[  103.667277][ T8097]  ? __pfx_kvm_mmu_load+0x10/0x10
[  103.667292][ T8097]  ? vmx_update_cr8_intercept+0xf2/0x380
[  103.667314][ T8097]  vcpu_run+0x39ee/0x5ca0
[  103.667332][ T8097]  ? __lock_acquire+0x4a5/0x2630
[  103.667345][ T8097]  ? __pfx_vcpu_run+0x10/0x10
[  103.667365][ T8097]  ? rcu_is_watching+0x12/0xc0
[  103.667382][ T8097]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  103.667397][ T8097]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  103.667417][ T8097]  kvm_vcpu_ioctl+0x730/0x16d0
[  103.667430][ T8097]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.667442][ T8097]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  103.667459][ T8097]  ? do_vfs_ioctl+0x226/0x13e0
[  103.667470][ T8097]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  103.667479][ T8097]  ? ioctl_has_perm.constprop.0.isra.0+0x380/0x540
[  103.667494][ T8097]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  103.667514][ T8097]  ? selinux_file_ioctl+0x139/0x290
[  103.667525][ T8097]  ? selinux_file_ioctl+0xb4/0x290
[  103.667537][ T8097]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.667549][ T8097]  __x64_sys_ioctl+0x18e/0x210
[  103.667561][ T8097]  do_syscall_64+0xc9/0xf80
[  103.667574][ T8097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.667586][ T8097] RIP: 0033:0x7f60de99aeb9
[  103.667595][ T8097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.667605][ T8097] RSP: 002b:00007f60df868028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.667616][ T8097] RAX: ffffffffffffffda RBX: 00007f60dec16090 RCX: 00007f60de99aeb9
[  103.667623][ T8097] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  103.667629][ T8097] RBP: 00007f60df868090 R08: 0000000000000000 R09: 0000000000000000
[  103.667636][ T8097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.667642][ T8097] R13: 00007f60dec16128 R14: 00007f60dec16090 R15: 00007ffde376d348
[  103.667656][ T8097]  </TASK>
[  103.776112][   T29] WARNING: drivers/gpu/drm/drm_atomic_helper.c:1920 at drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0, CPU#1: kworker/1:0/29
[  103.780397][   T29] Modules linked in:
[  103.782616][   T29] CPU: 1 UID: 0 PID: 29 Comm: kworker/1:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  103.785938][   T29] Tainted: [L]=SOFTLOCKUP
[  103.787308][   T29] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.790663][   T29] Workqueue: events drm_fb_helper_damage_work
[  103.792552][   T29] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  103.794933][   T29] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d 28 37 2f 0b 8b b3 d8 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 73 07 74 fc e9 7c fe ff ff e8 f9
[  103.801168][   T29] RSP: 0018:ffffc90000687688 EFLAGS: 00010246
[  103.803078][   T29] RAX: 0000000000000000 RBX: ffff888027440040 RCX: 1ffff11004e88023
[  103.805558][   T29] RDX: ffff888025efade0 RSI: 0000000000000025 RDI: ffffffff90c22b00
[  103.808058][   T29] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  103.810623][   T29] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  103.813012][   T29] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888106e62b00
[  103.815464][   T29] FS:  0000000000000000(0000) GS:ffff8880d66db000(0000) knlGS:0000000000000000
[  103.818197][   T29] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  103.820346][   T29] CR2: 00007f49e9dd5d58 CR3: 000000002a146000 CR4: 0000000000352ef0
[  103.822884][   T29] Call Trace:
[  103.824005][   T29]  <TASK>
