last executing test programs:

3m20.440772613s ago: executing program 2 (id=3):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40055}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5, 0x3, 0x1}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x11}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xe0}}, 0x0)
socket(0xa, 0x3, 0x3a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read(r5, &(0x7f0000000040)=""/148, 0xffffff96)

3m18.834857597s ago: executing program 2 (id=7):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="540100001900010000000000000000001d010000080005000480000015000400010000800202000031171e44b2b50e8f04"], 0x154}}, 0x4000050)
socket(0x2, 0x7, 0x8d)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @raw_data="4eda36d4b9f94e72de0311a5eaea8595983cfe20bf642dc159eb0291f0eb1ca78797bae50d1535f46b41b1637d655e896c844ae6ac249d3c0b5a150118eb8013a105e2966aed014bf7c69c922e67aefea1e64de86e019b3c12e22ca5d505f6ce6ea564da60da28b9bd87d284c8cf2d75f0b9b0e85b25513e8d0189a29c60b38e590a412bb827eb74b2db90d74c33e8b609d48687aadbdf8c79b8d8df95921b9ee6e9991286640ea19c320c721b6203b0e2ec6fc75c6f6e84703286be513de9d30d00a9ca1aa846d3"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000002c0)={0x0, 0x10000, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80]})
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='cifs\x00', 0x0, &(0x7f00000002c0)='cache=none')
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0x2, 0x1000, 0x21, 0x3ba}, &(0x7f0000000100)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_type(r5, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_type(r6, &(0x7f0000000280), 0x9)
r7 = openat$cgroup_procs(r5, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000c40), 0x12)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_ro(r8, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r9, &(0x7f0000000200)=0x1, 0x12)
openat$nvme_fabrics(0xffffff9c, &(0x7f0000000180), 0x8200, 0x0)
r10 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
connect$nfc_raw(r10, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000000)=ANY=[@ANYBLOB="9f0d020018000000000000002800000028000000060000001000000001000005c6f2ffff0200000002000000faffffff03000000000000110100000007000000002e2e610000"], &(0x7f0000000080)=""/56, 0x46, 0x38, 0x0, 0x5ede50a9, 0x10000, @value=r9}, 0x28)

3m3.698778701s ago: executing program 32 (id=7):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="540100001900010000000000000000001d010000080005000480000015000400010000800202000031171e44b2b50e8f04"], 0x154}}, 0x4000050)
socket(0x2, 0x7, 0x8d)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @raw_data="4eda36d4b9f94e72de0311a5eaea8595983cfe20bf642dc159eb0291f0eb1ca78797bae50d1535f46b41b1637d655e896c844ae6ac249d3c0b5a150118eb8013a105e2966aed014bf7c69c922e67aefea1e64de86e019b3c12e22ca5d505f6ce6ea564da60da28b9bd87d284c8cf2d75f0b9b0e85b25513e8d0189a29c60b38e590a412bb827eb74b2db90d74c33e8b609d48687aadbdf8c79b8d8df95921b9ee6e9991286640ea19c320c721b6203b0e2ec6fc75c6f6e84703286be513de9d30d00a9ca1aa846d3"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000002c0)={0x0, 0x10000, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80]})
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='cifs\x00', 0x0, &(0x7f00000002c0)='cache=none')
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0x2, 0x1000, 0x21, 0x3ba}, &(0x7f0000000100)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_type(r5, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_type(r6, &(0x7f0000000280), 0x9)
r7 = openat$cgroup_procs(r5, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000c40), 0x12)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_ro(r8, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r9, &(0x7f0000000200)=0x1, 0x12)
openat$nvme_fabrics(0xffffff9c, &(0x7f0000000180), 0x8200, 0x0)
r10 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
connect$nfc_raw(r10, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f0000000000)=ANY=[@ANYBLOB="9f0d020018000000000000002800000028000000060000001000000001000005c6f2ffff0200000002000000faffffff03000000000000110100000007000000002e2e610000"], &(0x7f0000000080)=""/56, 0x46, 0x38, 0x0, 0x5ede50a9, 0x10000, @value=r9}, 0x28)

2m33.664599485s ago: executing program 3 (id=100):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
close_range(r0, 0xffffffffffffffff, 0x0)

2m33.33487603s ago: executing program 3 (id=104):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xcd)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000000)={0x6, 'rose0\x00', {0x8}, 0x40})
r1 = syz_usb_connect(0x4, 0x96d, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x35, 0x25, 0x14, 0xff, 0x2c7c, 0x6002, 0x27b5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x95b, 0x4, 0x14, 0x4, 0xe8, 0x2, [{{0x9, 0x4, 0xfb, 0x1, 0xf, 0xff, 0x0, 0x0, 0x6, [@uac_control={{0xa, 0x24, 0x1, 0x2, 0x5}, [@input_terminal={0xc, 0x24, 0x2, 0x3, 0x100, 0x18, 0x5, 0xffff, 0x8, 0x5}, @feature_unit={0xd, 0x24, 0x6, 0x2, 0x5, 0x3, [0x5, 0xa, 0x2], 0x8}]}], [{{0x9, 0x5, 0x9, 0x10, 0x420, 0x0, 0x84, 0x2, [@generic={0x40, 0x4, "3f9b41a370031b2baa3a9c1142ac139b900965bda9b0a9ac0625686739ee8b6a1370bb5154ee176fab38fd7a2c1b258db7ebfacc3d1ba75595bbba81fb46"}]}}, {{0x9, 0x5, 0x80, 0x8, 0x200, 0x6, 0x26, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x8, 0x9}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x4, 0x7}]}}, {{0x9, 0x5, 0xf, 0xc, 0x400, 0x5, 0x9, 0xf}}, {{0x9, 0x5, 0x6, 0x8, 0x200, 0x0, 0x4, 0x7b, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0xc, 0xdff8}, @generic={0x58, 0xa, "fc38606af6ff16ceb38a483f813e79fe1682f0bea163a507f91f2571682b8acb451ad569178e9ca44510a70fac0387334c60003610b7b6ef076363fb26e57d811bb780602c8a49ca14260a60228825ce5177e4a4b29a"}]}}, {{0x9, 0x5, 0xa, 0x3, 0x40, 0x8, 0x3, 0x80}}, {{0x9, 0x5, 0x0, 0x0, 0x40, 0x8, 0x5, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x5}]}}, {{0x9, 0x5, 0x7, 0xc, 0x40, 0x6, 0x6, 0x3, [@generic={0x59, 0x1, "ae4e6283d2cec20d9164140ad3d0f3d147f4c4e8bfce72eb611f40f2ccee8c7144acb10a9850365be26034425b510aff04f062593eac919ace61f43ee90f72f89ffc88b217e66a63f09e39d8547e1ded293d27686ccb7f"}, @generic={0x8f, 0x31, "fc336693df0c20087a0f53776af7aa2633fd63c55c77d597272105bf7f12b4bb28e8189d34460367d298c253376f923c83f97d1887c12cbd81e636b30decb98814b5b6ff88e6d739c3378331431378009ea7794fc71808f565624a15fba1435f25efe38c3d991d172a207a25edf9f41c7c1f27547f56ea99295a426760888ff3a66b722a686c0f95cda83bb2a3"}]}}, {{0x9, 0x5, 0xf, 0x10, 0x8, 0x3, 0x9, 0x7}}, {{0x9, 0x5, 0x7, 0x15, 0x200, 0x5, 0x9, 0xe, [@generic={0xa2, 0x0, "c700051001cca4a2fab2129a886e1efed987c4d7a8a77273b6ed75b78b695f2d2abe2e28e2a4d0ae26a0c3c04bf76fd7971e9c02285aba5a8a3c0b11a8f0c27b1b175111e12d9c7be9f46d2979d2139337ff8e23921d827e734b4bbf8b98da893b9ac730a2d000aefcfbe54c36fdaa5aebb9bdb01fad573f654d02c94c197c908f3b4cbe606f27b4f9ec959675fcd85416dbdeebf0a19443fca7a295dd6e5a20"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x0, 0x4b, 0xd, 0xfe, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x5, 0x81}, @generic={0x41, 0x3, "b6578edff8d6e9ea9ac8eb5c732706cda69886e50cd9b73e59c31f16a238f1c85c3405b129c03b00bcb54e29242ebfb22f6a6e57ab80979e3d2bdb5a6b9288"}]}}, {{0x9, 0x5, 0x7, 0x10, 0x40, 0x5, 0xd}}, {{0x9, 0x5, 0xf, 0x8, 0x200, 0xbf, 0x6, 0x1, [@generic={0x32, 0x21, "440c323387403a7988e66f118423130ab5c7b279c12f9c6e4fcfa9e7b897e7514ba68e514d9dbc40b6d24fb8c56cc1f6"}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0x2, 0xfff}]}}, {{0x9, 0x5, 0xa, 0x3, 0x10, 0x7b, 0x9, 0x40, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x3}, @generic={0x8e, 0x21, "f5103e191fd6f59d814834072115d8b2452a69c12f2eab70e02c7bff15c2c71b840ce51232600b640d71402e23d4ab761aeb1d368e94b5de12d10b075e673ff5dfdae4308dbe93377836cec61e7fbac9b867ff72eccc9c40fed20f151018192e42dd405c2b27a3c2d67d6f3589f9bcc2c2851c7a76f430b9ea5ce5721a31871e93f60b30e8aded3ed3e5c90f"}]}}, {{0x9, 0x5, 0x0, 0x3, 0x8, 0x8, 0x40, 0x9c}}, {{0x9, 0x5, 0xb, 0x0, 0x400, 0xae, 0x8, 0xc8, [@generic={0x7c, 0x6, "4334daa439342af3b9fab5f49a805e7b30fed453e2b8d4ce77b1a91e45bd0342d3fa7e8175be5caf828b34f0640be3ffa83281c10e12aba3a23bdf4cb9a3d6e317ecaadc134d4d57662d8f4ace531cc9b1d43c7140e6ed77adb10bd06af6dae7ac50d454573bae3acd5d47a0bbcbef5267eac82899e7573d28e0"}, @generic={0x24, 0x23, "1ece55ac2a587208112b1e888e048d095a0615c739d8552efe938e864f55627405e7"}]}}]}}, {{0x9, 0x4, 0xd0, 0x3, 0x4, 0x17, 0x79, 0x4c, 0x50, [], [{{0x9, 0x5, 0xd, 0x1, 0x10, 0x8, 0x9, 0xa7, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xfc, 0x9}, @generic={0x15, 0x1, "2df03cae2cc8ee22880b8d85b99be28d374b91"}]}}, {{0x9, 0x5, 0x8, 0x0, 0x20, 0x0, 0xc0, 0x2}}, {{0x9, 0x5, 0x2, 0x1, 0x10, 0x8, 0x6, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0x1}]}}, {{0x9, 0x5, 0x4, 0x0, 0x10, 0x7, 0x80, 0xf, [@generic={0x55, 0x2, "a75d8fd2d2b1ef77777a31931c6c791ce2cc33391e94c3a6829e68e23926ef6b84dd9e9d71d35a4d34ffe5b9845a1cd88e555d611410c5ef92b462d3b5340bb238aa94407e363f8c8ac1998a3a6960e2881b3f"}]}}]}}, {{0x9, 0x4, 0x79, 0x2, 0x6, 0xff, 0xff, 0xff, 0xf8, [@generic={0x77, 0x3, "65334d57417a2167f2fd16914b63569ab6312f251b087784bb0048a14ff35820a00b6e354a5ce52eb8f43b72f76ec85647d905c8082d8a01dde65d0b063d6cd2f100e3b36296ad5fbd4b2875773f25b3319e984b544c3c6f932a252cb4955dfbcb7ae75b645db6041079d7cb90fd02e6b5cea776a4"}], [{{0x9, 0x5, 0x5, 0x0, 0x40, 0x4, 0x4, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x9, 0x401}, @generic={0x2c, 0x21, "899a8b13bf4d733dc2eb0a2ee73f267717e5d3212ac54009503c0669317e07a0d73f0437270d70b9ec06"}]}}, {{0x9, 0x5, 0x8a, 0x10, 0x20, 0x3, 0x81, 0x3}}, {{0x9, 0x5, 0x8f, 0x8, 0x20, 0x0, 0x2, 0xf8, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x5, 0xc9a}]}}, {{0x9, 0x5, 0xc, 0x10, 0x0, 0x80, 0x8, 0x1c, [@generic={0x7, 0xb, "e0d1574f1d"}]}}, {{0x9, 0x5, 0x8, 0x0, 0x20, 0x4, 0x7a, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x6, 0x5}, @generic={0xd8, 0x7, "0a7af31bf98ecd1195b390374a4445b3203dfef3440f6c24499dc2dd75d887a8d655cd00bf17177bd8da8ccfb079a91085c8cd2cf1338353eb1a4e76a1be6bc3b7c9eae7e8cd8ccb352f40996c39713f38badc21babbc2840d848a7be60b01cec7759e492a7b103db9fa3f680a1ba468e4b9bfbb7d724b0e79bb89ef589cd10e8d78e1b27ed878058807b364df24feaf348ff3c35385559618f01e7d663e2019a43d76ff18bf12e7b44148c60ca4102381106358a5aef10d2fb59fb6cd082ae176747c277d0ffe7cab05189868952852222a22248267"}]}}, {{0x9, 0x5, 0x7, 0x0, 0x40, 0x6, 0x4, 0xf3, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x6, 0x9}]}}]}}, {{0x9, 0x4, 0xd6, 0x0, 0x5, 0x1e, 0x18, 0x3, 0x6, [@cdc_ecm={{0x6, 0x24, 0x6, 0x0, 0x0, 'c'}, {0x5, 0x24, 0x0, 0xff}, {0xd, 0x24, 0xf, 0x1, 0x4, 0x5, 0x2, 0x9}, [@country_functional={0x6, 0x24, 0x7, 0x3, 0x26}, @ncm={0x6, 0x24, 0x1a, 0x1, 0x4d}, @call_mgmt={0x5, 0x24, 0x1, 0x3, 0x5}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x3}, @dmm={0x7, 0x24, 0x14, 0x5, 0xf0a9}, @ncm={0x6, 0x24, 0x1a, 0x5, 0x4}]}, @hid_hid={0x9, 0x21, 0x8, 0x81, 0x1, {0x22, 0x98}}], [{{0x9, 0x5, 0x0, 0x10, 0x10, 0x2, 0x4, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0xa}]}}, {{0x9, 0x5, 0xc, 0x0, 0x400, 0x24, 0x9, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0xc8, 0x7fff}]}}, {{0x9, 0x5, 0xe, 0x8, 0x200, 0x9, 0x36, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x4, 0x4fc}, @generic={0xbe, 0xb, "02f1f2d93282edc76d1ced4981a11bbf782331d2f79c87fe2e03adc8412ba8ba8c6371ca9210ecf2bd4e4b8954b9aa56373e835f57c42c972f4266af1d786aa365215bd3ef42251a925af3a66ae4bb41fa921998c47f43f6f10e6017a258822776292abd6cdef8ee75a765b36091f1487adbee0d5a2bdbf2fd3f4a9b49cda3cba0fa56222de03575fff3883044c8f44e44e349389629bed482913d7142f09cce44faf307579d07642c0c0d67916f6f699eff7bd37584d68d35777238"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x3ff, 0x19, 0xc, 0x5, [@generic={0xcf, 0x3, "c964e5d190eaea0166d7db3d80c7d4425a41c096e88883b80ffaa81ee397b860278b1f03222326a07199584225b26345365e431cb871fdeace3efc7ddacd92c0afbcba67ad4b686abc591af9a89e8215d334aa4f49d38141fd3a8a3e665cec0df3e8568219d2b7e088aa28e60d5c1077f52462661ad1f604f00c0c5697be6d0ce41531fc82577f539db382db1e4ca0411b9189b0856fc4d4197215108ddc3f6e2a8435d3bbea7f4d2d648beed1a6e9d93030f7b78d198dbc71dcb2019f0e7ad84809c7e21b4bbef435fea30e2f"}]}}, {{0x9, 0x5, 0xd, 0x3, 0x200, 0x0, 0x80, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x2, 0x8}]}}]}}]}}]}}, &(0x7f0000000e00)={0xa, &(0x7f00000009c0)={0xa, 0x6, 0x300, 0xd, 0x0, 0x7f, 0xff, 0xa}, 0x1a7, &(0x7f0000000a00)={0x5, 0xf, 0x1a7, 0x5, [@generic={0xfc, 0x10, 0x2, "fa4c961ad7b0d188c0a2c8d5406e712f64927241045689feab0a06323cbc149c93886047acb33b382bd8ff3543fae2ecd083071a78a50ccc8479c89165a96c145f002f1fc17e466e0e3f90173252078346ffd0f8198ec4c84d4e103c9632561c6415229a9cc69708f10f2c79d91c564b891280bff7a12d1dac94b8a63e588c00b8f17c62614cb8261a3759d5ebc62aa7be20ff5334c512b024ed8bdd9218ce98fc489ee08e27736268a7ceec9708431db04771238366126b0fe4a8a9a165c9b44526b542d0f41248bc04503d7cb20219b777e5aca9e9bb3a65a7a434ef8a6a2014958a3ba2086e1d6e12c4171f7dd6caa62e806343f900fe66"}, @ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xc, 0x9, 0xa, 0x40}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0x0, 0xff, 0x1}, @generic={0x8f, 0x10, 0xa, "80f2e9b6a18aa7510b89412164d4c1ab6999dc1b993f17adc1a6ea67fc57cc1a8012f55318032fa93a1d2f7f89d83637cd022246ee7d164e20a46ffd7fbd665a0985b004ad83b56b01c58b548988820f71cf0015cf944567d89bf07d50db2d2de4d46da6db223d002cfa07174da254e7c7ec0ef3b362330e91a71dc800fbabcad42d945f18130b1e5e81f1ab"}]}, 0x5, [{0x4, &(0x7f0000000bc0)=@lang_id={0x4, 0x3, 0xeedf}}, {0x80, &(0x7f0000000c00)=@string={0x80, 0x3, "cc1192cdd735df9127958973745adae40c39d01b95397dec25c72e2ab3996c1e8160c4015dd7408c49e71d22a8f318417a2d2924c4b3ab07f2ee68e72ca3fcb0e45175343969017c9ec2614d201bc4281fd7268afaa31f5121ca6da8b9de87b800e9b4113fdf8e4658a6da8dd03378f1706e24a888d1c18421c4f05e2058"}}, {0x4, &(0x7f0000000c80)=@lang_id={0x4, 0x3, 0x480a}}, {0xd1, &(0x7f0000000cc0)=@string={0xd1, 0x3, "5c9661e93f5b85697f52c30d35dc77d9441c1d61977e79b55e7f1a551583639e52ea4f406e75812bbcd032fd7efc676ef768e989b22f324e4683ded4d57e0aedf80197dafd26fe62326f28714e3cc32c5e34b2b7768164b2a5fba47260886ac47313890d2b89cccfc27dc5a7c4c59dd97dabe59d4cf345f631f5b258d1a9700099dcb99cb3aa80dedfc1b6bb631372a9f62e85bc123b690c809b38c2632515f569e5df7124bcef8593ccd4e50680e2f2139c62485d35e9358c75e62915f028b9f508205f1250a599a08bdbdbde9ef0"}}, {0x4, &(0x7f0000000dc0)=@lang_id={0x4, 0x3, 0x4001}}]})
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = openat$rtc(0xffffff9c, &(0x7f0000000e40), 0x141501, 0x0)
ioctl$RTC_AIE_OFF(r2, 0x7002)
fallocate(r2, 0xa, 0x9, 0x7f)
accept4(r0, &(0x7f0000000e80)=@tipc=@name, &(0x7f0000000f00)=0x80, 0x0) (async)
r3 = accept4(r0, &(0x7f0000000e80)=@tipc=@name, &(0x7f0000000f00)=0x80, 0x0)
pipe(&(0x7f0000000f40)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
accept4(r4, &(0x7f0000000f80)=@nfc, &(0x7f0000001000)=0x80, 0x0) (async)
accept4(r4, &(0x7f0000000f80)=@nfc, &(0x7f0000001000)=0x80, 0x0)
fsopen(&(0x7f0000001040)='smb3\x00', 0x0)
syz_usb_control_io$uac1(r1, &(0x7f0000001280)={0xc, &(0x7f0000001080)={0x40, 0x22, 0xbe, {0xbe, 0x3e, "ea8579a3aba12311f29204f768433079e417b139d07c453230a98951f263062ef40f1cf45bc6c53a19306d9aed507409e681881827b901ffb7e85d1a89f798826c84fe495cbfe2cf47540b43ddf56590a94552514f9da6d8f34487718d1fc06cf42d08aeb8cdadedbaad4f605db471bb78aa2b1cb62c6e6310bb6fc5858f7c56d0bd8f63a001a98bce1aace106fc2148ad4458c32b760145f2881d677cbe097ff0314fb259ccaf9b55da82bceacb8646f43f07d597640bf716e3d488"}}, &(0x7f0000001180)={0x0, 0x3, 0xf9, @string={0xf9, 0x3, "14278884aaf322d72521bd01ac5e15ba5bc9982173d21bbd86d7b396df6a21c209b3d1ce5d75ce49458e28027931ec835a3296baf142677b0f9890c5074b390d0de0799ba33e43d3ad2345af5ed3980169fe2f012abb792776f6a249529271e75a98dcf6a1ae43b02c10f8485b4c8fe024416a3adea49910973b5a92eee74e070c7fea4a96e1724df3ab8a79bdaa50f9eee8b1ef5863542fcfbecfb6f07f72bc33122113cc634e9cb9e261ef38045db8e873fedfad8006bf631e4ff9396d0d6f232b09fb78e329c6242d19bbb31538690b279be33c396ceff42fa14bebdb936d6933dd57f84be64c726a0f7b182152dd261a843fceb2d8"}}}, &(0x7f0000001540)={0x24, &(0x7f00000012c0)={0x20, 0x13, 0xa8, "233fe7d6b4d3db91575c732f207b58167a3f90e29264efb596c0364ffd267b990a8e1aacdb1b799a6ddd822ffa35565ca4ffa34a1240f0c71bc9744374a0216e789e23bf65c21dd42ab69a3876ba64e2c3d745146fe463fb0b3aa7a89aa1bef0de08b30a8366fb7f9ae1233348b9d1a93c18324cb86a99cb1485e1822c309053c07a302f8b01ac44e2bc99a91728d1657f34b31eb95eee40b02895d573929353126a56e734c72612"}, &(0x7f0000001380)={0x0, 0xa, 0x1, 0xd2}, &(0x7f00000013c0)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000001400)={0x20, 0x81, 0x3, "f96cd5"}, &(0x7f0000001440)={0x20, 0x82, 0x2, "e799"}, &(0x7f0000001480)={0x20, 0x83, 0x2, "9f6d"}, &(0x7f00000014c0)={0x20, 0x84, 0x4, "3b52c3fd"}, &(0x7f0000001500)={0x20, 0x85, 0x3, "3eb611"}})
ioctl$VIDIOC_CROPCAP(r4, 0xc02c563a, &(0x7f0000001580)={0x1, {0x1, 0x9, 0x6}, {0x7ff, 0x200, 0xfffff16a, 0x1}, {0x0, 0x3}})
socket$nl_audit(0x10, 0x3, 0x9) (async)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TTY_SET(r6, &(0x7f0000001680)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x3953ad790d4ff8d}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x18, 0x3f9, 0x300, 0x70bd25, 0x25dfdbfc, {0x1, 0x1}, ["", "", ""]}, 0x18}}, 0x40000) (async)
sendmsg$AUDIT_TTY_SET(r6, &(0x7f0000001680)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x3953ad790d4ff8d}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x18, 0x3f9, 0x300, 0x70bd25, 0x25dfdbfc, {0x1, 0x1}, ["", "", ""]}, 0x18}}, 0x40000)
syz_emit_vhci(&(0x7f00000016c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x1000}, "f5037133c332c3fac639e237fddbe9bca32de619872e1e0b6178dae16c12fd01093cb5c2ea819527f53fc81cc6b4901bc9a78991c374a4c3086042ff0e4d134929fed4a294be0f8c92ccddd61179a55952be224963844d9cb0c0091e522f1185471dae4016ad693ef731728791fa87bc4a600ee285e8a570c68dbeaeb874bca43070a51944dcbe1a3b507ecaedfd162337b7ebe2ce50de4d6cf80c35d33033993dfdf3e3b380d3f47cd0a44fa09a5e311d87bb8d5d13af0e4d74cf5f360d7f461638585a6759932cf502da2fbe55c76a4cd6ae8418493d809bf40cd9bfb158f6caf4cf03ed5dd5e4f09c8009801da732b90298ebc05cc4604669da6f808e5fd8dea02bb916ba4f65c841cf25e27cd0916ff329edcccdc1dea6a2555bd16bb86cec9e633c762c2dc15674b9cba887dc71447dddd6306220b8e75b01e5f0f06a2b544061ed74874ce9d77845a5fb1988bbf1c4a0929372c6c2961532d956ab5bc98c9b77f4f29f9c7fe9682ba3ea67b5f307734d3e93d628996d83321fcb73b721656288df48051d588f7fecacee689d5179a302386c564614026f18a5ddd56879ada524ce80284f72459202e1fac9972c0613d9c2a858676d2ba8cfb0ef0dddb2c015c30d505a8b4a2071b286718a4401037e8ddcb52d6514ecf039e6c66fd04c440d91310016197cab70d80408fb366d76afc9a156da1a426af043e1faa3cb0cc33d6333b8a4e215038ce334da8e3c8c0a9d254713d6c05d1057b53912ba5b3d0b17b47bdf671d428070e5ed92755886206a4cf25f826b83402343e486f5e99a258fc7165caad3d5bf7c4a39e8559feadab440a1fc496dfb540da52ab5553a7ebf63f763c5576c8dfc794c30b44067fff673b4ff2211abfef8c34997b5e768be2fbd3638c028fe1dd935a0f9d45c8e81c8eff44c54ecc825b9d17ffafa01b1c64f4e4696f67be2d8e1df46291f832eba38d0ee8752cdc500334fb054100c4edf4ab553f06f12965f9e9e3060aa76ca2712cef849f6f6cb51d7de1f6afa2d2e7471a898d1b87447a0656bbb27e4dc9208042fef6082de638675b7a5ac353b94746a69937c2129ce96120f40e37b59d5e9937ecac04667b33089d2ec19425ad553c463f78ca1a602b55fea86748ed925a814b99cccc51de7b9368d49a59fea6b227aef6e394f34665c1fc12cc3012e28a39dbd7b8772210b193e9aebcac7482e7d8b056e565b4cae363d233388a785e6a971e951c4318635122f51d41e9b6cac539d5ab02b2b50d30173b18ef21f9258ad3b0d94679ae1e1e679db1b91ea3e87e2c129dc68d3a0d5a09dfe777a1382bda38befe0da08bd3e79ed14b99cd47a4cbb55afc4e127ef4dae685ef29bbcc500565397f3e6c797ac03e3d1befcd362972f8a9aae404e134e5ad1c38b0dd3977ea81874e00528ff89490f7d1199fc4c563fad28fe7088d250a9187798a076cd679b87442b3cd48996fa3fe2bf2ff1580b95fe578c1b1bd1b2d3a13c585da3865bd8d2523fadb906bbeea699d04de35f2669b5a6eb9ce3df9a93290f9151a0d558e2d24391c4146977d14d62a22767cc3aebe001f0332c54360ea522cec65904d4391bb04d812c1ba9bf8df25c454202c3f2c02664302b4ec8b682153f6793f4f3cdbee94c0fad97d31325b69515e8092d7d3d0323f0126db6a162c31404e68929619702cbd9b1419b29ad43292cd04e017c078253a632754a3af23a446ddc3c79432e0aaee7f2d3ed4572b2f6a88224832f1489cfb40fc6b5853983cb925862e35f1e7ee7022d1739082b50bd850f855ecef65f0ad7810bd76a2956a6301c2b078e0f9cb0513d4ed283f8c9cca9adc5acb150da359b4e6ae935996f426aa5bb801e64f6a08211e62389b2c1a7538ad2fbcd806b24f82101a6205a62c0b52975672a99a4066e7a46650f4bcfbcc78c344ac34b65c0b3ede3008ae08d451d803cb6ce6aabc1379bdf85c0e1913c10202e57999c123dee282ed109a91467eb1e67abd8ac5df2294d1307ff43ccbade52ff176ebc2c239c4414f3f3d4527a974411acca3bb88b95121d87f53b4d8edc4c1507b466055826256077d84de0cbd0b2b7f772655847842c68887a8cc758e0da8990179ede36d938c5d560f601a5163bdbd2bf3da8f16a95f0ac2e615415b5d1df44a589fbe6baa302b7d706a3cad108cc28e9bed73a1394bf85c57ee3f37bab69e65d3ed47dd8408bfc3be2eb64886ead1cff4944c1fc33fa6ecc06576b15cc3deb0ab81237ef966041f44d3dce7aeb097a144160704cf7aa4bb69e6bfbbd0180b5155397148f40cbef7e86e46f3294f4d0d10877a1953c83dd3f6c9fbd37758cd2b425f6c7dd084db326fc39efe0977b062aebdcbff7f4e31d77a27a614a4a45d1607e98f9d509e8a6310ed51e5bb4aae1e9b24ef13705bbe541557679e1647efd8dcb2bebb8ea492c2c170913e7e0214e2265b4868441cf1f04cba9250ed375a9b898c98972d3f51e0a8fcb2eebd4cd564e01eaeee3710cd8fa178c178d1f68590fc2609903d84b910ef27559fb3ffa41dca754d597fb3f2c651a30cf9a1f0948306c117d6c88dffa77ffc350cfb725ad1467edbb70ab2ed06feed894e7adf2dd308919f9d0c2e980a850d2eac377b09d09889f156407d0686d440bc2de0049d870734c37f158ce15750c449c18e8080ec5b103e852de134fe847528d1df741a620ac3d13ef0026b977aeae0a62f2f6aa36abc679d8c42cd765e7a38d7ab2924986950fd4e1f99a0477da632f8bc0b26f6a058506741c6ef7f100ca9daa8ffe6e2d4f7201df1a0646c6cf9b93fa1e1a4d67388d6287976f090dbe541a331638baea35a2a2afb312d8c819329444767f4d55158bf3d685dbf462d74aaa80ebeb3b137b248633f765ffac4c91235b9fcb3294c84df5ab215f40cc5b8052a51147afa8e1007afbf872187a45e6018151177cad89b396a9d51059873e57a32a59473c4bf39ec7f335818ec77193eecfc27fb21ad87b838ec16e18e1fd6587bba3bc5526056f5ab967bfa76f100fdccbaa29339647ae60ccb1dd949458ffc04782ce654d992fdc28dddb4e32d4acdafcca1441f0646e3a47ea6ff2c0ce1ac4d69fdd006349e3b50f39052024a2b61e78832ca78ae7055ccb8c4551a2e3d620300c75c7c3011a1547400cec7dd570fd319f60cf76a5f0073e63f845b2668cd20986f0cf735eff6a6bd44b950547ae34b2af1c62a5c6f59a9692d08a7b437b7ddf8a47dfcced0f61fcbf2c0c0338f5a55f2bccd5ed616d5c8cefdda65423c67288da9c59fdc0b405e0f54e8c58d66f6832c65f6a145c6884bcca1877e3236bf4d5f7fbd014771226699ff31be8536d4378f8af963e35e18138ff0e7ba55388210d381c8f747a717f5cda537c0a575661c7b5e498fd7bda0755f89424c29fdfaafcd4f359a0a8c41ae9abac559357a9cf786d30e2cd3a549f8756ae4a3c0a699487efa744ca095e3ffc306a174392b8de3b863ce789035f47bce0a173652f65941ec25b9d1bd71ff7b49aa1ba5ee77fef08391b3a79c6ea6df35a90f534d0638df57245807cb3b8e008641c6ff46070efc5ff30267b39d7d82f98abb07da9d428e744f8a3f8b49bd79331974865de72063d91f9b1e551f3837d6bb61d0dcdd5a0355d99fa2460634c779235a376f0b7c090a22804918a233b9d4ffe5b4bacf1a37e6b804a9fb7fe1738cfa3e09116b8b06a544450e6a06be9ac459356f333fded2e6434c31263bc14789dfebbc83777e4c0d96ab158c2701da0bc1b20d88aa9fc730e648c7afdf6d5ffc8100e6aa8a161fc1450a1e2543e6eeffa043393ebfbd429c0a97bd56b0148d508e575bbd0f9395707a1c11c468dec006b484b14a91a7381f8dc63ecf85d18af7b871183750c303f47f5f2e4c937eba9922e35135ea7c771d69e68d4a8a2124bcea9c2cae1ab5f5809b336e5eaedffca7757dc3e0f24468fa200936f5eefe71235b9cf5233c74cab14eb838bfd116663d883392b3bfea213b359bcb3ff673bc48a5834f37ecb063f952d0f9f1468a1af6fd8e70902c3c04681729b6291f58f10e8e504a3f9e1a3529bcd2611955295aa095a1e240c93973ab234103ef50168a8d852978ee8d85c19fb3921247fbf4803564353de8ea9ffbf5c3268710cc85012ef4874f747f2dcc3d37879e8e282b3a01740f432d59d7658f7e46519f47aa80ee316ed86012e74cdd956e8b1b7ec3947e3848bc944f106717396153c8ec5e9c753e852a26a0ae1296690d9dfc700b31143a04ab16320090533a0969aa9e4219755e7c28dbd2e2034a2b96ba229472a69f919e6cd3375324e004d7e3f4329ea30348e9b6ef6ed60cdcc8a8a96cfa6acc7b4a81fffb8c8e50f07b1065aaaf5c6010593e121ab2a07db2eeed2839d6d5a95547f8d04560bc0798516aac357f57006cbdecc4879f288c076a7edd5396a2527bb9963ad7721c8e84b3ec5dbad6ce5c64151bffd9613d1293463196232797fd45ef55f6564890dbab2f55d8288cc36db39f9ba44954e3aa2e761c4f3944866a0114a9421e8eb7047441d1831e7faba8244f8d10aeb8608cb9c48cb0684de26eea23a092084ef5dd8019c694b6ecc65d6469f4cc24129b1e0db24efd8acab66a6e373c0dd4c667df08ef30bd6d59dff7c22520af352c41c1d56d483ead918d31b9c897bad899257e0de1d8fd7a4711c334f6fd5b6c66dcc3aefc16ac4cc302a557980a244886a6f58a92f7783f3e855284fc52c940ce9072c05fa96d092969e58303aa73fc9729cde7a96c27a26b0b8293f164a6eafb564c92dbbfb94b057c0e75ea71cdb6dc0812bc109174bc4217c5ae08bec9774c4cdddd4cecac3ec13d0be497a7dfbfc39268482f01719c96d3e0a2c92e8dd306bc9a3e8c29472ea2a7ba6b32002bd075694bb1482c356e924584e8615ed8d028c3e0b156a2fae837ca4c3dc631cde9d82c0baffad86c007ed86fe4039c8f2f9e108581223c1e80bb6cfbb1a9a7eda6c40e80e134496fba0fdbe55ee576a08d0282a516907dbee58883d17bd1684e090c91d1402bbed78658126b7318a107cdcfe5f3036c6cf47c4ddb900b7db3819a8cdde40d105fef88ab6f87d3ecb230d4f6a94d6e9820e3e83a7f999c899768fb515ee3bcd9b943fb4b32ef440f2c8656de9a73e98e639ebc2511ab14226e47de3e2036416acfb3fbe9b87f576f91613c9cd8d4db54ba0e6f270e83103ff8ba45f5ad3d58edb2974b9b315d5522b9c2926031554735474b4862403928ab9973ee9f0e44eb99285ec675a3147857f687caf8f170a630257fdc00e4b14e8e9c365afcb74894adb45dc1b6943e5159c60b2f16eacf41d1810b83a87c1e5f49f9e2c7b069cba4e6fa549b4429108b5d4de1428a7e3cf6fd7372b44069ecfa0827953f440706e6f8139c3e8120b81108f216f669894b95ccdc172568b6fc8f13bab956b3ad660cda0123d1329b4ffa0039e79435aadba65c0ddaba4f15cdbf1ffa96f74cd5a22c9f458e4db83231bebd28dc954d133440f50866d5888cecb7ebca052f7c5c9855c27bddd5ddf84692117dcaaeab01cf3268070c870e8f00075193e9f7e3926377d2cce94ce489837f62f94978d6787d8cf24abbc0b570c4510f96a659bc2e28feb35cf9a643f4d43a9d42746f34db9120ab426364328428feea15bd63d30bad8147b4e1c1e3d692c9fd480382a7ca94958149f32f0eb278d6093975cec17f32ee53532d9267891ed77dc7cce9744a9847de3e28f7430e94429b792e56bbd63f852332d20"}, 0x1004)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002700)='gid_map\x00')
read$FUSE(r4, &(0x7f0000002740)={0x2020, 0x0, <r8=>0x0}, 0x2020)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000004780)={{0x1, 0x1, 0x18, r3, {0x0, 0xee00}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000004780)={{0x1, 0x1, 0x18, r3, {<r9=>0x0, 0xee00}}, './file0\x00'})
getgid() (async)
r10 = getgid()
getgroups(0x9, &(0x7f00000047c0)=[0x0, <r11=>0x0, 0xee01, 0xee00, 0xee01, 0xee01, 0xffffffffffffffff, 0xffffffffffffffff, 0xee00])
getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000004800)={{{@in=@multicast1, @in6=@initdev}}, {{@in=@broadcast}, 0x0, @in=@initdev}}, &(0x7f0000004900)=0xe4) (async)
getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000004800)={{{@in=@multicast1, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in=@broadcast}, 0x0, @in=@initdev}}, &(0x7f0000004900)=0xe4)
r13 = getegid()
read$FUSE(r4, &(0x7f0000004940)={0x2020, 0x0, 0x0, <r14=>0x0}, 0x2020)
lstat(&(0x7f0000006980)='./file0\x00', &(0x7f00000069c0)) (async)
lstat(&(0x7f0000006980)='./file0\x00', &(0x7f00000069c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0})
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000006a40)={{{@in=@initdev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{}, 0x0, @in=@multicast2}}, &(0x7f0000006b40)=0xe4)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f0000006b80)={{0x1, 0x1, 0x18, r0, {0xee00, <r17=>0xffffffffffffffff}}, './file0\x00'})
geteuid() (async)
r18 = geteuid()
statx(r5, &(0x7f0000006bc0)='./file0\x00', 0x100, 0x4, &(0x7f0000006c00)={0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0})
write$FUSE_DIRENTPLUS(r7, &(0x7f0000006d80)={0x468, 0x0, r8, [{{0x5, 0x3, 0x100, 0xffffffffffff781b, 0xfffffffe, 0x2, {0x7, 0x0, 0x2, 0x6, 0x30c, 0x35dd, 0x10000, 0xb76, 0x2, 0x1000, 0x2, r9, r10, 0x5, 0x2}}, {0x2, 0x5, 0x0, 0x2}}, {{0x3, 0x2, 0x8, 0xffffffffffff1c5b, 0x5, 0x5, {0x3, 0xe, 0x9, 0xfffffffffffffff9, 0xa, 0x9, 0x2, 0x7, 0x9, 0x1000, 0x5, 0x0, r11, 0x6, 0x7}}, {0x2, 0x0, 0x6, 0x4, 'rose0\x00'}}, {{0x1, 0x2, 0x4cf, 0x8, 0x1, 0x6, {0x3, 0x758, 0x83, 0x25df5351, 0x3ff, 0x6, 0x3, 0xffffffff, 0x2, 0x6000, 0xe3, r12, r13, 0xffff, 0x6}}, {0x5, 0xc16f, 0x0, 0x8}}, {{0x6, 0x2, 0x7fff, 0xffffffffffffffff, 0x7, 0xffff825d, {0x3, 0x3b5, 0x5, 0x3, 0x8, 0x3, 0x0, 0x3, 0x0, 0x4000, 0x0, r14, r15, 0x6, 0x1000}}, {0x5, 0xfcef, 0x6, 0x7, 'rose0\x00'}}, {{0x0, 0x0, 0x71, 0x79, 0x4, 0x5, {0x3, 0x7, 0x8000000000000000, 0x46, 0x101, 0xf, 0x1, 0x0, 0x8, 0x8000, 0x4, r16, r17, 0x5, 0xf}}, {0x3, 0x1, 0x2, 0xbc7, '\'+'}}, {{0x2, 0x0, 0x5, 0xffffffff, 0x5, 0x2, {0x6, 0x1, 0x4, 0x3, 0x0, 0x6, 0xff, 0xfffffffe, 0x9, 0x0, 0x53dd, r18, r19, 0x0, 0x6}}, {0x6, 0xe, 0xa, 0x3, '/dev/rtc0\x00'}}, {{0x1, 0x2, 0x4, 0xae42, 0x3, 0x1000, {0x3, 0x6, 0x4, 0x3b7, 0x8, 0xfffffffffffffff1, 0x4, 0xc, 0x3, 0xc000, 0x5, 0x0, 0x0, 0xec67, 0x1000}}, {0x2, 0xffff, 0x3, 0x2, '\xf2-%'}}]}, 0x468)

2m32.957666729s ago: executing program 3 (id=105):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfea7)
copy_file_range(r1, &(0x7f00000001c0), r0, 0x0, 0xfffffff7a003e45c, 0x10000000000000)

2m32.833878335s ago: executing program 3 (id=106):
r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000300)=""/104, 0x68)
r2 = fsmount(r0, 0x0, 0x0)
statx(r2, &(0x7f0000002b00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100, 0x80, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x6, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}})
io_submit(0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)

2m32.750002673s ago: executing program 3 (id=107):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x810}, 0x0)
r1 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

2m32.016607113s ago: executing program 3 (id=112):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2e, 0x16}, [@call={0x5c}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, 0xffffffffffffffff, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0xfe8e, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f0000000040)='%((@\x00')
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f00000000c0)='\x00') (async)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f00000000c0)='\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x8, &(0x7f0000000000)=@framed={{}, [@generic={0x6, 0x6, 0x1, 0x2, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, @exit, @generic={0xdc, 0x6, 0x9, 0xa685, 0x8}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2m31.855942922s ago: executing program 33 (id=112):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2e, 0x16}, [@call={0x5c}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, 0xffffffffffffffff, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0xfe8e, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000, &(0x7f0000000040)='%((@\x00')
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f00000000c0)='\x00') (async)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f00000000c0)='\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x8, &(0x7f0000000000)=@framed={{}, [@generic={0x6, 0x6, 0x1, 0x2, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, @exit, @generic={0xdc, 0x6, 0x9, 0xa685, 0x8}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

10.511337993s ago: executing program 4 (id=707):
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x804, 0x511c02)
listen(r0, 0x7)
r1 = socket$phonet(0x23, 0x2, 0x1)
sendmmsg$inet(r1, &(0x7f0000005600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x1)

10.44642408s ago: executing program 4 (id=708):
r0 = openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0xa, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x38, 0x10, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b, 0x604}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp6=r0}]}}}]}, 0x38}}, 0x40040)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000580), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x24, 0x2a, 0xb, 0x0, 0x0, {0x4}, [@typed={0x4, 0x3}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x0, 0x0, 0x0, @str='\x88H'}]}]}, 0x24}}, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={0x44, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x1}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0xfffff411}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x608376df}]}, 0x44}}, 0x80)

10.35830596s ago: executing program 4 (id=710):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_tcp_int(r0, 0x6, 0x8, &(0x7f0000000200), &(0x7f0000000240)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000440)={0x0, 0x200000, 0x10100, 0x100000}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
sendmmsg$inet(r5, &(0x7f0000003000)=[{{&(0x7f0000000180)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x20044840)
sendmmsg$inet(r5, &(0x7f0000000a80), 0x0, 0x4044009)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
splice(r5, 0x0, r6, 0x0, 0x2, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index})
r7 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x20363159, 0x3, 0x6, 0x2, 0x3, 0xa6e, 0x0, 0x0, 0x2, 0x6}})
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r7, 0xc2c45513, &(0x7f00000000c0)={0x9})

10.07153869s ago: executing program 5 (id=711):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
chdir(&(0x7f0000000100)='./file0\x00')
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfea7)
copy_file_range(r1, &(0x7f00000001c0), r0, 0x0, 0xfffffff7a003e45c, 0x10000000000000)

9.851430631s ago: executing program 5 (id=712):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write(r2, &(0x7f0000000040), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000780)='1', 0x1)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000800000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000740)='sched_switch\x00', r5, 0x0, 0x5}, 0x18)
creat(0x0, 0x50)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
pread64(r6, &(0x7f0000000080)=""/75, 0x8e, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff000000000800010001"], 0x28}}, 0x0)
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r7, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r7, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r7, &(0x7f0000002080)={0x2, 0x0, {&(0x7f0000001f80)=""/152, 0x98, 0x0, 0x0, 0x2}}, 0x48)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$EBT_SO_SET_COUNTERS(r8, 0x0, 0x81, &(0x7f0000000480)={'nat\x00', 0x0, 0x0, 0x0, [0x9, 0xeacc, 0x8, 0x0, 0xc2, 0x9], 0x1, &(0x7f0000000440)=[{}, {}], 0x0, [{}]}, 0x60)
write$vhost_msg_v2(r7, &(0x7f0000000040)={0x2, 0x0, {&(0x7f0000000b40)=""/263, 0x107, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r7, &(0x7f0000000200)={0x2, 0x0, {&(0x7f0000000540)=""/219, 0xdb, 0x0, 0x1, 0x2}}, 0x48)
write$vhost_msg_v2(r7, &(0x7f0000000340)={0x2, 0x0, {&(0x7f0000000640)=""/201, 0xc9, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r7, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f00000002c0)=""/119, 0xfca2, 0x0, 0x0, 0x3}}, 0x48)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000020301020000000000000000000000100800010001"], 0x1c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000058000000030a0102000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a3000"], 0x122}}, 0x0)

9.482799654s ago: executing program 5 (id=714):
r0 = socket$kcm(0xa, 0x2, 0x3a)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r1, 0x11c, 0x0, 0x0, 0x0)
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001540)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e34ff65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd086004c4a56c6cce6e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e430a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b051f47db7aa110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c0000000000000000000a000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3938e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea875583e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba46cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5ccb9f10f615c87c441dc50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246e891e20ecaad7059866506c3000000000c3230e901e885b7a4a36bdfdb5ce7a2e5807a0f4c1d461d1243fccf51b875b49490cd7d044e7a1e1a4c013fae1f070a8a37ab90da2efc6c875b3aab34b75a252072691fc97bef0fed8ee597ab83bb53f89c36bc2ee3ad54904542f66dc94132df75fc9944882d6f2e13b7057e0000000000000000000000000000000000001b726c0ccd24000000000000cfd2f4d005578b9ed06e1c41ef3b411066739de953d39b968caaca1507928d68c8f052"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
fcntl$dupfd(r2, 0x406, r0)
syz_open_dev$sg(&(0x7f0000000040), 0x4, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000000)=r3, 0x4)
socket(0x11, 0xa, 0xff5e)
sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000780)="80005b020eaa4da2", 0xfdef}], 0x1, 0x0, 0x0, 0x900}, 0x0)

9.316268167s ago: executing program 5 (id=715):
socket$nl_generic(0x10, 0x3, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8240, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wg2\x00'})
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0xfffffed4, 0x20}}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2000000000000021, 0x2, 0x2)
shutdown(r0, 0x2)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180), &(0x7f00000001c0))
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f0000000000)=0x7ff, 0x4)
shutdown(r3, 0x1)
recvmmsg(r3, &(0x7f0000000840)=[{{0x0, 0x41, 0x0}}], 0x414, 0x406, 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="12fbffff030000000000000005120000000000008f71a757ccf493263a03d4e8783add3e92b294ef5d88a17eee56c9c2f1ac8452796fafa28e3f4a7b492bb82ecf6f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000300)={r5, 0x58, &(0x7f00000004c0)}, 0x10)
getpeername$packet(r2, &(0x7f0000000440), &(0x7f0000000480)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000001940))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000600), r6)
sendmsg$NLBL_CALIPSO_C_REMOVE(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, r7, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0xd3419685ba248180}, 0x8000)

8.581843351s ago: executing program 5 (id=720):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
chdir(&(0x7f0000000100)='./file0\x00')
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfea7)
copy_file_range(r1, &(0x7f00000001c0), r0, 0x0, 0xfffffff7a003e45c, 0x10000000000000)

8.581240893s ago: executing program 5 (id=721):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
ftruncate(0xffffffffffffffff, 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
ioctl$UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7179, 0x0, 0x4, 0x288}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x40800, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$cgroup_devices(r8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e0306003c5c980128846360"], 0xffdd)

7.176210115s ago: executing program 4 (id=725):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x9, 0x2)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="11000000040000000400000002"], 0x48)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000080)={r2, 0x58, &(0x7f0000000140)}, 0x10)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000280)=@o_path={&(0x7f0000000240)='./file0\x00', 0x0, 0x8, r0}, 0x14)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = dup(r4)
setsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000b80)={{{@in, @in6=@loopback}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, 0xe8)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r3}, 0x8)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x29, &(0x7f0000000900)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_idx={0x18, 0x6, 0x5, 0x0, 0xd}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1500}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @map_fd={0x18, 0xb, 0x1, 0x0, r3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x1}, @ldst={0x3, 0x0, 0x4, 0x0, 0xb, 0xfffffffffffffff0, 0xfffffffffffffff0}, @alu={0x4, 0x1, 0x1, 0x0, 0x9, 0xffffffffffffffff, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0x49}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
socket$inet_udplite(0x2, 0x2, 0x88)
syz_open_dev$ndb(0x0, 0x0, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x200000, 0x24)
fchmod(r8, 0x40)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r10, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x8880}, 0xc0)
r11 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r11, 0x29, 0x20, &(0x7f0000000100)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0xff, 0x9}, 0x20)
r12 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r12, 0x29, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x2c4, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1fc, 0xffffffff, 0xffffffff, 0x1fc, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev, [], [], 'batadv0\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0xd0, 0xf4, 0x0, {0x0, 0x4c00}, [@common=@inet=@tcp={{0x2c}}]}, @common=@inet=@TCPMSS={0x24, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xc8, 0x108, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x320)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r1)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r11, 0x29, 0x20, &(0x7f0000000300)={@local}, &(0x7f00000004c0)=0x37)
sendmsg$NFC_CMD_GET_TARGET(r7, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, r10, 0x300, 0x70bd27, 0x25dfdbfc, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x18080}, 0x1)
ioperm(0x9, 0x6, 0x98c)
setpgid(0x0, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)