[  103.824982][   T29]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  103.827326][   T29]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  103.829150][   T29]  ? lockdep_hardirqs_on+0x78/0x100
[  103.831156][   T29]  ? __pfx_autoremove_wake_function+0x10/0x10
[  103.833015][   T29]  ? drm_atomic_helper_commit_hw_done+0x36d/0x490
[  103.834968][   T29]  drm_atomic_helper_commit_tail+0xff/0x130
[  103.836737][   T29]  commit_tail+0x338/0x430
[  103.838128][   T29]  drm_atomic_helper_commit+0x303/0x380
[  103.839855][   T29]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  103.841927][   T29]  drm_atomic_commit+0x230/0x300
[  103.843458][   T29]  ? __pfx_drm_atomic_commit+0x10/0x10
[  103.845142][   T29]  ? __pfx___drm_printfn_info+0x10/0x10
[  103.846834][   T29]  ? modeset_lock+0x114/0x6d0
[  103.848260][   T29]  drm_atomic_helper_dirtyfb+0x603/0x790
[  103.849977][   T29]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  103.852071][   T29]  ? do_raw_spin_lock+0x128/0x260
[  103.853612][   T29]  ? find_held_lock+0x2b/0x80
[  103.855130][   T29]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  103.857089][   T29]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  103.859060][   T29]  drm_fb_helper_damage_work+0x348/0x640
[  103.861030][   T29]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  103.862873][   T29]  ? process_one_work+0x80b/0x1840
[  103.864413][   T29]  ? rcu_is_watching+0x12/0xc0
[  103.865908][   T29]  process_one_work+0x9c2/0x1840
[  103.867473][   T29]  ? __pfx_process_one_work+0x10/0x10
[  103.869188][   T29]  ? assign_work+0x19c/0x250
[  103.870686][   T29]  worker_thread+0x5da/0xe40
[  103.872155][   T29]  ? kthread+0x17d/0x730
[  103.873492][   T29]  ? __pfx_worker_thread+0x10/0x10
[  103.875115][   T29]  kthread+0x3b3/0x730
[  103.876393][   T29]  ? __pfx_kthread+0x10/0x10
[  103.877843][   T29]  ? ret_from_fork+0x79/0xaf0
[  103.879381][   T29]  ? ret_from_fork+0x79/0xaf0
[  103.880916][   T29]  ? rcu_is_watching+0x12/0xc0
[  103.882366][   T29]  ? __pfx_kthread+0x10/0x10
[  103.883919][   T29]  ret_from_fork+0x754/0xaf0
[  103.885333][   T29]  ? __pfx_ret_from_fork+0x10/0x10
[  103.886853][   T29]  ? __switch_to+0x7b9/0x10c0
[  103.888337][   T29]  ? __pfx_kthread+0x10/0x10
[  103.889790][   T29]  ret_from_fork_asm+0x1a/0x30
[  103.891352][   T29]  </TASK>
[  103.892312][   T29] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  103.894603][   T29] CPU: 1 UID: 0 PID: 29 Comm: kworker/1:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  103.897895][   T29] Tainted: [L]=SOFTLOCKUP
[  103.899290][   T29] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  103.902325][   T29] Workqueue: events drm_fb_helper_damage_work
[  103.904206][   T29] Call Trace:
[  103.905235][   T29]  <TASK>
[  103.906150][   T29]  dump_stack_lvl+0x100/0x190
[  103.907651][   T29]  vpanic+0x20d/0x630
[  103.908880][   T29]  panic+0xd1/0xd1
[  103.910016][   T29]  ? __pfx_panic+0x10/0x10
[  103.911386][   T29]  ? check_panic_on_warn+0x1f/0x90
[  103.913118][   T29]  check_panic_on_warn.cold+0x19/0x34
[  103.914781][   T29]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0
[  103.917023][   T29]  __warn.cold+0x191/0x2f8
[  103.918396][   T29]  __report_bug+0x296/0x3d0
[  103.919819][   T29]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0
[  103.922028][   T29]  ? __pfx___report_bug+0x10/0x10
[  103.923675][   T29]  ? lockdep_hardirqs_on+0x78/0x100
[  103.925285][   T29]  report_bug_entry+0xe1/0x290