7.101193043s ago: executing program 4 (id=726):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b705"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="6031144af0afe1281b6f093cfeb255fa995e964735960510b4dd7a1fff3351c16b92ffcca003e48ffa1125", @ANYRES16=r6, @ANYBLOB="01000000000000000000660000000400b8000400b800050019010800000008002600a4150000080027000100000008002201e80100000800b70062000000080026007c150000080026006c090000e00cb9801200bb00060001005e000800ff032a0f010000001400bb00199af8ff0900270709004700080004000a00bb00ff0f0300d93700000c00ba00feff0002fdff05000c00bb0002000100ffff18cf09000f00250301060000000048079100e28abad7f3363449552bbf53194f50ea36b0fcc7da7a22b10ab513bd88cb4a91c3ee12f40baa15a812f9870cf8e031584ed815b4280809f564fe4f86b4904c7070688f862e8c93ef34cf8c71f7a082551d1a099adf0d39ef7d3f4f2716e33faca7685cc2dfe2ccd68bfbc8150810e35b0236520de26bacac39d9f0b5ed60813b0c0a8f0618184790fe797645f65ca879425356bc9592d3e4c6ead3488929f8948eff754b72f7f32858f8cfb3df1ed14b3d156973ae50bacfc8b67dd916d3740bb0291a201bc365f94e4ac82f88ac555d398998ea2d6d7a197033b0eac1db393f2b789946b5c890b8975f8ce418073b4ca5b67e106ad1f2d7674b42aed2c3d66ad44918bbcf456ecc8c0c468d1555dc855731f3d558e89aab3debcd0317ba5c3ea6d15e259559c6f2bf26da4076195c271f093eafe7b0d759eae14eb4bdbda31f90710e23b1a11eec12aeaba96b6bf4815a1fe62be5c60560130400b09e4b432955e685a1b7e407cf5dd140d7c20fe8e9655970579c5a5f19a15c1cc224c110653d63ea9a47623ea5c8d8e76efb2dbc7d0b1ab71150d5c31e45fb0eddab9a7a46cedcc8f4a25d151543b67d39d65fd596315c1f98c337e4f0ae6dc40efa991917ea2eca22dae1e88c10da26b02a74cb2c25cd5f6fec0e061808f824e99e2ee00e1d4abb7e504d7f1e23012a4ec0f33c7b9466b2664cb80a288115ad41d2a615732c7e4087cfae2a087ab1418460ac1cab7aff280c390535fdc501ba33ca6ac26cc945cb918d065a96bcabe90632ebf7a5a6306682946879e2c04b553495ac586636fe997b2c0a795b181368ac0f4e4ff001472198bc39aff3cf4214b832f378d70c14f6da611a105a8bd2571affef3579da52ae601cda951285718fc9a20ca1acd7774e7c02b1037113296815a3561a5f3d521712a35158a3a4175e9cff489d2de59ba1e59de3c4f7edd16c067d2df09761d777a802dc4c925493dd931c150b7dfe8d1ffe7a8f0e70ec7783cd1fdef41b4e3d3bac8e878e2166018f1311acb0d737b4d37787339e04917e3d1a4646a723627307511023324609f749b378b988ca7a0ab2245d40e1632150c88d5fa4f2528996f2eed7897df3bff78b5758d4b8cdd5952043d09fff84488d3143e020c7fcf66130f9ff081fcaca6d95aae16b2a231e3f771c4b252110424d306d3bd1f9fe1db50f044c1ee1e0a75bc13b6fe5b9243a1903f0dd2a063b0015cf290e0e78cf08ffe94ec3fcc64d4558d66ed55c2edc4b387744b9e3cc55385fb105e2fe33c1b51627362cda0bed5362de26d24675aad04c75c9b4c23d6a524fc1ca08f3c9f74cccc687aca343d8fbee820b51c057467ee6792f8c09acaa64956aa0a305fe71d76fe5bb59daa9afcc093aa88e3043317e38d8830fcd2c56f94d6f8b40ce2abbf2eec6234d4a52e400a05be9b5c08d75002b68a9ae263876fc863120124e4fba2699a2765c423090d0e55fc32678bbdc8053b8cdd0bf168ecde5a8b5cc2301dd9a34040c51d6b7077c6c77d071c02fe546b1df80467e2643cbf4bb569e1ee6be89d0a5c3d4554da225f08e03145044257c5d3ddeb277275c92e9e022e78c91342462263df61328cb3dbb499a93d07a4115d39177551d9283f92f5f0859cc02d40cb1bb0cad32c58da18d9447b13b656ac04e915340a6352401bb0eed74223776f1f2e4310363b50dad6707f3bd80cad60c42a728a2bcfdcfaa530982fa863a31992d479509221b311bf35e0dac44b1d6e926ece86c5c4bbdd9341fddfea88f8184964b7bd46770d06e57ea6ed3defb105694d3640712423fb66da6d916a658ee4d77d36a86fab98d0ada1a4d351ecc4e4846971d066ab21d0754b27fa11b940a19bc0047545ee17c8f5cf8ba627cfb38926dac8b40f0db4986ba87bd1619e491584d03f0a379c52f3a15a7340f27e860c83cf50303b6b86ef2ed7deea706a2cdbb6f4c14682f6ae6541d4038f7a05966c944a6f6dcf69771586efe29ba5bcd71a245cc917f75e85df08fd9417484ef201483ce0631ce4308dbd1fbcf18aa398220cf52dd722287dd7fc2f77ed32e46728ff4e3c15c099fb6227d9116023550d3d6f6916a25680a432781c2dede2963856a10710079d6775491cdf9410cdf0666ec115c19c2784a9f1fb75af12473525fcefa60003d12d2c31f2f22f3629dd648dd1d1b7f074bea3e2e3878f7996decd6d5c7a6607432a51e22747abe533490a4be2d01f1f7af1a7e2742fc40afe54d1343f13f0f1481b5dacafee839888c38ee265891f9d692d4dbe9e2a43c7ea38fe5bdc0f7b116dcefc2b66b35ba825fe10ffa6ab252453446895452b1a46663e22321743c1dd47ebd38cbfdd30d5cf87df49bcd50f7cd94fd14ddd03e6feaea41132282c51310a6b8b351ace5785f5a4279f1b947a35c7f7068f869d50f205dd0b6e05dad04549a7e19c65fe4de0a64626bd4b632dad585d4dc716c1724e77d7765a6686ee787b7ec037287891cabe1fd6f37251d1f333f6418e12514aa7c714ac6b57e659dbff89c4b5b2da5cf145be94452b22b6364f31f7f2a2723df742d73e38a8446bd3c051a959137ba737ed49f86031c5db0829064c01181822703040b7acaaa166d63007f00030174040602090800f7ff3752b4005c902b7daccf69f99dd1b96bd94fae29b9bcf7524ede06d152c0fa6dfcdf21bb917bb5fb4c94c4b7358a573110614759dd83cf648d5589ce7c99612672698cd5d5f3c9f9e1f49f47bb0bb6e7bc4b5915003c000e80040001002a000200c3d8e697e28cab0c38446e3b9e35cb098fab264a48715254a8d058eecc7aac9d7ac3e4f656000000040001000400010033002a008325407e0608021100000009000000ffffffffffffff7f00000400000008021100000100000000040609000200020000ef002a008c104404bedff8e64c01f1f74cd00914f3d4760693d52e000002710701000001ff094205a605c605b4944f15eb13c61ba2b53f0051cf2076f0c483d082e33dba51dc4ca05780f1e8f76df39e46c9729876341cfdccd157fef25bb6c9ff8be8387d350629c755b08301b473301512ff0df03f9211abe4bd176dc4d0c2d6cb27c0b0d530bfa0dfb73f5a33a9546353c27ab83816c55f51c852258c4d48f447cd57212e83e28af410ca86d68458af76355d196a8eb202abac48fe22f6f9d3ed7d48865adbb94df4c66ebdf3c67e15000a040802110000010200000001000000900f0000710700010101010508003f0080008422060240ffffffffffff08000000080211000001390000ffffffffffff010000000e006512080211000000ffffffffffffffffffffffff1001e50035030e0080bcca00ffffffffffffffffffffffff080211000000ea001c00c40165000000000000000800204001018903016c25030102402d1a80001f0400000000000000ef000f0011000000060003000000077206030303030303710700ff0000ff0d007606030607008400dd9341ac11926c3a1500a0baf0ed2681da2741c00f7f986c9d1a60a85e162d4ce21dc91046959cec4fbda22ec2a4a0bd0f6d1d4c3f875dd7e9d8f1c183b270ce872d89c4e5a01fa940759ac82f569be74648d58c8037b6dc638770c79d3f619a960e2f2ebfc733c87e3d3d194ae1694a50cf4141268d61b35ab09b3a3dcba85f769fd9f45d796376123c3c5793f1cf06ac548057a2dda5721263580b83db8fba45fd99ad786af1867070e8147e7d6ff35169dd5752a9ba2dbed906ea7b9e028a10f694d411dd7ecbda5320b594337cf7fee4c3322a0ae2404cff0841818ca1db54d4fa94000fe3f5cdbe0275f12dd4bee52cb2713751c7e32ddf9e195d918a01f07ac370d7d07ee1c17428d748b98326d69ee0bd6f0f187fac5ca33cb64a517f7e3811cc047454d1c5ec292c27bdcb3d728494eaee036da6761a2209dd35843e44b996208574825ec44f4381c4b270c47ca096cd23f095661672039d6aa787511854d31cb35a4c4863b67105e4c411cb072472dde173400d43743d7e3ef168f3cbd22c1f3ab2c07c85ab806a9d6a057e504bb109550f27f762de69380bebf942a6629a27349475dee0e3d9f1280e12d5052c963f68d36b11fdee0a0cd3f8fc6131dfb9e40630dbae5cb90224e5ba50ea8e6c551350344de9eb40460c2ae4e312b28519f0d44775608910e3be89181927931790bf1197ea1a3ff0a6586db65c9e32551eab614e59bd37bcc89669f6b65b3d67927973c2276329f24c5258fd7ca458d6b1e3808f00ec3f741c5be8253c0f5f6bfd673ed87bfa6e64ef50ffe52132a13c255c136fcaaec0b0249052605f4d41f86d2c2c3cdd71d0d7c992beb2718e33020739f1362006602a1e45cec91127d46b895074adf1c1cd9f51c6e2dbdb4dba0e1874c7166fcfe815fb8eab0fb4325230040812a381ff381c4ef2cbf3c963f06a5a49cbaaef27b879507e54c086c2dd18778bbc043c7b20457388363d4094cc605ebea511855bdf000000"], 0xd34}}, 0x40020)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
r7 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
write$P9_RMKNOD(r7, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r7, 0x84, 0x77, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="fe0d08000600090002b90800070006000400696a2aa2b7aec42eeb49b895e4b23fa23f90b50fedbc9fde557c76a0220fd8c7b43678b788a8632dfa9d6ef68d40dd115bc3a8a58c985551508ef9abb6c9a623db9ec24121ce6ba8022b1e2261189265edda"], 0x18)
read$FUSE(r7, &(0x7f0000003c80)={0x2020}, 0x2020)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
openat$tun(0xffffff9c, &(0x7f0000000080), 0x101002, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
r8 = socket(0x1e, 0x5, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003700010324bd7402f9dbdf2506"], 0x14}, 0x1, 0x0, 0x0, 0x4004004}, 0x40)
r10 = syz_init_net_socket$ax25(0x3, 0x2, 0xcf)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES64=r6, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f"], 0xe8}}, 0x0)
connect$ax25(r10, &(0x7f0000000000)={{0x3, @null}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast]}, 0x48)
connect$tipc(r8, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
recvmmsg(r8, &(0x7f0000003c40)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000540)=""/228, 0xe4}], 0x1}}], 0x1, 0x0, 0x0)

5.84389894s ago: executing program 1 (id=728):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="bcb89cf9", @ANYRES16=r1, @ANYBLOB="01002cbd70100400000005000000080009000200000008000c00a80a000008000b00020000000600010005000000"], 0x34}}, 0x20)
r3 = openat$pfkey(0xffffff9c, &(0x7f00000002c0), 0x50101, 0x0)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x38, r1, 0x300, 0x70bd29, 0x25dfdbfd, {}, [@L2TP_ATTR_IFNAME={0x14, 0x8, 'pimreg\x00'}, @L2TP_ATTR_FD={0x8, 0x17, @udp6=r3}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0xa}]}, 0x38}}, 0x40004)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="030300000000000000000a00000008000300b0"], 0x1c}}, 0x0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x60000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, r5, 0x800, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x14040}, 0x20080004)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r6=>0x0})
io_setup(0x202, &(0x7f0000000200)=<r7=>0x0)
openat$binfmt_format(0xffffff9c, &(0x7f0000000400)='/proc/sys/fs/binfmt_misc/syz2\x00', 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {}, {}, {}, {}, {0xfffffffc}, {0x400000}], 0x0, 0x4}})
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x5, '\x00', r6, r3, 0x2, 0x1, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r3)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x400010, &(0x7f0000ff5000/0x1000)=nil, 0x3)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp\x00')
io_submit(r7, 0x0, &(0x7f0000000440))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)={0x1c, 0x33, 0x1, 0x70bd2a, 0x25dbdbff, {0x1}, [@typed={0x8, 0x4, 0x0, 0x0, @u32=0x24}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24001}, 0x4000000)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000330007010000000000000000027c8000"], 0x14}, 0x1, 0x0, 0x0, 0x28804}, 0x40000)

3.656582319s ago: executing program 1 (id=729):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[])
chdir(&(0x7f0000000100)='./file0\x00')
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfea7)
copy_file_range(r1, &(0x7f00000001c0), r0, 0x0, 0xfffffff7a003e45c, 0x10000000000000)

3.650016435s ago: executing program 0 (id=737):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f2110"], 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x10)
openat$nullb(0xffffff9c, &(0x7f0000000040), 0x408001, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = dup(0xffffffffffffffff)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r3, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r4, 0x0, 0x11)
read$char_usb(r4, 0x0, 0x0)
syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f00000000c0)="10")
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0x80045505, 0x0)

3.342727251s ago: executing program 1 (id=730):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e79"])
chdir(&(0x7f0000000100)='./file0\x00')
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfea7)
copy_file_range(r1, &(0x7f00000001c0), r0, 0x0, 0xfffffff7a003e45c, 0x10000000000000)

3.010574777s ago: executing program 1 (id=731):
socket$unix(0x1, 0x2, 0x0) (async)
syz_init_net_socket$rose(0xb, 0x5, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0) (async)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) (async)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x6, 0x0, @fd, 0x0, 0x0, 0x0, {0x9208}})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

3.010350642s ago: executing program 1 (id=732):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x565803, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000200))
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r4=>0x0})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000140)={'syztnl2\x00', r4, 0x29, 0xf, 0x6f, 0xd78, 0x1c, @mcast2, @local, 0x700, 0xf8a0, 0xc}})

555.621944ms ago: executing program 0 (id=733):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0xc2c45513, &(0x7f00000000c0)={0x9})

466.463354ms ago: executing program 0 (id=734):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x808456bf, &(0x7f0000000540))

353.874218ms ago: executing program 0 (id=735):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000044882, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r1=>0x0)
socket$kcm(0x29, 0x5, 0x0)
io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0xf, 0x0, 0x0, r0, &(0x7f0000000040)="e242df85cd92f487bdd068", 0xb, 0x1000000, 0x0, 0x10}])

151.771744ms ago: executing program 0 (id=736):
r0 = syz_open_dev$radio(&(0x7f0000000140), 0x0, 0x2)
r1 = io_uring_setup(0x26d8, &(0x7f00000000c0)={0x0, 0xb958, 0x4000, 0x2, 0x376})
io_uring_enter(r1, 0x5f74, 0xfc1, 0x8, &(0x7f0000000180)={[0x5, 0xfffffff0]}, 0x8)
readv(r0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/183, 0xb7}], 0x1)
r2 = openat$vicodec1(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f00000002c0)={0x0, @reserved})

2.219989ms ago: executing program 0 (id=738):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
set_mempolicy(0x3, &(0x7f0000000080)=0x5, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='2\x00', 0x2)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

1.763327ms ago: executing program 1 (id=739):
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000001040)={0x3000, 0x1, 0x3}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000001080)={0x8100}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000280), 0x8, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f0000000040)={0x2, @win={{0x4, 0x5, 0xfffffffd, 0xd691}, 0x1, 0x4, &(0x7f00000003c0)={{0x7, 0x5, 0x1, 0x9}, &(0x7f0000000300)={{0x3, 0x7, 0x3, 0x93d7}}}, 0x10001, &(0x7f0000000380)="fe5e3b78", 0x8}})
bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f080003"], 0xf0}, 0x1, 0x0, 0x0, 0x4c004}, 0x200000d0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="f00000001a0093cf26bd7000fddbdf25ff7fd36b27d9a6bde300000000000000ff0100000000000000000000000000013d2200054e240002020000002c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc010000000000000000000000000000000004d332000000ac1e010100000000000000000000000004"], 0xf0}}, 0x28008004)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c000180060006006558000004050280ff0411"], 0x528}}, 0xc000)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
accept4(r0, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="11000000000000000000250000000e0001006e657464657273696d000030000300008e00800000000c009b0000000000000000000c0090000000000000000000"], 0x54}}, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r4, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000001605000300000000000900010073797a30000000000900020073797a320000000014000000000000000000000000000a6650d52c5b72e449776161ca9ee124cfcf0f7825e8c21a28050000001a704c777efa5e2856e7154ab75eff0e90bb5faea23e2495f236b3d8c2d0539209a04c715744d977e8894d59c04efa50dbdf65fb57470f090c7114c30ab24b96e82b10e654701c61d4ae20e9c0d6a173b9fcb69aaebd5be8711328dc609915f5d9010084873fedc24ae6ac21ff0dee5e7a9ec32da94305c1623b7be283efbdc07212ec650000000000"], 0x80}}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000000500000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18230fbb0d000000636cae93fc94e1a752942852dd43e02ecc166193950000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

0s ago: executing program 4 (id=740):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76"])
chdir(&(0x7f0000000100)='./file0\x00')
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfea7)
copy_file_range(r1, &(0x7f00000001c0), r0, 0x0, 0xfffffff7a003e45c, 0x10000000000000)

kernel console output (not intermixed with test programs):

r_hwframe+0x84/0x8e
[  176.959815][ T7246] RIP: 0023:0xf7eff579
[  176.961757][ T7246] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  176.993044][ T7246] RSP: 002b:00000000f503555c EFLAGS: 00000296 ORIG_RAX: 0000000000000161
[  176.999063][ T7246] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000000
[  177.023944][ T7246] RDX: 00000000ffffff9c RSI: 0000000020000600 RDI: 0000000000000002
[  177.026985][ T7246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  177.041843][ T7246] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  177.044549][ T7246] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  177.051395][ T7246]  </TASK>
[  177.071188][ T7246] ERROR: Out of memory at tomoyo_realpath_from_path.
[  177.484596][ T6245] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  177.732352][ T6245] usb 9-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  177.736839][ T6245] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.316076][ T6245] usb 9-1: config 0 descriptor??
[  178.350350][ T6245] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input21
[  178.695479][ T7256] 9pnet_virtio: no channels available for device syz
[  179.550705][   T63] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  179.720696][   T63] usb 6-1: Using ep0 maxpacket: 32
[  179.724591][   T63] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  179.730032][   T63] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  179.752202][   T63] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  179.756121][   T63] usb 6-1: Product: syz
[  179.757677][   T63] usb 6-1: Manufacturer: syz
[  179.759342][   T63] usb 6-1: SerialNumber: syz
[  179.770382][   T63] usb 6-1: config 0 descriptor??
[  179.787008][ T7261] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  179.985988][ T6245] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  180.074523][  T907] usb 6-1: USB disconnect, device number 6
[  180.089896][ T6020] usb 9-1: USB disconnect, device number 8
[  180.180676][ T6245] usb 10-1: Using ep0 maxpacket: 32
[  180.209424][ T6245] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  180.219265][ T6245] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  180.234915][ T6245] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  180.262804][ T6245] usb 10-1: Product: syz
[  180.265826][ T6245] usb 10-1: Manufacturer: syz
[  180.268208][ T6245] usb 10-1: SerialNumber: syz
[  180.283833][ T6245] usb 10-1: config 0 descriptor??
[  180.287887][ T7263] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  180.537645][ T7263] FAULT_INJECTION: forcing a failure.
[  180.537645][ T7263] name failslab, interval 1, probability 0, space 0, times 0
[  180.544791][ T7263] CPU: 2 UID: 0 PID: 7263 Comm: syz.5.264 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  180.548542][ T7263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  180.552877][ T7263] Call Trace:
[  180.554141][ T7263]  <TASK>
[  180.555249][ T7263]  dump_stack_lvl+0x16c/0x1f0
[  180.556993][ T7263]  should_fail_ex+0x497/0x5b0
[  180.559169][ T7263]  ? fs_reclaim_acquire+0xae/0x150
[  180.561932][ T7263]  should_failslab+0xc2/0x120
[  180.564209][ T7263]  __kmalloc_cache_noprof+0x68/0x420
[  180.566263][ T7263]  dummy_urb_enqueue+0x8d/0x8e0
[  180.568612][ T7263]  ? usb_hcd_map_urb_for_dma+0x39e/0x1190
[  180.571448][ T7263]  usb_hcd_submit_urb+0x2d1/0x2110
[  180.573908][ T7263]  ? trace_rpm_return_int+0x1a6/0x230
[  180.576481][ T7263]  ? __pfx_usb_hcd_submit_urb+0x10/0x10
[  180.579718][ T7263]  ? lock_acquire.part.0+0x11b/0x380
[  180.582802][ T7263]  ? find_held_lock+0x2d/0x110
[  180.585390][ T7263]  ? __pm_runtime_resume+0xc3/0x170
[  180.588145][ T7263]  ? __pfx_lock_release+0x10/0x10
[  180.590876][ T7263]  ? mark_held_locks+0x9f/0xe0
[  180.594238][ T7263]  usb_submit_urb+0x87c/0x1730
[  180.597895][ T7263]  ? __pm_runtime_resume+0xc3/0x170
[  180.601757][ T7263]  _chaoskey_fill+0x326/0x8e0
[  180.609388][ T7263]  ? __pfx__chaoskey_fill+0x10/0x10
[  180.611217][ T7263]  ? __pfx_autoremove_wake_function+0x10/0x10
[  180.613276][ T7263]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  180.632861][ T7263]  chaoskey_read+0x2ea/0x600
[  180.636737][ T7263]  ? __pfx_chaoskey_read+0x10/0x10
[  180.641531][ T7263]  vfs_read+0x1df/0xbe0
[  180.645275][ T7263]  ? __fget_files+0x1fc/0x3a0
[  180.650559][ T7263]  ? __pfx_lock_release+0x10/0x10
[  180.656717][ T7263]  ? __pfx_vfs_read+0x10/0x10
[  180.662067][ T7263]  ? lock_acquire+0x2f/0xb0
[  180.666154][ T7263]  ? __fget_files+0x40/0x3a0
[  180.669368][ T7263]  ? __fget_files+0x206/0x3a0
[  180.672426][ T7263]  ksys_read+0x12b/0x250
[  180.675870][ T7263]  ? __pfx_ksys_read+0x10/0x10
[  180.679647][ T7263]  __do_fast_syscall_32+0x73/0x120
[  180.683766][ T7263]  do_fast_syscall_32+0x32/0x80
[  180.687587][ T7263]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  180.689905][ T7263] RIP: 0023:0xf708e579
[  180.691389][ T7263] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  180.701917][ T7263] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  180.705221][ T7263] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000200
[  180.708385][ T7263] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  180.711657][ T7263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  180.715279][ T7263] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  180.718702][ T7263] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  180.721452][ T7263]  </TASK>
[  180.726983][   T56] usb 10-1: USB disconnect, device number 7
[  180.785750][ T6245] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  180.823508][ T7277] evm: overlay not supported
[  180.847256][ T7277] FAULT_INJECTION: forcing a failure.
[  180.847256][ T7277] name failslab, interval 1, probability 0, space 0, times 0
[  180.863200][ T7277] CPU: 2 UID: 0 PID: 7277 Comm: syz.1.268 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  180.868978][ T7277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  180.878457][ T7277] Call Trace:
[  180.880137][ T7277]  <TASK>
[  180.882024][ T7277]  dump_stack_lvl+0x16c/0x1f0
[  180.884958][ T7277]  should_fail_ex+0x497/0x5b0
[  180.887775][ T7277]  ? fs_reclaim_acquire+0xae/0x150
[  180.897557][ T7277]  should_failslab+0xc2/0x120
[  180.901172][ T7277]  __kmalloc_node_noprof+0xd1/0x520
[  180.904159][ T7277]  ? alloc_slab_obj_exts+0x41/0xa0
[  180.907058][ T7277]  alloc_slab_obj_exts+0x41/0xa0
[  180.913552][ T7277]  new_slab+0x314/0x410
[  180.920060][ T7277]  ___slab_alloc+0xce2/0x1650
[  180.922996][ T7277]  ? alloc_empty_backing_file+0x25/0xd0
[  180.926206][ T7277]  ? alloc_empty_backing_file+0x25/0xd0
[  180.928918][ T7277]  ? __slab_alloc.constprop.0+0x56/0xb0
[  180.931626][ T7277]  __slab_alloc.constprop.0+0x56/0xb0
[  180.934331][ T7277]  kmem_cache_alloc_noprof+0xeb/0x3b0
[  180.938378][ T7277]  ? make_vfsuid+0xf1/0x140
[  180.941240][ T7277]  ? alloc_empty_backing_file+0x25/0xd0
[  180.944788][ T7277]  alloc_empty_backing_file+0x25/0xd0
[  180.948126][ T7277]  backing_file_open+0x2d/0x110
[  180.950998][ T7277]  ovl_open_realfile+0x27e/0x3a0
[  180.953994][ T7277]  ovl_open+0x1df/0x330
[  180.958175][ T7277]  ? __pfx_ovl_open+0x10/0x10
[  180.961980][ T7277]  do_dentry_open+0xf59/0x1ea0
[  180.964647][ T7277]  ? __pfx_ovl_open+0x10/0x10
[  180.967735][ T7277]  vfs_open+0x82/0x3f0
[  180.970120][ T7277]  ? may_open+0x1f2/0x400
[  180.972509][ T7277]  path_openat+0x1e6a/0x2d60
[  180.975073][ T7277]  ? __pfx_path_openat+0x10/0x10
[  180.977914][ T7277]  ? __pfx___lock_acquire+0x10/0x10
[  180.980676][ T7277]  ? lock_acquire.part.0+0x11b/0x380
[  180.983536][ T7277]  ? find_held_lock+0x2d/0x110
[  180.986675][ T7277]  do_filp_open+0x20c/0x470
[  180.988926][ T7277]  ? __pfx_do_filp_open+0x10/0x10
[  180.991692][ T7277]  ? find_held_lock+0x2d/0x110
[  180.994635][ T7277]  ? _raw_spin_unlock+0x28/0x50
[  180.997444][ T7277]  ? alloc_fd+0x41f/0x760
[  180.999803][ T7277]  do_sys_openat2+0x17a/0x1e0
[  181.002531][ T7277]  ? __pfx_do_sys_openat2+0x10/0x10
[  181.005721][ T7277]  ? __fget_files+0x206/0x3a0
[  181.008483][ T7277]  __ia32_compat_sys_open+0x147/0x1e0
[  181.011797][ T7277]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  181.015330][ T7277]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  181.019048][ T7277]  __do_fast_syscall_32+0x73/0x120
[  181.022053][ T7277]  do_fast_syscall_32+0x32/0x80
[  181.025029][ T7277]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  181.028770][ T7277] RIP: 0023:0xf7eff579
[  181.031147][ T7277] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  181.041846][ T7277] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  181.046486][ T7277] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 0000000000141042
[  181.052205][ T7277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  181.056968][ T7277] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  181.061510][ T7277] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  181.067922][ T7277] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  181.072614][ T7277]  </TASK>
[  181.171309][ T6245] usb 5-1: Using ep0 maxpacket: 32
[  181.196428][ T6245] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  181.225708][ T6245] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  181.229542][ T6245] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  181.259550][ T6245] usb 5-1: Product: syz
[  181.269438][ T6245] usb 5-1: Manufacturer: syz
[  181.271870][ T6245] usb 5-1: SerialNumber: syz
[  181.306077][ T6245] usb 5-1: config 0 descriptor??
[  181.309964][ T7270] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  181.536730][ T7286] netlink: 4 bytes leftover after parsing attributes in process `syz.5.271'.
[  181.755864][  T907] usb 5-1: USB disconnect, device number 5
[  182.255262][ T7292] 9pnet_virtio: no channels available for device syz
[  182.389811][ T7282] syz.1.270 (7282) used greatest stack depth: 20672 bytes left
[  182.395334][ T7294] 9pnet_virtio: no channels available for device syz
[  182.797270][ T7303] FAULT_INJECTION: forcing a failure.
[  182.797270][ T7303] name failslab, interval 1, probability 0, space 0, times 0
[  182.804179][ T7303] CPU: 0 UID: 0 PID: 7303 Comm: syz.1.277 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  182.812136][ T7303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.816932][ T7303] Call Trace:
[  182.818514][ T7303]  <TASK>
[  182.819791][ T7303]  dump_stack_lvl+0x16c/0x1f0
[  182.822888][ T7303]  should_fail_ex+0x497/0x5b0
[  182.829956][ T7303]  ? fs_reclaim_acquire+0xae/0x150
[  182.833768][ T7303]  should_failslab+0xc2/0x120
[  182.850116][ T7303]  __kmalloc_cache_noprof+0x68/0x420
[  182.853316][ T7303]  ip6_route_multipath_add+0x184d/0x1ff0
[  182.855758][ T7303]  ? __pfx_ip6_route_multipath_add+0x10/0x10
[  182.859886][ T7303]  ? __mutex_trylock_common+0xea/0x250
[  182.862549][ T7303]  ? __pfx___mutex_trylock_common+0x10/0x10
[  182.865134][ T7303]  ? rtnetlink_rcv_msg+0x372/0xea0
[  182.873605][ T7303]  ? inet6_rtm_newroute+0xe5/0x170
[  182.876861][ T7303]  inet6_rtm_newroute+0xe5/0x170
[  182.879356][ T7303]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  182.882032][ T7303]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  182.884506][ T7303]  rtnetlink_rcv_msg+0x3c7/0xea0
[  182.890323][ T7303]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  182.893802][ T7303]  ? __pfx___dev_queue_xmit+0x10/0x10
[  182.895806][ T7303]  netlink_rcv_skb+0x165/0x410
[  182.900120][ T7303]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  182.905696][ T7303]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  182.914580][ T7303]  ? netlink_deliver_tap+0x1ae/0xca0
[  182.917132][ T7303]  netlink_unicast+0x53c/0x7f0
[  182.919151][ T7303]  ? __pfx_netlink_unicast+0x10/0x10
[  182.922076][ T7303]  ? __phys_addr_symbol+0x30/0x80
[  182.924321][ T7303]  ? __check_object_size+0x488/0x710
[  182.926673][ T7303]  netlink_sendmsg+0x8b8/0xd70
[  182.929242][ T7303]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.943153][ T7303]  ____sys_sendmsg+0x9ae/0xb40
[  182.945355][ T7303]  ? __pfx_____sys_sendmsg+0x10/0x10
[  182.948134][ T7303]  ? get_compat_msghdr+0x11b/0x170
[  182.953280][ T7303]  ___sys_sendmsg+0x135/0x1e0
[  182.955579][ T7303]  ? __pfx____sys_sendmsg+0x10/0x10
[  182.960689][  T907] usb 9-1: new full-speed USB device number 9 using dummy_hcd
[  182.978823][ T7303]  ? trace_lock_acquire+0x14e/0x1f0
[  182.978868][ T7303]  __sys_sendmmsg+0x2fa/0x420
[  182.978897][ T7303]  ? __pfx___sys_sendmmsg+0x10/0x10
[  182.978930][ T7303]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  182.978964][ T7303]  ? fput+0x67/0x440
[  182.978989][ T7303]  ? ksys_write+0x1ba/0x250
[  182.979009][ T7303]  ? __pfx_ksys_write+0x10/0x10
[  182.979031][ T7303]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  182.979050][ T7303]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  182.979073][ T7303]  __do_fast_syscall_32+0x73/0x120
[  182.979099][ T7303]  do_fast_syscall_32+0x32/0x80
[  182.979121][ T7303]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  183.039597][ T7303] RIP: 0023:0xf7eff579
[  183.049174][ T7303] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  183.067984][ T7303] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  183.101070][ T7303] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000200002c0
[  183.104732][ T7303] RDX: 000000000000009f RSI: 0000000000000000 RDI: 0000000000000000
[  183.107651][ T7303] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  183.111289][ T7303] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  183.115183][ T7303] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  183.118463][ T7303]  </TASK>
[  183.123718][ T7303] Zero length message leads to an empty skb
[  183.182533][  T907] usb 9-1: config 0 has no interfaces?
[  183.186712][  T907] usb 9-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 9.63
[  183.195310][  T907] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.198007][  T907] usb 9-1: Product: syz
[  183.199514][  T907] usb 9-1: Manufacturer: syz
[  183.204905][  T907] usb 9-1: SerialNumber: syz
[  183.232663][  T907] usb 9-1: config 0 descriptor??
[  183.270809][    T9] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  183.489463][    T9] usb 10-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  183.550663][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.607750][    T9] usb 10-1: config 0 descriptor??
[  183.614935][    T9] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input22
[  183.689445][  T907] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  183.883899][  T907] usb 5-1: Using ep0 maxpacket: 8
[  183.910991][  T907] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  183.919731][  T907] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  183.926540][  T907] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.013817][  T907] usb 5-1: config 0 descriptor??
[  184.199222][    T9] usb 10-1: USB disconnect, device number 8
[  184.234307][  T907] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  184.436881][ T7307] syz.0.279[7307] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  184.436922][ T7307] syz.0.279[7307] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  184.458887][ T7308] syz.0.279[7308] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  184.480408][ T7308] syz.0.279[7308] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  184.481939][  T907] usb 9-1: USB disconnect, device number 9
[  184.556735][ T5748] usb 5-1: USB disconnect, device number 6
[  184.633735][    C2] vkms_vblank_simulate: vblank timer overrun
[  184.689202][    C2] vkms_vblank_simulate: vblank timer overrun
[  185.242196][ T7326] 9pnet_virtio: no channels available for device syz
[  185.409194][    C2] vkms_vblank_simulate: vblank timer overrun
[  185.601245][    C2] vkms_vblank_simulate: vblank timer overrun
[  185.663348][    C2] vkms_vblank_simulate: vblank timer overrun
[  185.703946][    C2] vkms_vblank_simulate: vblank timer overrun
[  185.997273][    C2] vkms_vblank_simulate: vblank timer overrun
[  186.033476][ T7345] ax25_connect(): syz.1.289 uses autobind, please contact jreuter@yaina.de
[  186.037167][    C2] vkms_vblank_simulate: vblank timer overrun
[  186.164535][ T7346] ax25_connect(): syz.0.288 uses autobind, please contact jreuter@yaina.de
[  186.217193][    C2] vkms_vblank_simulate: vblank timer overrun
[  186.401224][    C2] vkms_vblank_simulate: vblank timer overrun
[  186.601144][    C2] vkms_vblank_simulate: vblank timer overrun
[  186.757288][    C2] vkms_vblank_simulate: vblank timer overrun
[  186.889191][    C2] vkms_vblank_simulate: vblank timer overrun
[  187.432877][ T7361] Cache volume key already in use (9p,syz,)
[  187.565512][ T7366] 9pnet_virtio: no channels available for device syz
[  187.698943][ T7370] overlay: Unknown parameter 'euid<00000000000000000000'
[  188.136169][ T7382] ax25_connect(): syz.4.301 uses autobind, please contact jreuter@yaina.de
[  188.245135][    C2] vkms_vblank_simulate: vblank timer overrun
[  188.823676][ T7388] netlink: 372 bytes leftover after parsing attributes in process `syz.4.303'.
[  188.828487][ T7388] FAULT_INJECTION: forcing a failure.
[  188.828487][ T7388] name failslab, interval 1, probability 0, space 0, times 0
[  188.838098][ T7388] CPU: 1 UID: 0 PID: 7388 Comm: syz.4.303 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  188.845349][ T7388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.861086][ T7388] Call Trace:
[  188.862379][ T7388]  <TASK>
[  188.863499][ T7388]  dump_stack_lvl+0x16c/0x1f0
[  188.865273][ T7388]  should_fail_ex+0x497/0x5b0
[  188.867028][ T7388]  should_failslab+0xc2/0x120
[  188.868788][ T7388]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  188.879397][ T7388]  ? skb_clone+0x190/0x3f0
[  188.881980][ T7388]  skb_clone+0x190/0x3f0
[  188.883910][ T7388]  netlink_deliver_tap+0xafd/0xca0
[  188.888472][ T7388]  netlink_dump+0x639/0xd00
[  188.891269][ T7388]  ? __pfx_netlink_dump+0x10/0x10
[  188.893680][ T7388]  ? __netlink_dump_start+0x154/0x980
[  188.900519][ T7388]  ? lock_acquire+0x2f/0xb0
[  188.903245][ T7388]  ? netlink_lookup+0x3d/0x270
[  188.908657][ T7388]  __netlink_dump_start+0x6d9/0x980
[  188.912146][ T7388]  ? nft_netlink_dump_start_rcu+0x63/0x1f0
[  188.914345][ T7388]  nft_netlink_dump_start_rcu+0x81/0x1f0
[  188.916809][ T7388]  nf_tables_getflowtable+0x6cf/0x830
[  188.920690][ T7388]  ? net_generic+0xea/0x2a0
[  188.923949][ T7388]  ? __pfx_nf_tables_getflowtable+0x10/0x10
[  188.928206][ T7388]  ? __pfx_nf_tables_dump_flowtable_start+0x10/0x10
[  188.932120][ T7388]  ? __pfx_nf_tables_dump_flowtable+0x10/0x10
[  188.936605][ T7388]  ? __pfx_nf_tables_dump_flowtable_done+0x10/0x10
[  188.941289][ T7388]  ? __nla_parse+0x40/0x60
[  188.945763][ T7388]  ? __pfx_nf_tables_getflowtable+0x10/0x10
[  188.953358][ T7388]  nfnetlink_rcv_msg+0x560/0x11e0
[  188.956796][   T39] audit: type=1804 audit(1736740430.962:462): pid=7386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.302" name="/newroot/35/file1" dev="fuse" ino=1 res=1 errno=0
[  188.957762][ T7388]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  188.981209][   T39] audit: type=1800 audit(1736740430.962:463): pid=7386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.302" name="/" dev="fuse" ino=1 res=0 errno=0
[  188.984849][ T7388]  ? find_held_lock+0x2d/0x110
[  189.011411][ T7388]  netlink_rcv_skb+0x165/0x410
[  189.014395][ T7388]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  189.017695][ T7388]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  189.020609][ T7388]  ? __pfx_aa_get_newest_label+0x10/0x10
[  189.023669][ T7388]  ? bpf_lsm_capable+0x9/0x10
[  189.027165][ T7388]  ? security_capable+0x7e/0x260
[  189.029758][ T7388]  ? ns_capable+0xd7/0x110
[  189.031444][ T7388]  nfnetlink_rcv+0x1b4/0x430
[  189.034534][ T7388]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  189.046252][ T7388]  ? netlink_deliver_tap+0x1ae/0xca0
[  189.048100][ T7388]  netlink_unicast+0x53c/0x7f0
[  189.049828][ T7388]  ? __pfx_netlink_unicast+0x10/0x10
[  189.051431][ T7388]  ? __phys_addr_symbol+0x30/0x80
[  189.052952][ T7388]  ? __check_object_size+0x488/0x710
[  189.071031][ T7388]  netlink_sendmsg+0x8b8/0xd70
[  189.072881][ T7388]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.076592][ T7388]  ____sys_sendmsg+0x9ae/0xb40
[  189.080545][ T7388]  ? __pfx_____sys_sendmsg+0x10/0x10
[  189.084034][ T7388]  ? get_compat_msghdr+0x11b/0x170
[  189.088045][ T7388]  ___sys_sendmsg+0x135/0x1e0
[  189.091914][ T7388]  ? __pfx____sys_sendmsg+0x10/0x10
[  189.096090][ T7388]  ? __pfx_lock_release+0x10/0x10
[  189.100465][ T7388]  ? trace_lock_acquire+0x14e/0x1f0
[  189.105488][ T7388]  ? __fget_files+0x206/0x3a0
[  189.108188][ T7388]  __sys_sendmsg+0x16e/0x220
[  189.111084][ T7388]  ? __pfx___sys_sendmsg+0x10/0x10
[  189.114339][ T7388]  __do_fast_syscall_32+0x73/0x120
[  189.117527][ T7388]  do_fast_syscall_32+0x32/0x80
[  189.120715][ T7388]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  189.124589][ T7388] RIP: 0023:0xf7fe4579
[  189.125974][   T39] audit: type=1804 audit(1736740431.132:464): pid=7391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.302" name="/newroot/35/file1" dev="fuse" ino=1 res=1 errno=0
[  189.126605][ T7388] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  189.137181][   T39] audit: type=1804 audit(1736740431.132:465): pid=7391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.302" name="/newroot/35/file1" dev="fuse" ino=1 res=1 errno=0
[  189.137220][   T39] audit: type=1800 audit(1736740431.132:466): pid=7391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.302" name="/" dev="fuse" ino=1 res=0 errno=0
[  189.179706][ T7388] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  189.183437][ T7388] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000280
[  189.187494][ T7388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  189.192272][ T7388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  189.197415][ T7388] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  189.202304][ T7388] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  189.207217][ T7388]  </TASK>
[  189.810253][ T7408] loop2: detected capacity change from 0 to 7
[  189.847178][ T7408] Dev loop2: unable to read RDB block 7
[  189.849915][ T7408]  loop2: unable to read partition table
[  189.857360][ T7408] loop2: partition table beyond EOD, truncated
[  189.878205][ T7408] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  190.204478][ T7415] ax25_connect(): syz.0.311 uses autobind, please contact jreuter@yaina.de
[  191.522023][ T7441] batman_adv: batadv0: Adding interface: dummy0
[  191.524772][ T7441] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.550572][ T7441] batman_adv: batadv0: Interface activated: dummy0
[  191.564567][ T7441] batadv0: mtu less than device minimum
[  191.568490][ T7441] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  191.575258][ T7441] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  191.602271][ T7441] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  191.607168][ T7441] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  191.612725][ T7441] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  191.630031][ T7441] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  191.635884][ T7441] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  191.658993][ T7441] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  191.669593][ T7441] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  191.722823][ T7445] FAULT_INJECTION: forcing a failure.
[  191.722823][ T7445] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  191.737056][ T7445] CPU: 2 UID: 0 PID: 7445 Comm: syz.5.318 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  191.737129][ T7444] FAULT_INJECTION: forcing a failure.
[  191.737129][ T7444] name failslab, interval 1, probability 0, space 0, times 0
[  191.744397][ T7445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.744510][ T7445] Call Trace:
[  191.744519][ T7445]  <TASK>
[  191.744527][ T7445]  dump_stack_lvl+0x16c/0x1f0
[  191.744557][ T7445]  should_fail_ex+0x497/0x5b0
[  191.744580][ T7445]  ? fs_reclaim_acquire+0xae/0x150
[  191.744602][ T7445]  should_fail_alloc_page+0xe7/0x130
[  191.744629][ T7445]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  191.744662][ T7445]  __alloc_pages_noprof+0x190/0x25b0
[  191.744690][ T7445]  ? hlock_class+0x4e/0x130
[  191.744713][ T7445]  ? __lock_acquire+0x15a9/0x3c40
[  191.744737][ T7445]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  191.744764][ T7445]  ? __pfx___lock_acquire+0x10/0x10
[  191.807884][ T7445]  ? lock_acquire.part.0+0x11b/0x380
[  191.811490][ T7445]  ? find_held_lock+0x2d/0x110
[  191.814741][ T7445]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  191.818633][ T7445]  ? policy_nodemask+0xea/0x4e0
[  191.821914][ T7445]  alloc_pages_mpol_noprof+0x2c9/0x610
[  191.825460][ T7445]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  191.831590][ T7445]  ? do_raw_spin_unlock+0x172/0x230
[  191.834934][ T7445]  ? _raw_spin_unlock+0x28/0x50
[  191.838132][ T7445]  ? swap_swapcount+0x13c/0x220
[  191.841236][ T7445]  ? __pfx_swap_swapcount+0x10/0x10
[  191.845074][ T7445]  folio_alloc_mpol_noprof+0x36/0xd0
[  191.848611][ T7445]  __read_swap_cache_async+0x50a/0x660
[  191.852231][ T7445]  ? __pfx___read_swap_cache_async+0x10/0x10
[  191.857201][ T7445]  ? __pfx_swp_swap_info+0x10/0x10
[  191.862881][ T7445]  ? __pfx_swp_swap_info+0x10/0x10
[  191.867736][ T7445]  ? mark_lock+0xb5/0xc60
[  191.871582][ T7445]  swap_cluster_readahead+0x3ec/0x740
[  191.875598][ T7445]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  191.879722][ T7445]  ? filemap_get_entry+0x1a8/0x3c0
[  191.883439][ T7445]  ? get_vma_policy+0x248/0x3c0
[  191.885646][ T7445]  swapin_readahead+0x12c/0xd60
[  191.887870][ T7445]  ? get_swap_device+0x362/0x5e0
[  191.889918][ T7445]  ? __pfx_swapin_readahead+0x10/0x10
[  191.893062][ T7445]  ? __filemap_get_folio+0x2a5/0xaf0
[  191.896367][ T7445]  ? swap_cache_get_folio+0x1e0/0x460
[  191.899785][ T7445]  ? get_swap_device+0x245/0x5e0
[  191.911204][ T7445]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  191.913512][ T7445]  do_swap_page+0x688/0x6420
[  191.915133][ T7445]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  191.917128][ T7445]  ? __pfx_do_swap_page+0x10/0x10
[  191.918892][ T7445]  ? rcu_is_watching+0x12/0xc0
[  191.930715][ T7445]  ? trace_lock_acquire+0x14e/0x1f0
[  191.932743][ T7445]  ? __pfx_default_wake_function+0x10/0x10
[  191.934966][ T7445]  ? lock_acquire+0x2f/0xb0
[  191.936970][ T7445]  ? ___pte_offset_map+0x42/0x540
[  191.939208][ T7445]  ? rcu_is_watching+0x12/0xc0
[  191.941252][ T7445]  ? ___pte_offset_map+0x1b9/0x540
[  191.944020][ T7445]  __handle_mm_fault+0x1055/0x2a40
[  191.944319][ T7450] ax25_connect(): syz.4.322 uses autobind, please contact jreuter@yaina.de
[  191.947013][ T7445]  ? __pfx___handle_mm_fault+0x10/0x10
[  191.947044][ T7445]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  191.973268][ T7445]  ? find_vma+0xc0/0x140
[  191.977087][ T7445]  ? __pfx_find_vma+0x10/0x10
[  191.980014][ T7445]  handle_mm_fault+0x3fa/0xaa0
[  191.983062][ T7445]  do_user_addr_fault+0x7a3/0x13f0
[  191.986418][ T7445]  exc_page_fault+0x5c/0xc0
[  191.989050][ T7445]  asm_exc_page_fault+0x26/0x30
[  191.992462][ T7445] RIP: 0010:_copy_to_iter+0x52a/0x1400
[  191.996080][ T7445] Code: e8 3b 50 02 fd 48 8b 4c 24 18 44 89 e6 48 8b 44 24 28 4c 8d 2c 01 4c 89 ef e8 92 be 64 fd 0f 01 cb 4c 89 e1 4c 89 f7 4c 89 ee <f3> a4 0f 1f 00 0f 01 ca 4c 89 e0 4d 29 e7 48 29 c8 49 01 cf 48 01
[  192.008859][ T7445] RSP: 0018:ffffc9000325fa00 EFLAGS: 00050246
[  192.011652][ T7445] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000acd
[  192.015077][ T7445] RDX: ffffed100d6981ca RSI: ffff88806b4c0380 RDI: 0000000020005000
[  192.018794][ T7445] RBP: ffffc9000325fc08 R08: 0000000000000000 R09: ffffed100d6981c9
[  192.023458][ T7445] R10: ffff88806b4c0e4c R11: 0000000000000000 R12: 0000000000000e4d
[  192.028626][ T7445] R13: ffff88806b4c0000 R14: 0000000020004c80 R15: 0000000000000e4d
[  192.034186][ T7445]  ? __pfx__copy_to_iter+0x10/0x10
[  192.036808][ T7445]  ? __virt_addr_valid+0x1a4/0x590
[  192.038666][ T7445]  ? __virt_addr_valid+0x5e/0x590
[  192.040578][ T7445]  ? __phys_addr_symbol+0x30/0x80
[  192.042671][ T7445]  ? __check_object_size+0x488/0x710
[  192.044805][ T7445]  seq_read_iter+0xd00/0x12b0
[  192.051181][ T7445]  seq_read+0x39f/0x4e0
[  192.052634][ T7445]  ? __pfx_seq_read+0x10/0x10
[  192.057225][ T7445]  ? __pfx_seq_read+0x10/0x10
[  192.059576][ T7445]  vfs_read+0x1df/0xbe0
[  192.062915][ T7445]  ? __fget_files+0x1fc/0x3a0
[  192.065493][ T7445]  ? __pfx___mutex_lock+0x10/0x10
[  192.068607][ T7445]  ? __pfx_vfs_read+0x10/0x10
[  192.071501][ T7445]  ? __fget_files+0x206/0x3a0
[  192.074635][ T7445]  ksys_read+0x12b/0x250
[  192.078510][ T7445]  ? __pfx_ksys_read+0x10/0x10
[  192.082764][ T7445]  __do_fast_syscall_32+0x73/0x120
[  192.085789][ T7445]  do_fast_syscall_32+0x32/0x80
[  192.088795][ T7445]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  192.093669][ T7445] RIP: 0023:0xf708e579
[  192.097022][ T7445] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  192.109061][ T7445] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  192.113457][ T7445] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020004c80
[  192.117348][ T7445] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  192.122705][ T7445] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  192.127764][ T7445] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  192.132101][ T7445] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  192.135583][ T7445]  </TASK>
[  192.137000][ T7444] CPU: 3 UID: 0 PID: 7444 Comm: syz.1.321 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  192.148420][ T7444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  192.154054][ T7444] Call Trace:
[  192.155653][ T7444]  <TASK>
[  192.157051][ T7444]  dump_stack_lvl+0x16c/0x1f0
[  192.159060][ T7444]  should_fail_ex+0x497/0x5b0
[  192.161092][ T7444]  ? fs_reclaim_acquire+0xae/0x150
[  192.163797][ T7444]  should_failslab+0xc2/0x120
[  192.165905][ T7444]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  192.169539][ T7444]  ? __alloc_skb+0x2b3/0x380
[  192.172258][ T7444]  __alloc_skb+0x2b3/0x380
[  192.175092][ T7444]  ? __pfx___alloc_skb+0x10/0x10
[  192.179139][ T7444]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  192.182077][ T7444]  netlink_ack+0x164/0xb20
[  192.184813][ T7444]  netlink_rcv_skb+0x327/0x410
[  192.187303][ T7444]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  192.189756][ T7444]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  192.192107][ T7444]  ? netlink_deliver_tap+0x1ae/0xca0
[  192.194545][ T7444]  netlink_unicast+0x53c/0x7f0
[  192.196606][ T7444]  ? __pfx_netlink_unicast+0x10/0x10
[  192.198658][ T7444]  ? __phys_addr_symbol+0x30/0x80
[  192.200584][ T7444]  ? __check_object_size+0x488/0x710
[  192.202941][ T7444]  netlink_sendmsg+0x8b8/0xd70
[  192.206136][ T7444]  ? __pfx_netlink_sendmsg+0x10/0x10
[  192.208523][ T7444]  ____sys_sendmsg+0x9ae/0xb40
[  192.210933][ T7444]  ? __pfx_____sys_sendmsg+0x10/0x10
[  192.213430][ T7444]  ? get_compat_msghdr+0x11b/0x170
[  192.215400][ T7444]  ___sys_sendmsg+0x135/0x1e0
[  192.217350][ T7444]  ? __pfx____sys_sendmsg+0x10/0x10
[  192.219741][ T7444]  ? __pfx_lock_release+0x10/0x10
[  192.224156][ T7444]  ? trace_lock_acquire+0x14e/0x1f0
[  192.226399][ T7444]  ? __fget_files+0x206/0x3a0
[  192.228373][ T7444]  __sys_sendmsg+0x16e/0x220
[  192.230713][ T7444]  ? __pfx___sys_sendmsg+0x10/0x10
[  192.233083][ T7444]  __do_fast_syscall_32+0x73/0x120
[  192.235261][ T7444]  do_fast_syscall_32+0x32/0x80
[  192.237209][ T7444]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  192.240014][ T7444] RIP: 0023:0xf7eff579
[  192.241860][ T7444] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  192.249976][ T7444] RSP: 002b:00000000f503555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  192.253403][ T7444] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000040
[  192.256571][ T7444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  192.259914][ T7444] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  192.263119][ T7444] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  192.266198][ T7444] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  192.269152][ T7444]  </TASK>
[  192.812118][   T63] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  192.980602][   T63] usb 6-1: Using ep0 maxpacket: 8
[  193.041855][ T7458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.116348][ T7458] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  193.657305][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  193.659641][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  194.270676][    T9] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  194.289583][ T7489] tipc: Started in network mode
[  194.291739][ T7489] tipc: Node identity aaaaaaaaaa2d, cluster identity 4711
[  194.294516][ T7489] tipc: Enabled bearer <eth:veth0_virt_wifi>, priority 10
[  194.473290][    T9] usb 9-1: Using ep0 maxpacket: 16
[  194.478441][    T9] usb 9-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  194.482373][    T9] usb 9-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  194.492426][    T9] usb 9-1: Product: syz
[  194.493975][    T9] usb 9-1: Manufacturer: syz
[  194.501592][    T9] usb 9-1: SerialNumber: syz
[  194.520865][    T9] usb 9-1: config 0 descriptor??