[  103.926743][   T29]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  103.928967][   T29]  handle_bug+0x1c9/0x2a0
[  103.930465][   T29]  exc_invalid_op+0x17/0x50
[  103.931929][   T29]  asm_exc_invalid_op+0x1a/0x20
[  103.933430][   T29] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0
[  103.935906][   T29] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d 28 37 2f 0b 8b b3 d8 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 73 07 74 fc e9 7c fe ff ff e8 f9
[  103.941659][   T29] RSP: 0018:ffffc90000687688 EFLAGS: 00010246
[  103.943485][   T29] RAX: 0000000000000000 RBX: ffff888027440040 RCX: 1ffff11004e88023
[  103.945889][   T29] RDX: ffff888025efade0 RSI: 0000000000000025 RDI: ffffffff90c22b00
[  103.948280][   T29] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  103.950672][   T29] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  103.953044][   T29] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888106e62b00
[  103.955455][   T29]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x6e6/0x8a0
[  103.957683][   T29]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  103.960010][   T29]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  103.961785][   T29]  ? lockdep_hardirqs_on+0x78/0x100
[  103.963425][   T29]  ? __pfx_autoremove_wake_function+0x10/0x10
[  103.965300][   T29]  ? drm_atomic_helper_commit_hw_done+0x36d/0x490
[  103.967279][   T29]  drm_atomic_helper_commit_tail+0xff/0x130
[  103.969133][   T29]  commit_tail+0x338/0x430
[  103.970476][   T29]  drm_atomic_helper_commit+0x303/0x380
[  103.972170][   T29]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  103.973985][   T29]  drm_atomic_commit+0x230/0x300
[  103.975493][   T29]  ? __pfx_drm_atomic_commit+0x10/0x10
[  103.977269][   T29]  ? __pfx___drm_printfn_info+0x10/0x10
[  103.979113][   T29]  ? modeset_lock+0x114/0x6d0
[  103.980655][   T29]  drm_atomic_helper_dirtyfb+0x603/0x790
[  103.982405][   T29]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  103.984343][   T29]  ? do_raw_spin_lock+0x128/0x260
[  103.985868][   T29]  ? find_held_lock+0x2b/0x80
[  103.987459][   T29]  ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[  103.989367][   T29]  drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310
[  103.991224][   T29]  drm_fb_helper_damage_work+0x348/0x640
[  103.992939][   T29]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  103.994840][   T29]  ? process_one_work+0x80b/0x1840
[  103.996401][   T29]  ? rcu_is_watching+0x12/0xc0
[  103.997856][   T29]  process_one_work+0x9c2/0x1840
[  103.999518][   T29]  ? __pfx_process_one_work+0x10/0x10
[  104.001240][   T29]  ? assign_work+0x19c/0x250
[  104.002677][   T29]  worker_thread+0x5da/0xe40
[  104.004166][   T29]  ? kthread+0x17d/0x730
[  104.005648][   T29]  ? __pfx_worker_thread+0x10/0x10
[  104.007338][   T29]  kthread+0x3b3/0x730
[  104.008693][   T29]  ? __pfx_kthread+0x10/0x10
[  104.010139][   T29]  ? ret_from_fork+0x79/0xaf0
[  104.011884][   T29]  ? ret_from_fork+0x79/0xaf0
[  104.013368][   T29]  ? rcu_is_watching+0x12/0xc0
[  104.014990][   T29]  ? __pfx_kthread+0x10/0x10
[  104.016752][   T29]  ret_from_fork+0x754/0xaf0
[  104.018265][   T29]  ? __pfx_ret_from_fork+0x10/0x10
[  104.019987][   T29]  ? __switch_to+0x7b9/0x10c0
[  104.021428][   T29]  ? __pfx_kthread+0x10/0x10
[  104.022883][   T29]  ret_from_fork_asm+0x1a/0x30
[  104.024371][   T29]  </TASK>
[  104.026087][   T29] Kernel Offset: disabled
[  104.027410][   T29] Rebooting in 86400 seconds..