[  194.548400][   T63] usb 6-1: unable to get BOS descriptor or descriptor too short
[  194.559688][   T63] usb 6-1: unable to read config index 0 descriptor/start: -71
[  194.575577][   T63] usb 6-1: can't read configurations, error -71
[  194.732026][ T5744] usb 9-1: USB disconnect, device number 10
[  195.330158][   T30] tipc: Node number set to 8891050
[  195.390220][ T7503] ax25_connect(): syz.0.336 uses autobind, please contact jreuter@yaina.de
[  195.493978][ T7508] can0: slcan on ptm1.
[  195.960889][ T7505] can0 (unregistered): slcan off ptm1.
[  196.015309][ T7515] netlink: 4 bytes leftover after parsing attributes in process `syz.1.340'.
[  196.019518][ T7515] netlink: 4 bytes leftover after parsing attributes in process `syz.1.340'.
[  196.034974][ T7515] netlink: 4 bytes leftover after parsing attributes in process `syz.1.340'.
[  196.670721][   T63] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  196.843876][   T63] usb 10-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  196.848559][   T63] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.934375][   T63] usb 10-1: config 0 descriptor??
[  196.942897][   T63] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input23
[  196.968799][ T7536] syz.0.348 uses obsolete (PF_INET,SOCK_PACKET)
[  197.883051][ T7547] ax25_connect(): syz.1.350 uses autobind, please contact jreuter@yaina.de
[  198.035473][   T63] usb 10-1: USB disconnect, device number 9
[  198.244007][ T7551] syzkaller1: entered promiscuous mode
[  198.246497][ T7551] syzkaller1: entered allmulticast mode
[  198.506896][ T7555] nvme_fabrics: missing parameter 'transport=%s'
[  198.509577][ T7555] nvme_fabrics: missing parameter 'nqn=%s'
[  200.043808][ T7584] FAULT_INJECTION: forcing a failure.
[  200.043808][ T7584] name failslab, interval 1, probability 0, space 0, times 0
[  200.091429][ T7584] CPU: 0 UID: 0 PID: 7584 Comm: syz.5.362 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  200.129523][ T7584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  200.143162][ T7584] Call Trace:
[  200.145992][ T7584]  <TASK>
[  200.147483][ T7584]  dump_stack_lvl+0x16c/0x1f0
[  200.160849][ T7584]  should_fail_ex+0x497/0x5b0
[  200.163052][ T7584]  ? fs_reclaim_acquire+0xae/0x150
[  200.166107][ T7584]  should_failslab+0xc2/0x120
[  200.170382][ T7584]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  200.177753][ T7584]  ? skb_clone+0x190/0x3f0
[  200.179532][ T7584]  skb_clone+0x190/0x3f0
[  200.181277][ T7584]  nfnetlink_rcv_batch+0x1d9/0x24e0
[  200.183564][ T7584]  ? kasan_quarantine_put+0x10a/0x240
[  200.186336][ T7584]  ? kmem_cache_free+0x152/0x4c0
[  200.189310][ T7584]  ? kfree_skbmem+0x1a4/0x1f0
[  200.192339][ T7584]  ? find_held_lock+0x2d/0x110
[  200.210698][ T7584]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  200.214103][ T7584]  ? __pfx_lock_release+0x10/0x10
[  200.217341][ T7584]  ? __local_bh_enable_ip+0xa4/0x120
[  200.228527][ T7584]  ? lockdep_hardirqs_on+0x7c/0x110
[  200.232120][ T7584]  ? __pfx___dev_queue_xmit+0x10/0x10
[  200.234104][ T7584]  ? __nla_validate_parse+0x605/0x2b10
[  200.241660][ T7584]  ? __pfx_aa_get_newest_label+0x10/0x10
[  200.247813][ T7584]  ? __pfx___nla_validate_parse+0x10/0x10
[  200.255181][ T7584]  ? apparmor_capable+0x114/0x1d0
[  200.260818][ T7584]  ? __nla_parse+0x40/0x60
[  200.278662][ T7584]  nfnetlink_rcv+0x3c3/0x430
[  200.286255][ T7584]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  200.291790][ T7584]  netlink_unicast+0x53c/0x7f0
[  200.298962][ T7584]  ? __pfx_netlink_unicast+0x10/0x10
[  200.301835][ T7584]  ? __phys_addr_symbol+0x30/0x80
[  200.307347][ T7584]  ? __check_object_size+0x488/0x710
[  200.311718][ T7584]  netlink_sendmsg+0x8b8/0xd70
[  200.314301][ T7584]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.316930][ T7584]  ____sys_sendmsg+0x9ae/0xb40
[  200.319493][ T7584]  ? __pfx_____sys_sendmsg+0x10/0x10
[  200.322923][ T7584]  ? get_compat_msghdr+0x11b/0x170
[  200.325999][ T7584]  ___sys_sendmsg+0x135/0x1e0
[  200.328985][ T7584]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.331721][ T7584]  ? __pfx_lock_release+0x10/0x10
[  200.336334][ T7584]  ? trace_lock_acquire+0x14e/0x1f0
[  200.341010][ T7584]  ? __fget_files+0x206/0x3a0
[  200.345922][ T7584]  __sys_sendmsg+0x16e/0x220
[  200.348588][ T7584]  ? __pfx___sys_sendmsg+0x10/0x10
[  200.352399][ T7584]  __do_fast_syscall_32+0x73/0x120
[  200.355753][ T7584]  do_fast_syscall_32+0x32/0x80
[  200.361364][ T7584]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  200.366882][ T7584] RIP: 0023:0xf708e579
[  200.368937][ T7584] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  200.383388][ T7584] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  200.389392][ T7584] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000200000c0
[  200.411964][ T7584] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  200.419807][ T7584] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  200.448177][ T7584] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  200.472797][ T7584] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  200.482125][ T7584]  </TASK>
[  200.745707][   T39] audit: type=1804 audit(1736740442.752:467): pid=7596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.363" name="/newroot/79/file1" dev="fuse" ino=1 res=1 errno=0
[  200.793936][ T7588] syz.4.363: vmalloc error: size 12288, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  200.819772][ T7588] CPU: 3 UID: 0 PID: 7588 Comm: syz.4.363 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  200.824455][ T7588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  200.828752][ T7588] Call Trace:
[  200.830830][   T39] audit: type=1800 audit(1736740442.802:468): pid=7596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.363" name="/" dev="fuse" ino=1 res=0 errno=0
[  200.847308][ T7588]  <TASK>
[  200.847326][ T7588]  dump_stack_lvl+0x16c/0x1f0
[  200.847434][ T7588]  warn_alloc+0x24d/0x3a0
[  200.847502][ T7588]  ? __pfx_warn_alloc+0x10/0x10
[  200.847584][ T7588]  ? policy_nodemask+0xea/0x4e0
[  200.847609][ T7588]  ? alloc_pages_mpol_noprof+0x315/0x610
[  200.847626][ T7588]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  200.847642][ T7588]  ? trace_kmalloc+0x2d/0xd0
[  200.847655][ T7588]  ? __pfx___might_resched+0x10/0x10
[  200.847677][ T7588]  __vmalloc_node_range_noprof+0x12c0/0x1530
[  200.847704][ T7588]  ? kernel_clone+0xfd/0x960
[  200.847728][ T7588]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  200.847748][ T7588]  ? rcu_is_watching+0x12/0xc0
[  200.847767][ T7588]  ? trace_kmem_cache_alloc+0x2d/0xd0
[  200.847784][ T7588]  ? kmem_cache_alloc_node_noprof+0x219/0x3b0
[  200.847805][ T7588]  ? copy_process+0x49c/0x6f20
[  200.847824][ T7588]  ? kernel_clone+0xfd/0x960
[  200.847843][ T7588]  copy_process+0x29b3/0x6f20
[  200.847863][ T7588]  ? kernel_clone+0xfd/0x960
[  200.847885][ T7588]  ? get_pid_task+0xfc/0x250
[  200.847906][ T7588]  ? __pfx_lock_release+0x10/0x10
[  200.847920][ T7588]  ? trace_lock_acquire+0x14e/0x1f0
[  200.847947][ T7588]  ? __pfx_copy_process+0x10/0x10
[  200.847970][ T7588]  ? find_held_lock+0x2d/0x110
[  200.847994][ T7588]  kernel_clone+0xfd/0x960
[  200.848014][ T7588]  ? __pfx_kernel_clone+0x10/0x10
[  200.848042][ T7588]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  200.848069][ T7588]  __do_compat_sys_ia32_clone+0xb7/0x100
[  200.848096][ T7588]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  200.848141][ T7588]  __do_fast_syscall_32+0x73/0x120
[  200.848169][ T7588]  do_fast_syscall_32+0x32/0x80
[  200.848194][ T7588]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  200.848223][ T7588] RIP: 0023:0xf7fe4579
[  200.848240][ T7588] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  200.848260][ T7588] RSP: 002b:00000000f513650c EFLAGS: 00000202 ORIG_RAX: 0000000000000078
[  200.848280][ T7588] RAX: ffffffffffffffda RBX: 0000000000001000 RCX: 0000000000000000
[  200.848294][ T7588] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  200.848306][ T7588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  200.848319][ T7588] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  200.848331][ T7588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  200.848356][ T7588]  </TASK>
[  200.852790][ T7588] Mem-Info:
[  200.852804][ T7588] active_anon:11070 inactive_anon:188 isolated_anon:0
[  200.852804][ T7588]  active_file:15785 inactive_file:33404 isolated_file:0
[  200.852804][ T7588]  unevictable:1768 dirty:35 writeback:0
[  200.852804][ T7588]  slab_reclaimable:8360 slab_unreclaimable:57616
[  200.852804][ T7588]  mapped:27401 shmem:5362 pagetables:898
[  200.852804][ T7588]  sec_pagetables:298 bounce:0
[  200.852804][ T7588]  kernel_misc_reclaimable:0
[  200.852804][ T7588]  free:53222 free_pcp:1368 free_cma:0
[  200.852852][ T7588] Node 0 active_anon:4088kB inactive_anon:752kB active_file:12368kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:6616kB dirty:8kB writeback:0kB shmem:4948kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9744kB pagetables:952kB sec_pagetables:1152kB all_unreclaimable? yes
[  200.852896][ T7588] Node 1 active_anon:40192kB inactive_anon:0kB active_file:50772kB inactive_file:133616kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:102988kB dirty:132kB writeback:0kB shmem:16500kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:2940kB pagetables:2640kB sec_pagetables:40kB all_unreclaimable? no
[  200.852960][ T7588] Node 0 DMA free:2996kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:412kB inactive_anon:196kB active_file:500kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:536kB local_pcp:128kB free_cma:0kB
[  200.853011][ T7588] lowmem_reserve[]: 0 273 0 0 0
[  200.853046][ T7588] Node 0 DMA32 free:17676kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:3676kB inactive_anon:556kB active_file:11868kB inactive_file:0kB unevictable:3536kB writepending:8kB present:1032196kB managed:306300kB mlocked:0kB bounce:0kB free_pcp:1624kB local_pcp:32kB free_cma:0kB
[  200.853094][ T7588] lowmem_reserve[]: 0 0 0 0 0
[  200.853127][ T7588] Node 1 DMA32 free:192216kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:40192kB inactive_anon:0kB active_file:50772kB inactive_file:133616kB unevictable:3536kB writepending:132kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:3312kB local_pcp:1052kB free_cma:0kB
[  200.853175][ T7588] lowmem_reserve[]: 0 0 0 0 0
[  200.853211][ T7588] Node 0 DMA: 65*4kB (UM) 40*8kB (UME) 11*16kB (UM) 46*32kB (UME) 8*64kB (U) 2*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2996kB
[  200.853343][ T7588] Node 0 DMA32: 387*4kB (UMH) 38*8kB (UMEH) 17*16kB (UEH) 84*32kB (UMEH) 57*64kB (UME) 26*128kB (UE) 9*256kB (U) 5*512kB (UE) 1*1024kB (M) 0*2048kB 0*4096kB = 17676kB
[  200.853485][ T7588] Node 1 DMA32: 2*4kB (UM) 6*8kB (UE) 62*16kB (UME) 230*32kB (UM) 213*64kB (UME) 42*128kB (UME) 27*256kB (UME) 22*512kB (UM) 17*1024kB (ME) 15*2048kB (UME) 24*4096kB (UME) = 192024kB
[  200.853646][ T7588] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  200.853661][ T7588] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  200.853676][ T7588] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  200.853690][ T7588] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  200.853704][ T7588] 54551 total pagecache pages
[  200.853711][ T7588] 0 pages in swap cache
[  200.853717][ T7588] Free swap  = 124100kB
[  200.853724][ T7588] Total swap = 124996kB
[  200.853731][ T7588] 524155 pages RAM
[  200.853738][ T7588] 0 pages HighMem/MovableOnly
[  200.853745][ T7588] 206677 pages reserved
[  200.853751][ T7588] 0 pages cma reserved
[  200.884524][ T5961] Bluetooth: hci2: command 0x0406 tx timeout
[  200.941694][   T66] Bluetooth: hci3: command 0x0406 tx timeout
[  200.949363][   T39] audit: type=1804 audit(1736740442.802:469): pid=7588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.363" name="/newroot/79/file1" dev="fuse" ino=1 res=1 errno=0
[  201.251931][   T56] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  201.254148][   T39] audit: type=1804 audit(1736740442.802:470): pid=7588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.363" name="/newroot/79/file1" dev="fuse" ino=1 res=1 errno=0
[  201.281270][   T39] audit: type=1800 audit(1736740442.802:471): pid=7588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.363" name="/" dev="fuse" ino=1 res=0 errno=0
[  201.442034][   T56] usb 10-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  201.447715][   T56] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.498752][   T56] usb 10-1: config 0 descriptor??
[  201.515544][   T56] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input24
[  201.990680][ T7610] FAULT_INJECTION: forcing a failure.
[  201.990680][ T7610] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.011249][   T56] usb 10-1: USB disconnect, device number 10
[  202.026529][ T7610] CPU: 3 UID: 0 PID: 7610 Comm: syz.4.368 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  202.036561][ T7610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  202.042142][ T7610] Call Trace:
[  202.043943][ T7610]  <TASK>
[  202.047833][ T7610]  dump_stack_lvl+0x16c/0x1f0
[  202.057075][ T7610]  should_fail_ex+0x497/0x5b0
[  202.066564][ T7610]  _copy_from_user+0x2e/0xd0
[  202.069715][ T7610]  get_compat_msghdr+0xa8/0x170
[  202.081726][ T7610]  ? __pfx_get_compat_msghdr+0x10/0x10
[  202.086306][ T7610]  ___sys_sendmsg+0x1b0/0x1e0
[  202.088553][ T7610]  ? __pfx____sys_sendmsg+0x10/0x10
[  202.093993][ T7610]  ? trace_lock_acquire+0x14e/0x1f0
[  202.097810][ T7610]  __sys_sendmmsg+0x2fa/0x420
[  202.101013][ T7610]  ? __pfx___sys_sendmmsg+0x10/0x10
[  202.103753][ T7610]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  202.107742][ T7610]  ? fput+0x67/0x440
[  202.117633][ T7610]  ? ksys_write+0x1ba/0x250
[  202.119865][ T7610]  ? __pfx_ksys_write+0x10/0x10
[  202.135781][ T7610]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  202.140665][ T7610]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  202.147045][ T7610]  __do_fast_syscall_32+0x73/0x120
[  202.149201][ T7610]  do_fast_syscall_32+0x32/0x80
[  202.155274][ T7610]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  202.158696][ T7610] RIP: 0023:0xf7fe4579
[  202.171432][ T7610] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  202.179359][ T7610] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  202.191866][ T7610] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200bd000
[  202.195812][ T7610] RDX: 000000000800005d RSI: 0000000000004810 RDI: 0000000000000000
[  202.200345][ T7610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  202.210324][ T7610] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  202.231160][ T7610] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  202.235140][ T7610]  </TASK>
[  202.962937][ T7623] netlink: 20 bytes leftover after parsing attributes in process `syz.0.374'.
[  202.974114][    C1] vkms_vblank_simulate: vblank timer overrun
[  203.006035][ T7623] netlink: 28 bytes leftover after parsing attributes in process `syz.0.374'.
[  203.050132][   T39] audit: type=1800 audit(1736740445.052:472): pid=7623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.374" name="file0" dev="9p" ino=37749283 res=0 errno=0
[  203.800706][    C1] vkms_vblank_simulate: vblank timer overrun
[  204.480166][    C1] vkms_vblank_simulate: vblank timer overrun
[  204.495712][ T7638] ax25_connect(): syz.0.379 uses autobind, please contact jreuter@yaina.de
[  205.850581][   T63] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  206.092791][   T63] usb 10-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  206.097705][   T63] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.108073][   T63] usb 10-1: config 0 descriptor??
[  206.119425][   T63] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input25
[  206.345018][    C1] vkms_vblank_simulate: vblank timer overrun
[  207.047703][ T5744] usb 10-1: USB disconnect, device number 11
[  207.310693][ T7672] ax25_connect(): syz.0.390 uses autobind, please contact jreuter@yaina.de
[  207.728496][ T7677] netlink: 'syz.4.392': attribute type 3 has an invalid length.
[  207.744637][ T7677] netlink: 'syz.4.392': attribute type 3 has an invalid length.
[  207.920133][ T7683] netlink: 'syz.1.394': attribute type 3 has an invalid length.
[  207.943012][ T7683] netlink: 'syz.1.394': attribute type 3 has an invalid length.
[  208.761219][    C1] vkms_vblank_simulate: vblank timer overrun
[  208.915585][   T39] audit: type=1800 audit(1736740450.912:473): pid=7696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.399" name="/" dev="fuse" ino=1 res=0 errno=0
[  209.228578][ T7707] syzkaller1: entered promiscuous mode
[  209.284457][ T7707] syzkaller1: entered allmulticast mode
[  209.287045][ T7708] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  209.503470][ T7712] input: syz0 as /devices/virtual/input/input26
[  209.525251][    C1] vkms_vblank_simulate: vblank timer overrun
[  209.657416][   T39] audit: type=1326 audit(1736740451.662:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7719 comm="syz.5.405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  209.714399][   T39] audit: type=1326 audit(1736740451.692:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7719 comm="syz.5.405" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[  209.798278][   T39] audit: type=1326 audit(1736740451.692:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7719 comm="syz.5.405" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf708e579 code=0x7ffc0000
[  209.846459][   T39] audit: type=1326 audit(1736740451.692:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7719 comm="syz.5.405" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708e579 code=0x7ffc0000
[  209.885258][   T39] audit: type=1326 audit(1736740451.692:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7719 comm="syz.5.405" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf708e579 code=0x7ffc0000
[  209.898640][   T39] audit: type=1326 audit(1736740451.692:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7719 comm="syz.5.405" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf708e579 code=0x7ffc0000
[  209.900284][ T5748] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  209.958503][   T39] audit: type=1326 audit(1736740451.692:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7719 comm="syz.5.405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  209.984631][   T39] audit: type=1326 audit(1736740451.692:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7719 comm="syz.5.405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  210.025036][   T39] audit: type=1326 audit(1736740451.692:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7719 comm="syz.5.405" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf708e579 code=0x7ffc0000
[  210.083318][ T7724] FAULT_INJECTION: forcing a failure.
[  210.083318][ T7724] name failslab, interval 1, probability 0, space 0, times 0
[  210.088004][ T7724] CPU: 1 UID: 0 PID: 7724 Comm: syz.4.406 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  210.092890][ T7724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.098248][ T7724] Call Trace:
[  210.099989][ T7724]  <TASK>
[  210.102301][ T7724]  dump_stack_lvl+0x16c/0x1f0
[  210.104882][ T7724]  should_fail_ex+0x497/0x5b0
[  210.107137][ T7724]  ? fs_reclaim_acquire+0xae/0x150
[  210.109537][ T7724]  should_failslab+0xc2/0x120
[  210.112713][ T7724]  __kmalloc_noprof+0xce/0x4f0
[  210.115401][ T7724]  ? iovec_from_user.part.0+0xf3/0x130
[  210.118197][ T7724]  iovec_from_user.part.0+0xf3/0x130
[  210.120786][ T7724]  __import_iovec+0xd6/0x6d0
[  210.123244][ T7724]  ? __lock_acquire+0xcc5/0x3c40
[  210.126342][ T7724]  import_iovec+0x108/0x140
[  210.128614][ T7724]  vfs_writev+0x198/0xdd0
[  210.130758][ T7724]  ? find_held_lock+0x2d/0x110
[  210.132440][ T7724]  ? __pfx_vfs_writev+0x10/0x10
[  210.134149][ T7724]  ? find_held_lock+0x2d/0x110
[  210.137431][ T7724]  ? __pfx_lock_release+0x10/0x10
[  210.141432][ T7724]  ? trace_lock_acquire+0x14e/0x1f0
[  210.145284][ T7724]  ? __fget_files+0x206/0x3a0
[  210.148639][ T7724]  ? do_writev+0x133/0x340
[  210.154095][ T7724]  do_writev+0x133/0x340
[  210.157200][ T7724]  ? __pfx_do_writev+0x10/0x10
[  210.168949][ T7724]  __do_fast_syscall_32+0x73/0x120
[  210.174553][ T7724]  do_fast_syscall_32+0x32/0x80
[  210.179997][ T7724]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  210.185287][ T7724] RIP: 0023:0xf7fe4579
[  210.189750][ T7724] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  210.227912][ T7724] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  210.233117][ T7724] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  210.237285][ T7724] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000000
[  210.242393][ T7724] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  210.247981][ T7724] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  210.253082][ T7724] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  210.258661][ T7724]  </TASK>
[  210.260652][    C1] vkms_vblank_simulate: vblank timer overrun
[  210.263032][ T5748] usb 6-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  210.269416][ T5748] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.281141][ T5748] usb 6-1: config 0 descriptor??
[  210.310683][ T5748] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input27
[  210.385505][ T7728] ax25_connect(): syz.4.407 uses autobind, please contact jreuter@yaina.de
[  210.468933][    C1] vkms_vblank_simulate: vblank timer overrun
[  210.744953][    C1] vkms_vblank_simulate: vblank timer overrun
[  211.053064][    C1] vkms_vblank_simulate: vblank timer overrun
[  211.126613][   T63] usb 6-1: USB disconnect, device number 9
[  212.127298][ T7746] FAULT_INJECTION: forcing a failure.
[  212.127298][ T7746] name failslab, interval 1, probability 0, space 0, times 0
[  212.134873][ T7746] CPU: 0 UID: 0 PID: 7746 Comm: syz.5.412 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  212.139675][ T7746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.144189][ T7746] Call Trace:
[  212.145628][ T7746]  <TASK>
[  212.146718][ T7746]  dump_stack_lvl+0x16c/0x1f0
[  212.148360][ T7746]  should_fail_ex+0x497/0x5b0
[  212.151006][ T7746]  ? find_held_lock+0x2d/0x110
[  212.154212][ T7746]  should_failslab+0xc2/0x120
[  212.156556][ T7746]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  212.158775][ T7746]  ? __pfx_lock_release+0x10/0x10
[  212.161165][ T7746]  ? dst_alloc+0x99/0x1a0
[  212.163176][ T7746]  ? __pfx_ip6_dst_gc+0x10/0x10
[  212.165924][ T7746]  dst_alloc+0x99/0x1a0
[  212.168549][ T7746]  ip6_dst_alloc+0x2c/0xa0
[  212.170859][ T7746]  icmp6_dst_alloc+0x70/0x490
[  212.173016][ T7746]  ndisc_send_skb+0x12b1/0x1c50
[  212.175098][ T7746]  ? __pfx_ndisc_send_skb+0x10/0x10
[  212.177230][ T7746]  ? __build_skb_around+0x278/0x3b0
[  212.179175][ T7746]  ? skb_set_owner_w+0x320/0x710
[  212.181560][ T7746]  ? __pfx_ipv6_get_ifaddr+0x10/0x10
[  212.184483][ T7746]  ? skb_put+0x138/0x1b0
[  212.186179][ T7746]  ndisc_send_rs+0x129/0x670
[  212.187978][ T7746]  inet6_set_link_af+0x93b/0xe40
[  212.190048][ T7746]  ? __pfx_inet6_set_link_af+0x10/0x10
[  212.191896][ T7746]  ? rtnl_af_lookup+0x19c/0x330
[  212.193569][ T7746]  ? lock_acquire+0x2f/0xb0
[  212.195352][ T7746]  ? rtnl_af_lookup+0x130/0x330
[  212.197495][ T7746]  ? do_setlink.constprop.0+0x298d/0x3f20
[  212.199611][ T7746]  do_setlink.constprop.0+0x298d/0x3f20
[  212.201761][ T7746]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  212.204811][ T7746]  ? synchronize_rcu_expedited+0x426/0x450
[  212.207512][ T7746]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  212.219372][ T7746]  ? __pfx_autoremove_wake_function+0x10/0x10
[  212.221731][ T7746]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  212.223934][ T7746]  ? __pfx___might_resched+0x10/0x10
[  212.226175][ T7746]  ? synchronize_net+0x3e/0x60
[  212.228475][ T7746]  ? geneve_changelink+0x52d/0x9e0
[  212.230983][ T7746]  ? __pfx_geneve_changelink+0x10/0x10
[  212.234724][ T7746]  ? __pfx___mutex_lock+0x10/0x10
[  212.237753][ T7746]  ? netlink_ns_capable+0xfa/0x130
[  212.239857][ T7746]  rtnl_newlink+0x131c/0x1d70
[  212.241403][ T7746]  ? __pfx_rtnl_newlink+0x10/0x10
[  212.243513][ T7746]  ? __pfx___lock_acquire+0x10/0x10
[  212.246393][ T7746]  ? kmem_cache_free+0x152/0x4c0
[  212.248735][ T7746]  ? aa_get_newest_label+0x376/0x680
[  212.266045][ T7746]  ? find_held_lock+0x2d/0x110
[  212.267789][ T7746]  ? find_held_lock+0x2d/0x110
[  212.269669][ T7746]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  212.271604][ T7746]  ? __pfx_lock_release+0x10/0x10
[  212.273571][ T7746]  ? trace_lock_acquire+0x14e/0x1f0
[  212.275771][ T7746]  ? __pfx_rtnl_newlink+0x10/0x10
[  212.277877][ T7746]  rtnetlink_rcv_msg+0x95b/0xea0
[  212.284693][ T7746]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  212.286957][ T7746]  ? __pfx___dev_queue_xmit+0x10/0x10
[  212.289098][ T7746]  netlink_rcv_skb+0x165/0x410
[  212.308673][ T7746]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  212.310873][ T7746]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  212.313009][ T7746]  ? netlink_deliver_tap+0x1ae/0xca0
[  212.315121][ T7746]  netlink_unicast+0x53c/0x7f0
[  212.317166][ T7746]  ? __pfx_netlink_unicast+0x10/0x10
[  212.319346][ T7746]  ? __phys_addr_symbol+0x30/0x80
[  212.321204][ T7746]  ? __check_object_size+0x488/0x710
[  212.323411][ T7746]  netlink_sendmsg+0x8b8/0xd70
[  212.337063][ T7746]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.339248][ T7746]  ____sys_sendmsg+0x9ae/0xb40
[  212.345865][ T7746]  ? __pfx_____sys_sendmsg+0x10/0x10
[  212.348185][ T7746]  ? get_compat_msghdr+0x11b/0x170
[  212.363789][ T7746]  ___sys_sendmsg+0x135/0x1e0
[  212.367004][ T7746]  ? __pfx____sys_sendmsg+0x10/0x10
[  212.370979][ T7746]  ? __pfx_lock_release+0x10/0x10
[  212.375108][ T7746]  ? trace_lock_acquire+0x14e/0x1f0
[  212.378864][ T7746]  ? __fget_files+0x206/0x3a0
[  212.382513][ T7746]  __sys_sendmsg+0x16e/0x220
[  212.385339][ T7746]  ? __pfx___sys_sendmsg+0x10/0x10
[  212.388477][ T7746]  __do_fast_syscall_32+0x73/0x120
[  212.391609][ T7746]  do_fast_syscall_32+0x32/0x80
[  212.394514][ T7746]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  212.397811][ T7746] RIP: 0023:0xf708e579
[  212.399706][ T7746] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  212.410684][ T7746] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  212.415583][ T7746] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  212.420738][ T7746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  212.425724][ T7746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  212.431999][ T7746] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  212.434982][ T7746] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.438108][ T7746]  </TASK>
[  212.669645][ T7764] ax25_connect(): syz.1.417 uses autobind, please contact jreuter@yaina.de
[  213.023061][ T5958] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  213.034235][ T5958] Bluetooth: hci0: Injecting HCI hardware error event
[  213.046567][ T5958] Bluetooth: hci0: hardware error 0x00
[  214.270590][ T7801] block nbd5: shutting down sockets
[  214.750892][ T5995] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  214.918426][ T5995] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  214.923947][ T5995] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.931801][ T5995] usb 5-1: config 0 descriptor??
[  214.957970][ T5995] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input28
[  215.197284][ T5958] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  215.527070][ T7823] FAULT_INJECTION: forcing a failure.
[  215.527070][ T7823] name failslab, interval 1, probability 0, space 0, times 0
[  215.537685][ T7823] CPU: 0 UID: 0 PID: 7823 Comm: syz.5.426 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  215.549994][ T7823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.575344][ T7823] Call Trace:
[  215.577477][ T7823]  <TASK>
[  215.581484][ T7823]  dump_stack_lvl+0x16c/0x1f0
[  215.587082][ T7823]  should_fail_ex+0x497/0x5b0
[  215.590845][ T7823]  ? fs_reclaim_acquire+0xae/0x150
[  215.604272][ T7823]  should_failslab+0xc2/0x120
[  215.607849][ T7823]  __kmalloc_noprof+0xce/0x4f0
[  215.610867][ T7823]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  215.614431][ T7823]  ? tomoyo_realpath_from_path+0xbf/0x710
[  215.631916][ T7823]  tomoyo_realpath_from_path+0xbf/0x710
[  215.635602][ T7823]  ? tomoyo_path_number_perm+0x235/0x5b0
[  215.638990][ T7823]  tomoyo_path_number_perm+0x248/0x5b0
[  215.644421][ T7823]  ? tomoyo_path_number_perm+0x235/0x5b0
[  215.649032][ T7823]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  215.652602][ T7823]  ? __pfx_lock_release+0x10/0x10
[  215.668691][ T7823]  ? trace_lock_acquire+0x14e/0x1f0
[  215.671981][ T7823]  ? lock_acquire+0x2f/0xb0
[  215.675590][ T7823]  ? __fget_files+0x40/0x3a0
[  215.704887][ T7823]  ? __fget_files+0x206/0x3a0
[  215.707319][ T7823]  security_file_ioctl_compat+0x9b/0x240
[  215.709609][ T7823]  __do_compat_sys_ioctl+0x4e/0x2c0
[  215.712518][ T7823]  __do_fast_syscall_32+0x73/0x120
[  215.714683][ T7823]  do_fast_syscall_32+0x32/0x80
[  215.718615][ T7823]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.722526][ T7823] RIP: 0023:0xf708e579
[  215.724524][ T7823] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  215.751293][ T7823] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  215.755404][ T7823] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008b1a
[  215.781224][ T7823] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  215.783919][ T7823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  215.790719][ T7823] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  215.794013][ T7823] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.799255][ T7823]  </TASK>
[  215.801358][ T7823] ERROR: Out of memory at tomoyo_realpath_from_path.
[  215.907767][   T56] usb 5-1: USB disconnect, device number 7
[  215.965951][ T7820] warning: `syz.4.425' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  216.234061][ T7842] ax25_connect(): syz.4.428 uses autobind, please contact jreuter@yaina.de
[  216.269656][ T7845] befs: (nullb0): No write support. Marking filesystem read-only
[  216.275477][ T7845] befs: (nullb0): invalid magic header
[  216.564759][ T7855] FAULT_INJECTION: forcing a failure.
[  216.564759][ T7855] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.571409][ T7855] CPU: 3 UID: 0 PID: 7855 Comm: syz.0.430 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  216.575865][ T7855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.581135][ T7855] Call Trace:
[  216.583054][ T7855]  <TASK>
[  216.584824][ T7855]  dump_stack_lvl+0x16c/0x1f0
[  216.587537][ T7855]  should_fail_ex+0x497/0x5b0
[  216.591430][ T7855]  _copy_from_user+0x2e/0xd0
[  216.594874][ T7855]  ? __pfx_drm_mode_dirtyfb_ioctl+0x10/0x10
[  216.601435][ T7855]  drm_ioctl+0x4fc/0xba0
[  216.606228][ T7855]  ? __pfx_drm_ioctl+0x10/0x10
[  216.609050][ T7855]  drm_compat_ioctl+0x327/0x460
[  216.611817][ T7855]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  216.614827][ T7855]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  216.617887][ T7855]  __do_fast_syscall_32+0x73/0x120
[  216.620892][ T7855]  do_fast_syscall_32+0x32/0x80
[  216.630458][ T7855]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.639147][ T7855] RIP: 0023:0xf7fc4579
[  216.641475][ T7855] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.660098][ T7855] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  216.667258][ T7855] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c01864b1
[  216.676564][ T7855] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  216.680025][ T7855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.682613][ T7855] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.693226][ T7855] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.700971][ T7855]  </TASK>
[  217.949045][ T5995] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  218.113109][ T5995] usb 9-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  218.115059][ T7899] ax25_connect(): syz.5.443 uses autobind, please contact jreuter@yaina.de
[  218.118399][ T5995] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.142805][ T7901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.440'.
[  218.154419][ T5995] usb 9-1: config 0 descriptor??
[  218.230178][ T5995] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input29
[  218.557080][ T6020] usb 9-1: USB disconnect, device number 11
[  218.969414][ T7903] FAULT_INJECTION: forcing a failure.
[  218.969414][ T7903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.977079][ T7903] CPU: 1 UID: 0 PID: 7903 Comm: syz.0.445 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  218.989578][ T7903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  219.004838][ T7903] Call Trace:
[  219.006145][ T7903]  <TASK>
[  219.007393][ T7903]  dump_stack_lvl+0x16c/0x1f0
[  219.009389][ T7903]  should_fail_ex+0x497/0x5b0
[  219.011976][ T7903]  _copy_to_user+0x32/0xd0
[  219.014349][ T7903]  simple_read_from_buffer+0xd0/0x160
[  219.018058][ T7903]  proc_fail_nth_read+0x198/0x270
[  219.029666][ T7903]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  219.035972][ T7903]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  219.039110][ T7903]  vfs_read+0x1df/0xbe0
[  219.044185][ T7903]  ? __fget_files+0x1fc/0x3a0
[  219.047277][ T7903]  ? __pfx___mutex_lock+0x10/0x10
[  219.050455][ T7903]  ? __pfx_vfs_read+0x10/0x10
[  219.053596][ T7903]  ? __fget_files+0x206/0x3a0
[  219.056926][ T7903]  ksys_read+0x12b/0x250
[  219.059967][ T7903]  ? __pfx_ksys_read+0x10/0x10
[  219.063137][ T7903]  __do_fast_syscall_32+0x73/0x120
[  219.066220][ T7903]  do_fast_syscall_32+0x32/0x80
[  219.069187][ T7903]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  219.072813][ T7903] RIP: 0023:0xf7fc4579
[  219.075904][ T7903] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  219.091501][ T7903] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  219.097732][ T7903] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5116620
[  219.103804][ T7903] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000
[  219.108975][ T7903] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  219.114370][ T7903] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  219.120112][ T7903] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  219.125006][ T7903]  </TASK>
[  219.618548][ T7917] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  219.627944][ T7917] overlay: filesystem on ./bus not supported as upperdir
[  219.751472][ T7917] netlink: 28 bytes leftover after parsing attributes in process `syz.5.451'.
[  219.760307][ T7917] netlink: 28 bytes leftover after parsing attributes in process `syz.5.451'.
[  220.529854][ T7924] netlink: 200 bytes leftover after parsing attributes in process `syz.5.452'.
[  220.570150][ T7924] ax25_connect(): syz.5.452 uses autobind, please contact jreuter@yaina.de
[  220.820133][ T7939] FAULT_INJECTION: forcing a failure.
[  220.820133][ T7939] name failslab, interval 1, probability 0, space 0, times 0
[  220.845096][ T7939] CPU: 2 UID: 0 PID: 7939 Comm: syz.1.457 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  220.849986][ T7939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  220.859966][ T7939] Call Trace:
[  220.861697][ T7939]  <TASK>
[  220.865027][ T7939]  dump_stack_lvl+0x16c/0x1f0
[  220.866801][ T7939]  should_fail_ex+0x497/0x5b0
[  220.868908][ T7939]  ? fs_reclaim_acquire+0xae/0x150
[  220.871401][ T7939]  should_failslab+0xc2/0x120
[  220.874737][ T7939]  __kmalloc_noprof+0xce/0x4f0
[  220.878638][ T7939]  ? __pfx_d_absolute_path+0x10/0x10
[  220.881615][ T7939]  ? tomoyo_encode2+0x100/0x3e0
[  220.884033][ T7939]  tomoyo_encode2+0x100/0x3e0
[  220.887856][ T7939]  tomoyo_realpath_from_path+0x1a7/0x710
[  220.890537][ T7939]  tomoyo_mount_acl+0x1af/0x880
[  220.892949][ T7939]  ? hlock_class+0x4e/0x130
[  220.895158][ T7939]  ? __lock_acquire+0x15a9/0x3c40
[  220.897546][ T7939]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  220.900349][ T7939]  ? __pfx___lock_acquire+0x10/0x10
[  220.903653][ T7939]  ? stack_trace_save+0x95/0xd0
[  220.906573][ T7939]  ? __pfx_lock_release+0x10/0x10
[  220.909569][ T7939]  ? trace_lock_acquire+0x14e/0x1f0
[  220.913686][ T7939]  ? tomoyo_mount_permission+0x149/0x420
[  220.920594][ T7939]  ? lock_acquire+0x2f/0xb0
[  220.924304][ T7939]  ? tomoyo_mount_permission+0x149/0x420
[  220.938447][ T7939]  tomoyo_mount_permission+0x16e/0x420
[  220.945231][ T7939]  ? tomoyo_mount_permission+0x149/0x420
[  220.949619][ T7939]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  220.952922][ T7939]  ? get_current_fs_domain+0x184/0x1f0
[  220.954831][ T7939]  security_sb_mount+0x9b/0x260
[  220.956624][ T7939]  path_mount+0x129/0x1f00
[  220.958205][ T7939]  ? kmem_cache_free+0x152/0x4c0
[  220.971194][ T7939]  ? __pfx_path_mount+0x10/0x10
[  220.972898][ T7939]  ? putname+0x13c/0x180
[  220.974449][ T7939]  __ia32_sys_mount+0x292/0x310
[  220.976217][ T7939]  ? __pfx___ia32_sys_mount+0x10/0x10
[  220.978135][ T7939]  __do_fast_syscall_32+0x73/0x120
[  220.985023][ T7939]  do_fast_syscall_32+0x32/0x80
[  220.986823][ T7939]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.009174][ T7939] RIP: 0023:0xf7eff579
[  221.010797][ T7939] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.017231][ T7939] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  221.033989][ T7939] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000040
[  221.037787][ T7939] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000480
[  221.041174][ T7939] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.043781][ T7939] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  221.046915][ T7939] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.065686][ T7939]  </TASK>
[  221.085111][ T7939] ERROR: Out of memory at tomoyo_realpath_from_path.
[  221.514614][ T7949] input: syz0 as /devices/virtual/input/input30
[  221.660593][ T5995] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  221.935968][ T5995] usb 6-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  221.967916][ T5995] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.976613][ T7959] FAULT_INJECTION: forcing a failure.
[  221.976613][ T7959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.985881][ T7959] CPU: 0 UID: 0 PID: 7959 Comm: syz.4.464 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  221.991034][ T5995] usb 6-1: config 0 descriptor??
[  221.995235][ T7959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.995253][ T7959] Call Trace:
[  221.995261][ T7959]  <TASK>
[  221.995268][ T7959]  dump_stack_lvl+0x16c/0x1f0
[  221.995573][ T7959]  should_fail_ex+0x497/0x5b0
[  221.995598][ T7959]  _copy_from_user+0x2e/0xd0
[  221.995623][ T7959]  copy_from_buffer+0x86/0xb0
[  221.995998][ T7959]  copy_uabi_to_xstate+0x26e/0x670
[  221.996030][ T7959]  ? __pfx_copy_uabi_to_xstate+0x10/0x10
[  221.996336][ T7959]  ? __pfx_lock_release+0x10/0x10
[  221.996355][ T7959]  ? trace_lock_acquire+0x14e/0x1f0
[  221.996386][ T7959]  ? __local_bh_enable_ip+0xa4/0x120
[  221.996693][ T7959]  __fpu_restore_sig+0x1062/0x1430
[  221.996723][ T7959]  ? __pfx___fpu_restore_sig+0x10/0x10
[  221.997044][ T7959]  ? lock_acquire+0x2f/0xb0
[  221.997062][ T7959]  ? __might_fault+0xe3/0x190
[  221.997373][ T7959]  fpu__restore_sig+0x113/0x190
[  221.997404][ T7959]  ia32_restore_sigcontext+0x40f/0x5d0
[  221.997424][ T7959]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  221.997729][ T7959]  ? __pfx_lock_release+0x10/0x10
[  221.997756][ T7959]  ? _raw_spin_unlock_irq+0x23/0x50
[  221.997777][ T7959]  ? lockdep_hardirqs_on+0x7c/0x110
[  221.998083][ T7959]  __do_compat_sys_rt_sigreturn+0x121/0x1f0
[  221.998107][ T7959]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  221.998136][ T7959]  do_int80_emulation+0x104/0x200
[  221.998443][ T7959]  asm_int80_emulation+0x1a/0x20
[  221.998467][ T7959] RIP: 0023:0xf7fe4577
[  221.998484][ T7959] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  221.998780][ T7959] RSP: 002b:00000000f513655c EFLAGS: 00000296
[  221.998798][ T7959] RAX: 0000000000000091 RBX: 0000000000000004 RCX: 0000000020000300
[  221.998811][ T7959] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  221.998823][ T7959] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.998834][ T7959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  221.999130][ T7959] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.999154][ T7959]  </TASK>
[  222.061911][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.228866][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.286293][ T5995] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input31
[  222.472306][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.697793][ T5744] usb 6-1: USB disconnect, device number 10
[  222.759789][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.879311][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.893185][ T7973] netlink: 200 bytes leftover after parsing attributes in process `syz.5.468'.
[  222.900256][ T7973] ax25_connect(): syz.5.468 uses autobind, please contact jreuter@yaina.de
[  223.012793][    C1] vkms_vblank_simulate: vblank timer overrun
[  223.329871][    C1] vkms_vblank_simulate: vblank timer overrun
[  223.398854][    C1] vkms_vblank_simulate: vblank timer overrun
[  223.561457][    C1] vkms_vblank_simulate: vblank timer overrun
[  223.965686][ T7986] Bluetooth: MGMT ver 1.23
[  223.972196][ T7986] FAULT_INJECTION: forcing a failure.
[  223.972196][ T7986] name failslab, interval 1, probability 0, space 0, times 0
[  223.978702][ T7986] CPU: 3 UID: 0 PID: 7986 Comm: syz.1.473 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  223.988101][ T7986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  223.992332][ T7986] Call Trace:
[  223.993565][ T7986]  <TASK>
[  224.011459][ T7986]  dump_stack_lvl+0x16c/0x1f0
[  224.013942][ T7986]  should_fail_ex+0x497/0x5b0
[  224.016412][ T7986]  should_failslab+0xc2/0x120
[  224.018897][ T7986]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  224.022035][ T7986]  ? __alloc_skb+0x2b3/0x380
[  224.031992][ T7986]  __alloc_skb+0x2b3/0x380
[  224.034343][ T7986]  ? __pfx___alloc_skb+0x10/0x10
[  224.036910][ T7986]  ? __alloc_skb+0x200/0x380
[  224.039291][ T7986]  ? __pfx___alloc_skb+0x10/0x10
[  224.048260][ T7986]  create_monitor_ctrl_event+0x3b/0x460
[  224.051090][ T7986]  mgmt_cmd_complete+0x2d1/0x540
[  224.057734][ T7986]  read_adv_mon_features+0x32a/0x4b0
[  224.060743][ T7986]  ? __pfx_read_adv_mon_features+0x10/0x10
[  224.064753][ T7986]  ? do_init_timer+0xc9/0x110
[  224.068756][ T7986]  ? __pfx_mgmt_init_hdev+0x10/0x10
[  224.071455][ T7986]  hci_sock_sendmsg+0x1528/0x25e0
[  224.074668][ T7986]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  224.077787][ T7986]  sock_write_iter+0x4fe/0x5b0
[  224.081415][ T7986]  ? __pfx_sock_write_iter+0x10/0x10
[  224.086132][ T7986]  ? bpf_lsm_file_permission+0x9/0x10
[  224.091030][ T7986]  ? security_file_permission+0x71/0x210
[  224.095901][ T7986]  vfs_write+0x5ae/0x1150
[  224.099346][ T7986]  ? __pfx_sock_write_iter+0x10/0x10
[  224.103376][ T7986]  ? __pfx_vfs_write+0x10/0x10
[  224.107380][ T7986]  ? __fget_files+0x40/0x3a0
[  224.110968][ T7986]  ksys_write+0x207/0x250
[  224.114405][ T7986]  ? __pfx_ksys_write+0x10/0x10
[  224.118254][ T7986]  __do_fast_syscall_32+0x73/0x120
[  224.121680][ T7986]  do_fast_syscall_32+0x32/0x80
[  224.124664][ T7986]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  224.128489][ T7986] RIP: 0023:0xf7eff579
[  224.130727][ T7986] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  224.140970][ T7986] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  224.146000][ T7986] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000200000c0
[  224.150976][ T7986] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000
[  224.155890][ T7986] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  224.160814][ T7986] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  224.165563][ T7986] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  224.170330][ T7986]  </TASK>
[  224.423778][ T7996] netlink: 56 bytes leftover after parsing attributes in process `syz.4.474'.
[  224.637579][    C1] vkms_vblank_simulate: vblank timer overrun
[  224.811561][    C1] vkms_vblank_simulate: vblank timer overrun
[  225.119299][ T8008] FAULT_INJECTION: forcing a failure.
[  225.119299][ T8008] name failslab, interval 1, probability 0, space 0, times 0
[  225.145071][ T8008] CPU: 3 UID: 0 PID: 8008 Comm: syz.0.480 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  225.166033][ T8008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.169663][ T8008] Call Trace:
[  225.170883][ T8008]  <TASK>
[  225.171950][ T8008]  dump_stack_lvl+0x16c/0x1f0
[  225.176939][ T8008]  should_fail_ex+0x497/0x5b0
[  225.179463][ T8008]  ? fs_reclaim_acquire+0xae/0x150
[  225.191253][ T8008]  should_failslab+0xc2/0x120
[  225.193258][ T8008]  __kmalloc_cache_noprof+0x68/0x420
[  225.196508][ T8008]  ? trace_lock_acquire+0x14e/0x1f0
[  225.199824][ T8008]  alloc_pipe_info+0x10e/0x590
[  225.212249][ T8008]  splice_direct_to_actor+0x793/0xa40
[  225.214921][ T8008]  ? __pfx_direct_splice_actor+0x10/0x10
[  225.217760][ T8008]  ? __pfx_aa_file_perm+0x10/0x10
[  225.220260][ T8008]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  225.222525][ T8008]  ? __fget_files+0x1fc/0x3a0
[  225.224269][ T8008]  do_splice_direct+0x178/0x250
[  225.226141][ T8008]  ? __pfx_do_splice_direct+0x10/0x10
[  225.228160][ T8008]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  225.246021][ T8008]  do_sendfile+0xaed/0xe30
[  225.248769][ T8008]  ? __pfx_do_sendfile+0x10/0x10
[  225.251886][ T8008]  ? lock_acquire+0x2f/0xb0
[  225.254516][ T8008]  ? __might_fault+0xe3/0x190
[  225.273880][ T8008]  __ia32_compat_sys_sendfile+0x163/0x230
[  225.276570][ T8008]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  225.280316][ T8008]  __do_fast_syscall_32+0x73/0x120
[  225.282329][ T8008]  do_fast_syscall_32+0x32/0x80
[  225.284085][ T8008]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  225.287160][ T8008] RIP: 0023:0xf7fc4579
[  225.289399][ T8008] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  225.322098][ T8008] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  225.327432][ T8008] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000003
[  225.340296][ T8008] RDX: 0000000020002080 RSI: 00000000003fffff RDI: 0000000000000000
[  225.345257][ T8008] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  225.350413][ T8008] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  225.364037][ T8008] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  225.369028][ T8008]  </TASK>
[  225.428862][    C1] vkms_vblank_simulate: vblank timer overrun
[  225.430716][ T6020] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  225.603917][ T6020] usb 10-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  225.607328][ T6020] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.612812][ T8016] netlink: 200 bytes leftover after parsing attributes in process `syz.1.481'.
[  225.623745][ T8016] ax25_connect(): syz.1.481 uses autobind, please contact jreuter@yaina.de
[  225.637751][ T6020] usb 10-1: config 0 descriptor??
[  225.752181][ T6020] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input32
[  225.900868][    C1] vkms_vblank_simulate: vblank timer overrun
[  226.240819][    C1] vkms_vblank_simulate: vblank timer overrun
[  226.372932][    C1] vkms_vblank_simulate: vblank timer overrun
[  226.613998][    C1] vkms_vblank_simulate: vblank timer overrun
[  226.629533][ T5958] Bluetooth: hci4: command 0x0406 tx timeout
[  226.762028][ T8027] netlink: 'syz.0.485': attribute type 1 has an invalid length.
[  226.771111][ T5997] usb 10-1: USB disconnect, device number 12
[  226.808907][ T8027] bond1: (slave gretap2): making interface the new active one
[  226.814628][ T8027] bond1: (slave gretap2): Enslaving as an active interface with an up link
[  228.181230][ T8060] netlink: 24 bytes leftover after parsing attributes in process `syz.4.495'.
[  228.274614][ T8062] FAULT_INJECTION: forcing a failure.
[  228.274614][ T8062] name failslab, interval 1, probability 0, space 0, times 0
[  228.279727][ T8062] CPU: 1 UID: 0 PID: 8062 Comm: syz.1.496 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  228.284380][ T8062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  228.289631][ T8062] Call Trace:
[  228.291436][ T8062]  <TASK>
[  228.293044][ T8062]  dump_stack_lvl+0x16c/0x1f0
[  228.295087][ T8062]  should_fail_ex+0x497/0x5b0
[  228.297540][ T8062]  ? fs_reclaim_acquire+0xae/0x150
[  228.300334][ T8062]  should_failslab+0xc2/0x120
[  228.302723][ T8062]  __kmalloc_node_noprof+0xd1/0x520
[  228.305491][ T8062]  ? kasan_save_stack+0x42/0x60
[  228.307727][ T8062]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  228.310008][ T8062]  __kvmalloc_node_noprof+0xad/0x1a0
[  228.314181][ T8062]  bpf_test_run_xdp_live+0x140/0x500
[  228.316180][ T8062]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  228.318933][ T8062]  ? __pfx___lock_acquire+0x10/0x10
[  228.321527][ T8062]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  228.324526][ T8062]  ? find_held_lock+0x2d/0x110
[  228.332503][ T8062]  ? __might_fault+0xe3/0x190
[  228.335103][ T8062]  ? _copy_from_user+0x59/0xd0
[  228.337833][ T8062]  ? bpf_test_init.isra.0+0x111/0x150
[  228.340963][ T8062]  bpf_prog_test_run_xdp+0x827/0x1580
[  228.343678][ T8062]  ? lock_acquire+0x2f/0xb0
[  228.345991][ T8062]  ? __fget_files+0x40/0x3a0
[  228.348389][ T8062]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  228.351229][ T8062]  ? __fget_files+0x206/0x3a0
[  228.353557][ T8062]  ? fput+0x67/0x440
[  228.355438][ T8062]  ? __bpf_prog_get+0xa0/0x290
[  228.357850][ T8062]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  228.361008][ T8062]  __sys_bpf+0x1921/0x57a0
[  228.363461][ T8062]  ? __pfx_lock_release+0x10/0x10
[  228.366231][ T8062]  ? __pfx___sys_bpf+0x10/0x10
[  228.368658][ T8062]  ? vfs_write+0x306/0x1150
[  228.371061][ T8062]  ? __mutex_unlock_slowpath+0x164/0x690
[  228.373956][ T8062]  ? fput+0x67/0x440
[  228.375821][ T8062]  ? ksys_write+0x1ba/0x250
[  228.378011][ T8062]  ? __pfx_ksys_write+0x10/0x10
[  228.380365][ T8062]  __ia32_sys_bpf+0x76/0xe0
[  228.382514][ T8062]  __do_fast_syscall_32+0x73/0x120
[  228.385084][ T8062]  do_fast_syscall_32+0x32/0x80
[  228.387479][ T8062]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.390740][ T8062] RIP: 0023:0xf7eff579
[  228.392379][ T8062] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  228.400376][ T8062] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  228.404726][ T8062] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240
[  228.408608][ T8062] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  228.412769][ T8062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  228.416662][ T8062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  228.427718][ T8062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  228.442156][ T8062]  </TASK>
[  228.587248][ T8066] input input33: cannot allocate more than FF_MAX_EFFECTS effects
[  228.941897][   T56] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  229.129631][   T56] usb 10-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  229.135023][   T56] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.205735][   T56] usb 10-1: config 0 descriptor??
[  229.216120][   T56] input: bcm5974 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input34
[  229.696388][   T56] usb 10-1: USB disconnect, device number 13
[  229.719355][ T8099] FAULT_INJECTION: forcing a failure.
[  229.719355][ T8099] name failslab, interval 1, probability 0, space 0, times 0
[  229.740285][ T8099] CPU: 0 UID: 0 PID: 8099 Comm: syz.1.508 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  229.757347][ T8099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.769058][ T8099] Call Trace:
[  229.771419][ T8099]  <TASK>
[  229.773238][ T8099]  dump_stack_lvl+0x16c/0x1f0
[  229.778477][ T8099]  should_fail_ex+0x497/0x5b0
[  229.786258][ T8099]  ? fs_reclaim_acquire+0xae/0x150
[  229.790256][ T8099]  should_failslab+0xc2/0x120
[  229.799445][ T8099]  __kmalloc_cache_noprof+0x68/0x420
[  229.804158][ T8099]  ? __kasan_kmalloc+0xaa/0xb0
[  229.815731][ T8099]  ? sctp_add_bind_addr+0x2c3/0x3e0
[  229.823402][ T8099]  sctp_association_new+0x97/0x28b0
[  229.831301][ T8099]  ? sctp_do_bind+0x3b8/0x700
[  229.837882][ T8099]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  229.853781][ T8099]  ? sctp_v4_scope+0x183/0x1a0
[  229.859771][ T8099]  sctp_connect_new_asoc+0x1b7/0x790
[  229.868050][ T8099]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  229.873629][ T8099]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  229.877141][ T8099]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  229.879377][ T8099]  ? sctp_get_af_specific+0x62/0x70
[  229.900933][ T8099]  __sctp_connect+0x3f5/0xc60
[  229.902810][ T8099]  ? sctp_inet_connect+0xac/0x200
[  229.904819][ T8099]  ? __pfx___sctp_connect+0x10/0x10
[  229.906748][ T8099]  ? __pfx_sctp_inet_connect+0x10/0x10
[  229.908700][ T8099]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  229.911737][ T8099]  ? __pfx_sctp_inet_connect+0x10/0x10
[  229.914262][ T8099]  sctp_inet_connect+0x15f/0x200
[  229.916996][ T8099]  __sys_connect_file+0x13e/0x1a0
[  229.919564][ T8099]  __sys_connect+0x14f/0x170
[  229.921811][ T8099]  ? __pfx___sys_connect+0x10/0x10
[  229.924244][ T8099]  ? __pfx_ksys_write+0x10/0x10
[  229.926658][ T8099]  __ia32_sys_connect+0x71/0xb0
[  229.929078][ T8099]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  229.932042][ T8099]  __do_fast_syscall_32+0x73/0x120
[  229.938577][ T8099]  do_fast_syscall_32+0x32/0x80
[  229.940393][ T8099]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  229.942700][ T8099] RIP: 0023:0xf7eff579
[  229.944272][ T8099] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  229.954684][ T8099] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  229.960116][ T8099] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000000
[  229.965328][ T8099] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  229.970480][ T8099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.975285][ T8099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.980259][ T8099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.985108][ T8099]  </TASK>
[  230.849022][ T8116] netlink: 'syz.5.514': attribute type 13 has an invalid length.
[  230.852041][ T8116] netlink: 'syz.5.514': attribute type 27 has an invalid length.
[  231.149793][ T8125] netlink: 'syz.0.516': attribute type 14 has an invalid length.
[  231.305163][ T8129] netlink: 220 bytes leftover after parsing attributes in process `syz.0.518'.
[  231.380432][ T8134] FAULT_INJECTION: forcing a failure.
[  231.380432][ T8134] name failslab, interval 1, probability 0, space 0, times 0
[  231.396901][ T8134] CPU: 3 UID: 0 PID: 8134 Comm: syz.4.519 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  231.403197][ T8134] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  231.411334][ T8134] Call Trace:
[  231.412879][ T8134]  <TASK>
[  231.414628][ T8134]  dump_stack_lvl+0x16c/0x1f0
[  231.417254][ T8134]  should_fail_ex+0x497/0x5b0
[  231.420105][ T8134]  ? fs_reclaim_acquire+0xae/0x150
[  231.423201][ T8134]  should_failslab+0xc2/0x120
[  231.425812][ T8134]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  231.428580][ T8134]  ? __pfx___lock_acquire+0x10/0x10
[  231.431406][ T8134]  ? prepare_creds+0x2e/0x750
[  231.433984][ T8134]  prepare_creds+0x2e/0x750
[  231.436341][ T8134]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  231.439434][ T8134]  lookup_user_key+0x394/0x12f0
[  231.442594][ T8134]  ? __pfx_lookup_user_key+0x10/0x10
[  231.446066][ T8134]  ? __pfx_lock_release+0x10/0x10
[  231.449324][ T8134]  ? trace_lock_acquire+0x14e/0x1f0
[  231.452698][ T8134]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  231.456573][ T8134]  ? _copy_from_user+0x59/0xd0
[  231.459767][ T8134]  ? memdup_user+0x88/0xd0
[  231.462651][ T8134]  __do_sys_add_key+0x25a/0x460
[  231.465719][ T8134]  ? __pfx___do_sys_add_key+0x10/0x10
[  231.469169][ T8134]  ? ksys_write+0x1ba/0x250
[  231.472087][ T8134]  __do_fast_syscall_32+0x73/0x120
[  231.475317][ T8134]  do_fast_syscall_32+0x32/0x80
[  231.478325][ T8134]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  231.482318][ T8134] RIP: 0023:0xf7fe4579
[  231.484864][ T8134] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  231.496869][ T8134] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 000000000000011e
[  231.502264][ T8134] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00000000200001c0
[  231.507209][ T8134] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000ffffffff
[  231.512390][ T8134] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  231.517365][ T8134] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  231.522401][ T8134] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  231.527400][ T8134]  </TASK>
[  231.960628][ T5744] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  232.389195][ T5744] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  232.403765][ T5744] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.497664][ T8155] netlink: 200 bytes leftover after parsing attributes in process `syz.5.526'.
[  232.511534][ T8155] ax25_connect(): syz.5.526 uses autobind, please contact jreuter@yaina.de
[  232.783976][ T5744] usb 5-1: config 0 descriptor??
[  232.850187][ T5744] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input35
[  233.131593][ T8159] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  233.444711][ T5744] usb 5-1: USB disconnect, device number 8
[  233.539223][ T8164] FAULT_INJECTION: forcing a failure.
[  233.539223][ T8164] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.560877][ T8164] CPU: 0 UID: 0 PID: 8164 Comm: syz.4.527 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  233.564668][ T8164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  233.569265][ T8164] Call Trace:
[  233.570921][ T8164]  <TASK>
[  233.572316][ T8164]  dump_stack_lvl+0x16c/0x1f0
[  233.578463][ T8164]  should_fail_ex+0x497/0x5b0
[  233.585676][ T8164]  _copy_to_user+0x32/0xd0
[  233.587935][ T8164]  simple_read_from_buffer+0xd0/0x160
[  233.590381][ T8164]  proc_fail_nth_read+0x198/0x270
[  233.592950][ T8164]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  233.595595][ T8164]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  233.600170][ T8170] netlink: 4 bytes leftover after parsing attributes in process `syz.5.529'.
[  233.612921][ T8164]  vfs_read+0x1df/0xbe0
[  233.612974][ T8164]  ? __fget_files+0x1fc/0x3a0
[  233.612988][ T8164]  ? __pfx___mutex_lock+0x10/0x10
[  233.613003][ T8164]  ? __pfx_vfs_read+0x10/0x10
[  233.613019][ T8164]  ? __fget_files+0x206/0x3a0
[  233.613035][ T8164]  ksys_read+0x12b/0x250
[  233.613047][ T8164]  ? __pfx_ksys_read+0x10/0x10
[  233.613063][ T8164]  __do_fast_syscall_32+0x73/0x120
[  233.613080][ T8164]  do_fast_syscall_32+0x32/0x80
[  233.613094][ T8164]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  233.613111][ T8164] RIP: 0023:0xf7fe4579
[  233.613122][ T8164] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  233.613133][ T8164] RSP: 002b:00000000f5136590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  233.613145][ T8164] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5136620
[  233.613152][ T8164] RDX: 000000000000000f RSI: 00000000f7473ff4 RDI: 0000000000000000
[  233.613159][ T8164] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  233.613165][ T8164] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  233.613172][ T8164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  233.613185][ T8164]  </TASK>
[  235.005332][ T8196] netlink: 200 bytes leftover after parsing attributes in process `syz.0.537'.
[  235.015520][ T8196] ax25_connect(): syz.0.537 uses autobind, please contact jreuter@yaina.de
[  235.482139][ T8201] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[  235.581858][ T5954] Bluetooth: hci4: command 0x0406 tx timeout
[  237.007453][ T8204] syz.1.538 (8204): drop_caches: 2
[  237.672699][    C2] vkms_vblank_simulate: vblank timer overrun
[  237.708695][    C2] vkms_vblank_simulate: vblank timer overrun
[  237.941774][ T8223] syz.1.544: attempt to access beyond end of device
[  237.941774][ T8223] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[  237.948050][ T8223] syz.1.544: attempt to access beyond end of device
[  237.948050][ T8223] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[  238.210332][ T5748] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  238.613940][ T5997] libceph: connect (1)[c::]:6789 error -101
[  238.617199][ T5997] libceph: mon0 (1)[c::]:6789 connect error
[  238.877703][ T8234] ceph: No mds server is up or the cluster is laggy
[  238.899232][ T5997] libceph: connect (1)[c::]:6789 error -101
[  238.904910][ T5997] libceph: mon0 (1)[c::]:6789 connect error
[  239.102979][ T5748] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  239.131672][ T5748] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.140182][ T5748] usb 5-1: config 0 descriptor??
[  239.146871][ T5748] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input36
[  239.280690][    C2] vkms_vblank_simulate: vblank timer overrun
[  239.387691][    C2] vkms_vblank_simulate: vblank timer overrun
[  240.172735][    C2] vkms_vblank_simulate: vblank timer overrun
[  240.364467][ T8253] ax25_connect(): syz.5.550 uses autobind, please contact jreuter@yaina.de
[  240.704703][    C2] vkms_vblank_simulate: vblank timer overrun
[  240.727537][   T25] usb 5-1: USB disconnect, device number 9
[  240.844739][    C2] vkms_vblank_simulate: vblank timer overrun
[  241.132491][ T5958] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  241.439561][    C2] vkms_vblank_simulate: vblank timer overrun
[  241.485169][ T8273] mmap: syz.5.556 (8273) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  242.428174][ T8290] ax25_connect(): syz.4.562 uses autobind, please contact jreuter@yaina.de
[  243.188642][    C3] vkms_vblank_simulate: vblank timer overrun
[  243.237065][    C3] vkms_vblank_simulate: vblank timer overrun
[  243.291401][    T9] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  243.473152][    T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  243.482987][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.498316][ T8311] xt_TCPMSS: Only works on TCP SYN packets
[  243.498374][    T9] usb 6-1: config 0 descriptor??
[  243.573700][    T9] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input37
[  244.002958][    T9] usb 6-1: USB disconnect, device number 11
[  244.145612][ T8308] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  244.148188][ T8308] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  244.183977][ T8308] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  244.187041][ T8308] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  244.266340][    C3] vkms_vblank_simulate: vblank timer overrun
[  244.356784][ T8308] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  244.358996][ T8308] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  244.623765][ T8326] veth0_vlan: entered allmulticast mode
[  245.020626][    C3] vkms_vblank_simulate: vblank timer overrun
[  245.204622][    C3] vkms_vblank_simulate: vblank timer overrun
[  245.718032][ T8349] ax25_connect(): syz.0.575 uses autobind, please contact jreuter@yaina.de
[  245.995176][ T8348] syzkaller1: entered promiscuous mode
[  245.997249][ T8348] syzkaller1: entered allmulticast mode
[  246.084628][    C3] vkms_vblank_simulate: vblank timer overrun
[  246.158042][    C3] vkms_vblank_simulate: vblank timer overrun
[  246.338261][ T8364] FAULT_INJECTION: forcing a failure.
[  246.338261][ T8364] name failslab, interval 1, probability 0, space 0, times 0
[  246.345045][ T8364] CPU: 2 UID: 0 PID: 8364 Comm: syz.4.582 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  246.350337][ T8364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  246.355113][ T8364] Call Trace:
[  246.356585][ T8364]  <TASK>
[  246.357870][ T8364]  dump_stack_lvl+0x16c/0x1f0
[  246.359928][ T8364]  should_fail_ex+0x497/0x5b0
[  246.362310][ T8364]  ? fs_reclaim_acquire+0xae/0x150
[  246.364457][ T8364]  should_failslab+0xc2/0x120
[  246.367543][ T8364]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  246.370687][ T8364]  ? __alloc_skb+0x2b3/0x380
[  246.372722][ T8364]  __alloc_skb+0x2b3/0x380
[  246.375103][ T8364]  ? __pfx___alloc_skb+0x10/0x10
[  246.377641][ T8364]  ? __pm_runtime_idle+0xcf/0x160
[  246.380309][ T8364]  ? ethnl_ops_complete+0xaf/0xd0
[  246.383160][ T8364]  ethnl_default_notify+0x2f3/0x720
[  246.385855][ T8364]  ? __pfx_ethnl_default_notify+0x10/0x10
[  246.389119][ T8364]  ? ethnl_set_coalesce+0xb9/0x170
[  246.392066][ T8364]  ? __pfx_ethnl_set_coalesce+0x10/0x10
[  246.395150][ T8364]  ? lockdep_hardirqs_on+0x7c/0x110
[  246.397982][ T8364]  ? __pfx_ethnl_default_notify+0x10/0x10
[  246.400986][ T8364]  ethtool_notify+0xbf/0x200
[  246.403493][ T8364]  ethnl_default_set_doit+0x38a/0x6f0
[  246.406435][ T8364]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  246.409630][ T8364]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  246.414009][ T8364]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  246.418568][ T8364]  genl_family_rcv_msg_doit+0x202/0x2f0
[  246.421629][ T8364]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  246.424917][ T8364]  ? genl_get_cmd+0x195/0x580
[  246.427306][ T8364]  ? bpf_lsm_capable+0x9/0x10
[  246.429847][ T8364]  ? security_capable+0x7e/0x260
[  246.432104][ T8364]  ? ns_capable+0xd7/0x110
[  246.434028][ T8364]  genl_rcv_msg+0x565/0x800
[  246.435917][ T8364]  ? __pfx_genl_rcv_msg+0x10/0x10
[  246.438112][ T8364]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  246.441306][ T8364]  netlink_rcv_skb+0x165/0x410
[  246.461510][ T8364]  ? __pfx_genl_rcv_msg+0x10/0x10
[  246.463803][ T8364]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  246.466793][ T8364]  ? down_read+0xc9/0x330
[  246.469631][ T8364]  ? __pfx_down_read+0x10/0x10
[  246.472679][ T8364]  ? netlink_deliver_tap+0x1ae/0xca0
[  246.476064][ T8364]  genl_rcv+0x28/0x40
[  246.478491][ T8364]  netlink_unicast+0x53c/0x7f0
[  246.485230][ T8364]  ? __pfx_netlink_unicast+0x10/0x10
[  246.487251][ T8364]  ? __phys_addr_symbol+0x30/0x80
[  246.489306][ T8364]  ? __check_object_size+0x488/0x710
[  246.492622][ T8364]  netlink_sendmsg+0x8b8/0xd70
[  246.494698][ T8364]  ? __pfx_netlink_sendmsg+0x10/0x10
[  246.497390][ T8364]  ____sys_sendmsg+0x9ae/0xb40
[  246.500410][ T8364]  ? __pfx_____sys_sendmsg+0x10/0x10
[  246.502973][ T8364]  ? get_compat_msghdr+0x11b/0x170
[  246.505809][ T8364]  ___sys_sendmsg+0x135/0x1e0
[  246.507854][ T8364]  ? __pfx____sys_sendmsg+0x10/0x10
[  246.510141][ T8364]  ? __pfx_lock_release+0x10/0x10
[  246.512175][ T8364]  ? trace_lock_acquire+0x14e/0x1f0
[  246.515423][ T8364]  ? __fget_files+0x206/0x3a0
[  246.518440][ T8364]  __sys_sendmsg+0x16e/0x220
[  246.521291][ T8364]  ? __pfx___sys_sendmsg+0x10/0x10
[  246.523598][ T8364]  __do_fast_syscall_32+0x73/0x120
[  246.525818][ T8364]  do_fast_syscall_32+0x32/0x80
[  246.527943][ T8364]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  246.542047][ T8364] RIP: 0023:0xf7fe4579
[  246.543598][ T8364] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  246.552885][ T8364] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  246.556543][ T8364] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000540
[  246.571568][ T8364] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  246.575700][ T8364] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  246.580345][ T8364] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  246.583628][ T8364] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  246.607759][ T8364]  </TASK>
[  246.920458][ T8368] netlink: 16 bytes leftover after parsing attributes in process `syz.4.583'.
[  247.044823][    C3] vkms_vblank_simulate: vblank timer overrun
[  247.327045][ T5744] IPVS: starting estimator thread 0...
[  247.354478][ T8380] ax25_connect(): syz.0.588 uses autobind, please contact jreuter@yaina.de
[  247.500626][    C3] vkms_vblank_simulate: vblank timer overrun
[  247.636705][    C3] vkms_vblank_simulate: vblank timer overrun
[  247.688294][ T8388] FAULT_INJECTION: forcing a failure.
[  247.688294][ T8388] name failslab, interval 1, probability 0, space 0, times 0
[  247.699039][ T8388] CPU: 1 UID: 0 PID: 8388 Comm: syz.1.587 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  247.700870][    C3] vkms_vblank_simulate: vblank timer overrun
[  247.723635][ T8388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.743241][ T8388] Call Trace:
[  247.744723][ T8388]  <TASK>
[  247.765280][ T8388]  dump_stack_lvl+0x16c/0x1f0
[  247.767428][ T8388]  should_fail_ex+0x497/0x5b0
[  247.769531][ T8388]  ? fs_reclaim_acquire+0xae/0x150
[  247.771686][ T8388]  should_failslab+0xc2/0x120
[  247.773668][ T8388]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  247.786603][ T8388]  ? getname_flags.part.0+0x4c/0x550
[  247.812913][ T8388]  getname_flags.part.0+0x4c/0x550
[  247.815133][ T8388]  getname+0x8d/0xe0
[  247.817122][ T8388]  do_sys_openat2+0x104/0x1e0
[  247.819105][ T8388]  ? __pfx_do_sys_openat2+0x10/0x10
[  247.821440][ T8388]  ? __pfx___schedule+0x10/0x10
[  247.823523][ T8388]  ? __fget_files+0x206/0x3a0
[  247.825523][ T8388]  __ia32_compat_sys_openat+0x16e/0x210
[  247.827819][ T8388]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  247.830429][ T8388]  ? ksys_write+0x1ba/0x250
[  247.832287][ T8388]  __do_fast_syscall_32+0x73/0x120
[  247.840913][ T8388]  do_fast_syscall_32+0x32/0x80
[  247.842922][ T8388]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.845420][ T8388] RIP: 0023:0xf7eff579
[  247.847006][ T8388] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  247.858496][ T8388] RSP: 002b:00000000f5014100 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  247.863952][ T8388] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5014150
[  247.868636][ T8388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7393ff4
[  247.872419][ T8388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  247.876543][ T8388] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  247.880710][ T8388] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  247.884224][ T8388]  </TASK>
[  247.965729][    C3] vkms_vblank_simulate: vblank timer overrun
[  248.243514][ T8379] IPVS: using max 22 ests per chain, 52800 per kthread
[  248.280572][    C3] vkms_vblank_simulate: vblank timer overrun
[  248.459276][ T8399] net_ratelimit: 11 callbacks suppressed
[  248.459293][ T8399] openvswitch: netlink: Missing key (keys=40, expected=100)
[  248.548635][    C3] vkms_vblank_simulate: vblank timer overrun
[  249.048735][    C3] vkms_vblank_simulate: vblank timer overrun
[  249.248704][    C3] vkms_vblank_simulate: vblank timer overrun
[  249.732784][    C3] vkms_vblank_simulate: vblank timer overrun
[  250.310755][ T5997] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  250.473317][ T5997] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  250.478045][ T5997] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.511149][ T5997] usb 5-1: config 0 descriptor??
[  250.554739][ T5997] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input38
[  251.032868][    T8] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  251.033085][ T5995] usb 5-1: USB disconnect, device number 10
[  251.204379][    T8] usb 6-1: Using ep0 maxpacket: 16
[  251.233788][    T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  251.237463][    T8] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  251.250664][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.275734][    T8] usb 6-1: config 0 descriptor??
[  251.906362][ T8456] random: crng reseeded on system resumption
[  252.180750][ T8459] capability: warning: `syz.4.611' uses 32-bit capabilities (legacy support in use)
[  252.488279][ T8461] 9pnet_fd: Insufficient options for proto=fd
[  252.498536][ T5997] usb 6-1: USB disconnect, device number 12
[  252.592047][ T8466] netlink: 12 bytes leftover after parsing attributes in process `syz.4.612'.
[  252.594113][ T8470] binder: 8469:8470 ioctl c018620c 200001c0 returned -1
[  253.470665][    T8] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  253.625366][    T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  253.629257][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.635291][    T8] usb 5-1: config 0 descriptor??
[  253.675562][    T8] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input39
[  254.036924][    T8] usb 5-1: USB disconnect, device number 11
[  254.682739][ T8507] FAULT_INJECTION: forcing a failure.
[  254.682739][ T8507] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.689551][ T8507] CPU: 2 UID: 0 PID: 8507 Comm: syz.1.626 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  254.705851][ T8507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  254.711210][ T8507] Call Trace:
[  254.712914][ T8507]  <TASK>
[  254.714721][ T8507]  dump_stack_lvl+0x16c/0x1f0
[  254.717919][ T8507]  should_fail_ex+0x497/0x5b0
[  254.723960][ T8507]  _copy_to_user+0x32/0xd0
[  254.726937][ T8507]  bpf_test_finish.isra.0+0x4a1/0x680
[  254.729854][ T8507]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  254.737763][ T8507]  ? deactivate_slab+0x330/0x4a0
[  254.740305][ T8507]  bpf_prog_test_run_skb+0x11da/0x22c0
[  254.742856][ T8507]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  254.745838][ T8507]  ? fput+0x67/0x440
[  254.747568][ T8507]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  254.764955][ T8507]  __sys_bpf+0x1921/0x57a0
[  254.766908][ T8507]  ? __pfx_lock_release+0x10/0x10
[  254.769364][ T8507]  ? __pfx___sys_bpf+0x10/0x10
[  254.771234][ T8507]  ? vfs_write+0x306/0x1150
[  254.772894][ T8507]  ? __mutex_unlock_slowpath+0x164/0x690
[  254.774904][ T8507]  ? fput+0x67/0x440
[  254.776351][ T8507]  ? ksys_write+0x1ba/0x250
[  254.779316][ T8507]  ? __pfx_ksys_write+0x10/0x10
[  254.794186][ T8507]  __ia32_sys_bpf+0x76/0xe0
[  254.796584][ T8507]  __do_fast_syscall_32+0x73/0x120
[  254.799762][ T8507]  do_fast_syscall_32+0x32/0x80
[  254.802242][ T8507]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.805488][ T8507] RIP: 0023:0xf7eff579
[  254.807875][ T8507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  254.828399][ T8507] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  254.840838][ T8507] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0
[  254.843993][ T8507] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  254.847460][ T8507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  254.866643][ T8507] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  254.870034][ T8507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  254.872811][ T8507]  </TASK>
[  254.876021][ T5748] usb 9-1: new full-speed USB device number 12 using dummy_hcd
[  255.003509][ T5748] usb 9-1: device descriptor read/64, error -71
[  255.104714][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  255.108789][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  255.249441][ T5748] usb 9-1: new full-speed USB device number 13 using dummy_hcd
[  255.412757][ T5748] usb 9-1: device descriptor read/64, error -71
[  255.553212][ T5748] usb usb9-port1: attempt power cycle
[  255.572084][ T8522] FAULT_INJECTION: forcing a failure.
[  255.572084][ T8522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.583476][ T8522] CPU: 2 UID: 0 PID: 8522 Comm: syz.5.631 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  255.587582][ T8522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.595528][ T8522] Call Trace:
[  255.597011][ T8522]  <TASK>
[  255.598193][ T8522]  dump_stack_lvl+0x16c/0x1f0
[  255.600327][ T8522]  should_fail_ex+0x497/0x5b0
[  255.602351][ T8522]  _copy_to_user+0x32/0xd0
[  255.604185][ T8522]  simple_read_from_buffer+0xd0/0x160
[  255.606478][ T8522]  proc_fail_nth_read+0x198/0x270
[  255.608995][ T8522]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  255.612175][ T8522]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  255.614742][ T8522]  vfs_read+0x1df/0xbe0
[  255.616415][ T8522]  ? __fget_files+0x1fc/0x3a0
[  255.618430][ T8522]  ? __pfx___mutex_lock+0x10/0x10
[  255.621199][ T8522]  ? __pfx_vfs_read+0x10/0x10
[  255.623371][ T8522]  ? __fget_files+0x206/0x3a0
[  255.625235][ T8522]  ksys_read+0x12b/0x250
[  255.627011][ T8522]  ? __pfx_ksys_read+0x10/0x10
[  255.629036][ T8522]  __do_fast_syscall_32+0x73/0x120
[  255.632137][ T8522]  do_fast_syscall_32+0x32/0x80
[  255.635387][ T8522]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.641599][ T8522] RIP: 0023:0xf708e579
[  255.643332][ T8522] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  255.673126][ T8522] RSP: 002b:00000000f5080590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  255.676544][ T8522] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5080620
[  255.679898][ T8522] RDX: 000000000000000f RSI: 00000000f73c3ff4 RDI: 0000000000000000
[  255.683275][ T8522] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  255.686638][ T8522] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  255.690249][ T8522] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.704473][ T8522]  </TASK>
[  255.895513][ T8526] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  255.973368][ T5748] usb 9-1: new full-speed USB device number 14 using dummy_hcd
[  256.001323][ T5748] usb 9-1: device descriptor read/8, error -71
[  256.295147][ T5748] usb 9-1: new full-speed USB device number 15 using dummy_hcd
[  256.370348][ T5748] usb 9-1: device descriptor read/8, error -71
[  256.470743][   T63] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  256.491018][ T5748] usb usb9-port1: unable to enumerate USB device
[  256.799580][   T63] usb 6-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  256.808225][   T63] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.823153][   T63] usb 6-1: config 0 descriptor??
[  256.858920][   T63] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input40
[  257.362119][ T5994] usb 6-1: USB disconnect, device number 13
[  258.070197][ T8554] input: syz1 as /devices/virtual/input/input41
[  258.120614][ T8554] input: failed to attach handler leds to device input41, error: -6
[  258.663139][ T8558] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  259.149003][ T8564] random: crng reseeded on system resumption
[  259.391485][ T8573] ax25_connect(): syz.1.645 uses autobind, please contact jreuter@yaina.de
[  260.130632][ T5744] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  260.333116][ T5744] usb 9-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  260.337812][ T5744] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.379566][ T5744] usb 9-1: config 0 descriptor??
[  260.415281][ T5744] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input43
[  260.870355][ T5744] usb 9-1: USB disconnect, device number 16
[  261.508665][ T8601] Process accounting resumed
[  263.325505][ T8624] FAULT_INJECTION: forcing a failure.
[  263.325505][ T8624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.330339][ T8624] CPU: 3 UID: 0 PID: 8624 Comm: syz.0.661 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  263.334062][ T8624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  263.335621][ T8623] ax25_connect(): syz.5.660 uses autobind, please contact jreuter@yaina.de
[  263.338692][ T8624] Call Trace:
[  263.338704][ T8624]  <TASK>
[  263.346142][ T8624]  dump_stack_lvl+0x16c/0x1f0
[  263.354948][ T8624]  should_fail_ex+0x497/0x5b0
[  263.356973][ T8624]  strncpy_from_user+0x3b/0x2d0
[  263.359852][ T8624]  getname_flags.part.0+0x8f/0x550
[  263.362053][ T8624]  getname_uflags+0x9d/0xf0
[  263.363865][ T8624]  __ia32_compat_sys_execveat+0xc4/0x120
[  263.366182][ T8624]  __do_fast_syscall_32+0x73/0x120
[  263.369149][ T8624]  do_fast_syscall_32+0x32/0x80
[  263.371139][ T8624]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  263.373673][ T8624] RIP: 0023:0xf7fc4579
[  263.375327][ T8624] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  263.407792][ T8624] RSP: 002b:00000000f50d455c EFLAGS: 00000296 ORIG_RAX: 0000000000000166
[  263.411144][ T8624] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000040
[  263.418101][ T8624] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000000
[  263.426304][ T8624] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  263.430934][ T8624] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  263.442462][ T8624] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  263.446812][ T8624]  </TASK>
[  264.481931][ T5995] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  264.699944][ T5995] usb 6-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  264.703966][ T5995] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.714240][ T5995] usb 6-1: config 0 descriptor??
[  264.744592][ T5995] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input45
[  265.176055][    T8] usb 6-1: USB disconnect, device number 14
[  266.122467][ T8661] Debayer B: =================  START STATUS  =================
[  266.126431][ T8661] Debayer B: Debayer Mean Window Size: 3
[  266.129856][ T8661] Debayer B: ==================  END STATUS  ==================
[  266.275307][ T8663] ax25_connect(): syz.5.673 uses autobind, please contact jreuter@yaina.de
[  266.587734][ T8676] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.675'.
[  267.730728][ T8696] bond0: entered promiscuous mode
[  267.735447][ T8696] bond_slave_0: entered promiscuous mode
[  267.817225][ T8696] bond_slave_1: entered promiscuous mode
[  267.834962][ T8696] batadv0: entered promiscuous mode
[  268.495618][ T8713] ax25_connect(): syz.4.685 uses autobind, please contact jreuter@yaina.de
[  270.163428][ T8735] netlink: 'syz.5.692': attribute type 2 has an invalid length.
[  270.168610][ T8735] netlink: 'syz.5.692': attribute type 1 has an invalid length.
[  270.191348][ T8735] netlink: 8 bytes leftover after parsing attributes in process `syz.5.692'.
[  270.505305][ T5748] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  270.560415][ T8744] ax25_connect(): syz.4.695 uses autobind, please contact jreuter@yaina.de
[  270.641152][ T5748] usb 6-1: device descriptor read/64, error -71
[  271.247936][ T5748] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  271.411761][ T5748] usb 6-1: device descriptor read/64, error -71
[  271.529546][ T5748] usb usb6-port1: attempt power cycle
[  271.900915][ T5748] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  271.930152][ T5748] usb 6-1: device descriptor read/8, error -71
[  272.200783][ T5748] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  272.270870][ T5748] usb 6-1: device descriptor read/8, error -71
[  272.373255][ T8774] netlink: 'syz.4.708': attribute type 1 has an invalid length.
[  272.380745][ T5748] usb usb6-port1: unable to enumerate USB device
[  272.764349][ T8781] ax25_connect(): syz.0.709 uses autobind, please contact jreuter@yaina.de
[  273.105353][ T8785] netlink: 12 bytes leftover after parsing attributes in process `syz.5.712'.
[  273.442554][ T8789] xt_TCPMSS: Only works on TCP SYN packets
[  274.772287][ T8809] syzkaller0: entered promiscuous mode
[  274.774290][ T8809] syzkaller0: entered allmulticast mode
[  275.619574][ T8820] xt_TCPMSS: Only works on TCP SYN packets
[  275.921390][ T8827] ax25_connect(): syz.4.726 uses autobind, please contact jreuter@yaina.de
[  279.478321][   T25] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  279.712894][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  279.719014][   T25] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  279.739591][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.841104][   T25] usb 5-1: config 0 descriptor??
[  280.073257][   T25] usbhid 5-1:0.0: can't add hid device: -71
[  280.077995][   T25] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  280.084822][   T25] usb 5-1: USB disconnect, device number 12
[  280.550624][   T63] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  280.752643][   T63] usb 5-1: Using ep0 maxpacket: 32
[  280.769795][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  280.796764][   T63] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  280.817420][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.875874][   T63] usb 5-1: config 0 descriptor??
[  280.899629][   T63] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  280.906220][   T63] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  281.562423][ T5995] usb 5-1: USB disconnect, device number 13
[  281.624772][ T5995] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  282.856238][    C0] ==================================================================
[  282.860705][    C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2d90/0x3c40
[  282.864756][    C0] Read of size 8 at addr ffff888022deb818 by task syz.4.740/8864
[  282.886215][    C0] 
[  282.888406][    C0] CPU: 0 UID: 0 PID: 8864 Comm: syz.4.740 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  282.902688][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.907057][    C0] Call Trace:
[  282.918588][    C0]  <IRQ>
[  282.921895][    C0]  dump_stack_lvl+0x116/0x1f0
[  282.923859][    C0]  print_report+0xc3/0x620
[  282.925646][    C0]  ? __virt_addr_valid+0x5e/0x590
[  282.927596][    C0]  ? __phys_addr+0xc6/0x150
[  282.938235][    C0]  kasan_report+0xd9/0x110
[  282.940055][    C0]  ? __lock_acquire+0x2d90/0x3c40
[  282.942184][    C0]  ? __lock_acquire+0x2d90/0x3c40
[  282.944383][    C0]  __lock_acquire+0x2d90/0x3c40
[  282.946528][    C0]  ? __pfx_lock_release+0x10/0x10
[  282.948948][    C0]  ? rcu_is_watching+0x12/0xc0
[  282.951409][    C0]  ? ttwu_queue_wakelist+0x26d/0x400
[  282.954132][    C0]  ? __smp_call_single_queue+0x174/0x1e0
[  282.956482][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  282.958542][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  282.961935][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  282.964018][    C0]  lock_acquire.part.0+0x11b/0x380
[  282.966405][    C0]  ? p9_req_put+0xaf/0x250
[  282.967993][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  282.970307][    C0]  ? rcu_is_watching+0x12/0xc0
[  282.972484][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  282.974874][    C0]  ? p9_req_put+0xaf/0x250
[  282.977613][    C0]  ? lock_acquire+0x2f/0xb0
[  282.980771][    C0]  ? p9_req_put+0xaf/0x250
[  282.983276][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  282.986071][    C0]  ? p9_req_put+0xaf/0x250
[  282.988081][    C0]  p9_req_put+0xaf/0x250
[  282.990282][    C0]  req_done+0x1e7/0x2f0
[  282.990695][ T8869] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  282.992574][    C0]  ? __pfx_req_done+0x10/0x10
[  282.992601][    C0]  ? __pfx_req_done+0x10/0x10
[  282.992616][    C0]  vring_interrupt+0x31b/0x400
[  282.992636][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  282.992653][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[  282.992676][    C0]  handle_irq_event+0xab/0x1e0
[  282.992694][    C0]  handle_edge_irq+0x263/0xd10
[  282.992714][    C0]  __common_interrupt+0xdf/0x250
[  282.992736][    C0]  common_interrupt+0xba/0xe0
[  282.992760][    C0]  </IRQ>
[  282.992765][    C0]  <TASK>
[  282.992772][    C0]  asm_common_interrupt+0x26/0x40
[  282.992792][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[  282.992811][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 76 61 59 f6 48 89 df e8 be e0 59 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 e5 d0 4a f6 65 8b 05 96 f2 e6 74 85 c0 74 16 5b
[  282.992831][    C0] RSP: 0018:ffffc90004577b78 EFLAGS: 00000246
[  282.992845][    C0] RAX: 0000000000000002 RBX: ffff888022ba2e40 RCX: 1ffffffff20395e9
[  282.992856][    C0] RDX: 0000000000000000 RSI: ffffffff8b4cd300 RDI: ffffffff8bb17140
[  282.992867][    C0] RBP: 0000000000000283 R08: 0000000000000001 R09: 0000000000000001
[  282.992877][    C0] R10: ffffffff901cf297 R11: ffffffff816b5e0e R12: ffff888022ba2454
[  282.992888][    C0] R13: ffff888022ba2e40 R14: ffff888022ba2440 R15: ffffc90004577bd8
[  282.992901][    C0]  ? select_task_rq_fair+0x36e/0x44e0
[  282.992924][    C0]  try_to_wake_up+0x949/0x1490
[  282.992941][    C0]  ? __pfx_try_to_wake_up+0x10/0x10
[  282.992954][    C0]  ? __pfx_lock_release+0x10/0x10
[  282.992967][    C0]  ? plist_check_head+0xa3/0x150
[  282.992985][    C0]  wake_up_q+0x91/0x140
[  282.992998][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  282.993016][    C0]  futex_wake+0x43e/0x4e0
[  282.993034][    C0]  ? __pfx_futex_wake+0x10/0x10
[  282.993051][    C0]  ? find_held_lock+0x2d/0x110
[  282.993070][    C0]  do_futex+0x1e5/0x350
[  282.993090][    C0]  ? __pfx_do_futex+0x10/0x10
[  282.993110][    C0]  ? rcu_is_watching+0x12/0xc0
[  282.993128][    C0]  ? __count_memcg_events+0x445/0x5d0
[  282.993148][    C0]  __ia32_sys_futex_time32+0x1da/0x460
[  282.993171][    C0]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  282.993197][    C0]  __do_fast_syscall_32+0x73/0x120
[  282.993215][    C0]  do_fast_syscall_32+0x32/0x80
[  282.993233][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.993254][    C0] RIP: 0023:0xf7fe4579
[  282.993266][    C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  282.993279][    C0] RSP: 002b:00000000ffd3ff7c EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[  282.993294][    C0] RAX: ffffffffffffffda RBX: 00000000f74a4f88 RCX: 0000000000000081
[  282.993303][    C0] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000000000000000
[  282.993313][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  282.993322][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  282.993332][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.993346][    C0]  </TASK>
[  282.993352][    C0] 
[  282.993355][    C0] Allocated by task 8865:
[  282.993363][    C0]  kasan_save_stack+0x33/0x60
[  282.993381][    C0]  kasan_save_track+0x14/0x30
[  282.993397][    C0]  __kasan_kmalloc+0xaa/0xb0
[  282.993413][    C0]  p9_client_create+0xc8/0x11a0
[  282.993430][    C0]  v9fs_session_init+0x1f8/0x1a80
[  282.993450][    C0]  v9fs_mount+0xc6/0xa30
[  282.993506][    C0]  legacy_get_tree+0x109/0x220
[  282.993524][    C0]  vfs_get_tree+0x8f/0x380
[  282.993538][    C0]  path_mount+0x6e1/0x1f00
[  282.993553][    C0]  __ia32_sys_mount+0x292/0x310
[  282.993607][    C0]  __do_fast_syscall_32+0x73/0x120
[  282.993625][    C0]  do_fast_syscall_32+0x32/0x80
[  282.993642][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.993663][    C0] 
[  282.993666][    C0] Freed by task 8865:
[  282.993674][    C0]  kasan_save_stack+0x33/0x60
[  282.993691][    C0]  kasan_save_track+0x14/0x30
[  282.993707][    C0]  kasan_save_free_info+0x3b/0x60
[  282.993721][    C0]  __kasan_slab_free+0x51/0x70
[  282.993737][    C0]  kfree+0x14f/0x4b0
[  282.993752][    C0]  p9_client_create+0x97d/0x11a0
[  282.993768][    C0]  v9fs_session_init+0x1f8/0x1a80
[  282.993787][    C0]  v9fs_mount+0xc6/0xa30
[  282.993799][    C0]  legacy_get_tree+0x109/0x220
[  282.993814][    C0]  vfs_get_tree+0x8f/0x380
[  282.993868][    C0]  path_mount+0x6e1/0x1f00
[  282.993885][    C0]  __ia32_sys_mount+0x292/0x310
[  282.993903][    C0]  __do_fast_syscall_32+0x73/0x120
[  282.993956][    C0]  do_fast_syscall_32+0x32/0x80
[  282.993974][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.994030][    C0] 
[  282.994034][    C0] The buggy address belongs to the object at ffff888022deb800
[  282.994034][    C0]  which belongs to the cache kmalloc-512 of size 512
[  282.994047][    C0] The buggy address is located 24 bytes inside of
[  282.994047][    C0]  freed 512-byte region [ffff888022deb800, ffff888022deba00)
[  282.994098][    C0] 
[  282.994103][    C0] The buggy address belongs to the physical page:
[  282.994110][    C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22de8
[  282.994158][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  282.994172][    C0] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  282.994186][    C0] page_type: f5(slab)
[  282.994199][    C0] raw: 00fff00000000040 ffff88801ac42c80 0000000000000000 dead000000000001
[  282.994250][    C0] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[  282.994299][    C0] head: 00fff00000000040 ffff88801ac42c80 0000000000000000 dead000000000001
[  282.994314][    C0] head: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000
[  282.994328][    C0] head: 00fff00000000002 ffffea00008b7a01 ffffffffffffffff 0000000000000000
[  282.994341][    C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[  282.994387][    C0] page dumped because: kasan: bad access detected
[  282.994396][    C0] page_owner tracks the page as allocated
[  282.994401][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 25730385731, free_ts 25523465853
[  282.994461][    C0]  post_alloc_hook+0x2d1/0x350
[  282.994479][    C0]  get_page_from_freelist+0xfce/0x2f80
[  282.994532][    C0]  __alloc_pages_noprof+0x223/0x25b0
[  282.994585][    C0]  alloc_pages_mpol_noprof+0x2c9/0x610
[  282.994600][    C0]  new_slab+0x2c9/0x410
[  282.994615][    C0]  ___slab_alloc+0xce2/0x1650
[  282.994630][    C0]  __slab_alloc.constprop.0+0x56/0xb0
[  282.994682][    C0]  __kmalloc_node_track_caller_noprof+0x2ee/0x520
[  282.994736][    C0]  krealloc_noprof+0x157/0x360
[  282.994754][    C0]  add_sysfs_param+0xcb/0x930
[  282.994769][    C0]  param_sysfs_builtin_init+0x253/0x3c0
[  282.994822][    C0]  do_one_initcall+0x128/0x630
[  282.994878][    C0]  kernel_init_freeable+0x58f/0x8b0
[  282.994898][    C0]  kernel_init+0x1c/0x2b0
[  282.994915][    C0]  ret_from_fork+0x45/0x80
[  282.994964][    C0]  ret_from_fork_asm+0x1a/0x30
[  282.995018][    C0] page last free pid 1 tgid 1 stack trace:
[  282.995026][    C0]  free_unref_page+0x661/0x1080
[  282.995043][    C0]  qlist_free_all+0x4e/0x120
[  282.995059][    C0]  kasan_quarantine_reduce+0x195/0x1e0
[  282.995399][    C0]  __kasan_slab_alloc+0x69/0x90
[  282.995418][    C0]  kmem_cache_alloc_noprof+0x1c8/0x3b0
[  282.995474][    C0]  __kernfs_new_node+0xd3/0x890
[  282.995525][    C0]  kernfs_new_node+0x186/0x240
[  282.995540][    C0]  __kernfs_create_file+0x53/0x350
[  282.995557][    C0]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  282.995615][    C0]  internal_create_group+0x56c/0xf10
[  282.995664][    C0]  param_sysfs_builtin_init+0x28e/0x3c0
[  282.995677][    C0]  do_one_initcall+0x128/0x630
[  282.995694][    C0]  kernel_init_freeable+0x58f/0x8b0
[  282.995750][    C0]  kernel_init+0x1c/0x2b0
[  282.995802][    C0]  ret_from_fork+0x45/0x80
[  282.995814][    C0]  ret_from_fork_asm+0x1a/0x30
[  282.995840][    C0] 
[  282.995843][    C0] Memory state around the buggy address:
[  282.995888][    C0]  ffff888022deb700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  282.995898][    C0]  ffff888022deb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  282.995943][    C0] >ffff888022deb800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  282.995949][    C0]                             ^
[  282.995956][    C0]  ffff888022deb880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  282.995966][    C0]  ffff888022deb900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  282.995974][    C0] ==================================================================
[  282.995982][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  282.996026][    C0] CPU: 0 UID: 0 PID: 8864 Comm: syz.4.740 Not tainted 6.13.0-rc6-syzkaller-00290-gbe548645527a #0
[  282.996078][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.996088][    C0] Call Trace:
[  282.996094][    C0]  <IRQ>
[  282.996100][    C0]  dump_stack_lvl+0x3d/0x1f0
[  282.996119][    C0]  panic+0x71d/0x800
[  282.996202][    C0]  ? __pfx_panic+0x10/0x10
[  282.996254][    C0]  ? rcu_is_watching+0x12/0xc0
[  282.996275][    C0]  ? __pfx_lock_release+0x10/0x10
[  282.996291][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  282.996353][    C0]  check_panic_on_warn+0xab/0xb0
[  282.996412][    C0]  end_report+0x117/0x180
[  282.996433][    C0]  kasan_report+0xe9/0x110
[  282.996493][    C0]  ? __lock_acquire+0x2d90/0x3c40
[  282.996544][    C0]  ? __lock_acquire+0x2d90/0x3c40
[  282.996564][    C0]  __lock_acquire+0x2d90/0x3c40
[  282.996579][    C0]  ? __pfx_lock_release+0x10/0x10
[  282.996592][    C0]  ? rcu_is_watching+0x12/0xc0
[  282.996686][    C0]  ? ttwu_queue_wakelist+0x26d/0x400
[  282.996712][    C0]  ? __smp_call_single_queue+0x174/0x1e0
[  282.996731][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  282.996783][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  282.996843][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  282.996864][    C0]  lock_acquire.part.0+0x11b/0x380
[  282.996879][    C0]  ? p9_req_put+0xaf/0x250
[  282.996937][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  282.996990][    C0]  ? rcu_is_watching+0x12/0xc0
[  282.997006][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  282.997025][    C0]  ? p9_req_put+0xaf/0x250
[  282.997080][    C0]  ? lock_acquire+0x2f/0xb0
[  282.997130][    C0]  ? p9_req_put+0xaf/0x250
[  282.997148][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  282.997163][    C0]  ? p9_req_put+0xaf/0x250
[  282.997221][    C0]  p9_req_put+0xaf/0x250
[  282.997275][    C0]  req_done+0x1e7/0x2f0
[  282.997290][    C0]  ? __pfx_req_done+0x10/0x10
[  282.997305][    C0]  ? __pfx_req_done+0x10/0x10
[  282.997354][    C0]  vring_interrupt+0x31b/0x400
[  282.997373][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  282.997424][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[  282.997445][    C0]  handle_irq_event+0xab/0x1e0
[  282.997500][    C0]  handle_edge_irq+0x263/0xd10
[  282.997521][    C0]  __common_interrupt+0xdf/0x250
[  282.997542][    C0]  common_interrupt+0xba/0xe0
[  282.997563][    C0]  </IRQ>
[  282.997568][    C0]  <TASK>
[  282.997574][    C0]  asm_common_interrupt+0x26/0x40
[  282.997592][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[  282.997611][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 76 61 59 f6 48 89 df e8 be e0 59 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 e5 d0 4a f6 65 8b 05 96 f2 e6 74 85 c0 74 16 5b
[  282.997627][    C0] RSP: 0018:ffffc90004577b78 EFLAGS: 00000246
[  282.997640][    C0] RAX: 0000000000000002 RBX: ffff888022ba2e40 RCX: 1ffffffff20395e9
[  282.997651][    C0] RDX: 0000000000000000 RSI: ffffffff8b4cd300 RDI: ffffffff8bb17140
[  282.997661][    C0] RBP: 0000000000000283 R08: 0000000000000001 R09: 0000000000000001
[  282.997671][    C0] R10: ffffffff901cf297 R11: ffffffff816b5e0e R12: ffff888022ba2454
[  282.997681][    C0] R13: ffff888022ba2e40 R14: ffff888022ba2440 R15: ffffc90004577bd8
[  282.997692][    C0]  ? select_task_rq_fair+0x36e/0x44e0
[  282.997751][    C0]  try_to_wake_up+0x949/0x1490
[  282.997767][    C0]  ? __pfx_try_to_wake_up+0x10/0x10
[  282.997779][    C0]  ? __pfx_lock_release+0x10/0x10
[  282.997835][    C0]  ? plist_check_head+0xa3/0x150
[  282.997886][    C0]  wake_up_q+0x91/0x140
[  282.997901][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  282.997919][    C0]  futex_wake+0x43e/0x4e0
[  282.997934][    C0]  ? __pfx_futex_wake+0x10/0x10
[  282.998264][    C0]  ? find_held_lock+0x2d/0x110
[  282.998283][    C0]  do_futex+0x1e5/0x350
[  282.998379][    C0]  ? __pfx_do_futex+0x10/0x10
[  282.998398][    C0]  ? rcu_is_watching+0x12/0xc0
[  282.998414][    C0]  ? __count_memcg_events+0x445/0x5d0
[  282.998470][    C0]  __ia32_sys_futex_time32+0x1da/0x460
[  282.998529][    C0]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  282.998554][    C0]  __do_fast_syscall_32+0x73/0x120
[  282.998611][    C0]  do_fast_syscall_32+0x32/0x80
[  282.998664][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.998685][    C0] RIP: 0023:0xf7fe4579
[  282.998697][    C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  282.998745][    C0] RSP: 002b:00000000ffd3ff7c EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[  282.998760][    C0] RAX: ffffffffffffffda RBX: 00000000f74a4f88 RCX: 0000000000000081
[  282.998805][    C0] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000000000000000
[  282.998814][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  282.998828][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  282.998837][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.998885][    C0]  </TASK>
[  283.012948][    C0] Kernel Offset: disabled

VM DIAGNOSIS:
03:55:25  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85145025 RDI=ffffffff9a667200 RBP=ffffffff9a6671c0 RSP=ffffc90000007598
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000032 R14=ffffffff85144fc0 R15=0000000000000000
RIP=ffffffff8514504f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002dc1fffc CR3=000000006aeac000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000002d000000000 0000000900000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000002000e3 RBX=0000000000000001 RCX=ffffffff8b1a6889 RDX=0000000000000000
RSI=ffffffff8b4cd300 RDI=ffffffff8bb17140 RBP=ffffed10039dd910 RSP=ffffc9000047fe08
R8 =0000000000000001 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801ceec880 R14=ffffffff901cf290 R15=0000000000000000
RIP=ffffffff8b1a7c6f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c31c2d7 CR3=00000000666c2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88802b446700 RCX=ffffffff818d548c RDX=ffff88802121a440
RSI=ffffffff818d5466 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000322f858
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000005
R12=ffffed1005688ce1 R13=0000000000000001 R14=ffff88802b446708 R15=ffff88802b63ff80
RIP=ffffffff818d5468 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055955ce00000 CR3=0000000059f3a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=f4618084f4618084 f4618084f4618084 f4618084f4618084 f4618084f4618084 f4618084f4618084 f4618084f4618084 f4618084f4618084 f4618084f4618084
ZMM22=66ef424f66ef424f 66ef424f66ef424f 66ef424f66ef424f 66ef424f66ef424f 66ef424f66ef424f 66ef424f66ef424f 66ef424f66ef424f 66ef424f66ef424f
ZMM23=2e7934422e793442 2e7934422e793442 2e7934422e793442 2e7934422e793442 2e7934422e793442 2e7934422e793442 2e7934422e793442 2e7934422e793442
ZMM24=ec7b4726ec7b4726 ec7b4726ec7b4726 ec7b4726ec7b4726 ec7b4726ec7b4726 ec7b4726ec7b4726 ec7b4726ec7b4726 ec7b4726ec7b4726 ec7b4726ec7b4726
ZMM25=2f33bb5b2f33bb5b 2f33bb5b2f33bb5b 2f33bb5b2f33bb5b 2f33bb5b2f33bb5b 2f33bb5b2f33bb5b 2f33bb5b2f33bb5b 2f33bb5b2f33bb5b 2f33bb5b2f33bb5b
ZMM26=34644c6e34644c6e 34644c6e34644c6e 34644c6e34644c6e 34644c6e34644c6e 34644c6e34644c6e 34644c6e34644c6e 34644c6e34644c6e 34644c6e34644c6e
ZMM27=67dd441c67dd441c 67dd441c67dd441c 67dd441c67dd441c 67dd441c67dd441c 67dd441c67dd441c 67dd441c67dd441c 67dd441c67dd441c 67dd441c67dd441c
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=b9050000b9050000 b9050000b9050000 b9050000b9050000 b9050000b9050000 b9050000b9050000 b9050000b9050000 b9050000b9050000 b9050000b9050000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff888064e610d8 RCX=ffffffff8ae9290e RDX=ffff88801f738000
RSI=0000000000000000 RDI=0000000000000001 RBP=000000000000021b RSP=ffffc9000100fb98
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000002
R12=0000000000000001 R13=ffff88801acb0000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff8ae91e85 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000000c310b76 CR3=0000000061786000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000