last executing test programs:

20.127825158s ago: executing program 1 (id=825):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x75e, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffefb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000005c0)={0x0, 0xfffffffffffffe2e, &(0x7f0000000180)={&(0x7f0000000580)={0x14, 0x30, 0x200, 0x70bd28, 0x0, {0x20}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x0, &(0x7f0000000640)=0x2)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
open_by_handle_at(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="280000004e0000000300ff7f000000000000000000000000ff07000003000000000000000a0000000200000000000000"], 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff})
r5 = socket$inet6(0xa, 0x3, 0x7)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmmsg(r5, 0x0, 0x0, 0xffd8)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x2, 0x7fff0003}]})
select(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r6, 0x40045542, &(0x7f0000000b00)=0x4a83189f)
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)

19.882231036s ago: executing program 1 (id=832):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32, 0x0, 0xfe}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x3c4, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (fail_nth: 14)

19.713838679s ago: executing program 1 (id=835):
setuid(0xee01)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newtaction={0xc4, 0x30, 0x1, 0x0, 0x0, {}, [{0xb0, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_skbmod={0x80, 0xb, 0x0, 0x0, {{0xb}, {0x4}, {0x51, 0x6, "b11e0327dea32986e5c29bbaa48ff32ac7a87f9a0a1f930fff15cca48adbb7945baf05d3b9b66edb4206e0ef397977a2a4809413714e907a129df78ad2d4869db9e93d10711f84b34999515041"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0xd, 0x800)
syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0xcb75, 0x0, 0x0, 0xfffffffd}, &(0x7f0000000280)=<r3=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
timer_create(0x2, 0x0, &(0x7f0000000180)=<r4=>0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f0000000300)={{0x2, 0x4e21, @private=0xa010100}, {0x6, @remote}, 0x4, {0x2, 0x4e24, @broadcast}, 'gre0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x5f, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@delchain={0x48, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x9}, {0x10, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_DST={0x14, 0x21, @mcast1}]}}]}, 0x48}}, 0x0)
timer_delete(r4)

18.765259944s ago: executing program 1 (id=841):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000007c0)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0xb, @loopback={0x400000000000000}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newsa={0x134, 0x17, 0x713, 0x0, 0x0, {{@in6=@mcast2, @in=@rand_addr=0x64010101, 0xfffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@broadcast, 0x0, 0x32}, @in6=@mcast2, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x134}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000018c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500), 0x69)

18.526081133s ago: executing program 1 (id=842):
syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f00000001c0), 0x2, 0x2)
r0 = openat$sndseq(0xffffff9c, &(0x7f00000000c0), 0x4082)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000100))
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
socket$netlink(0x10, 0x3, 0x9)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd/4\x00')
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})

17.615914095s ago: executing program 1 (id=847):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x101}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="2c0000002e0001002abd7000000000000945d000", @ANYRES32, @ANYBLOB="0b000080976b6408686030000500018099000000"], 0x2c}], 0x1}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
timerfd_create(0x0, 0x0)
r5 = creat(0x0, 0x0)
ftruncate(r5, 0x8208200)
accept4$llc(r5, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000380)=0x10, 0x800)
ioctl$PIO_UNIMAP(r3, 0x4b67, &(0x7f0000000400)={0x1, &(0x7f00000003c0)=[{0x200, 0x81}]})
setsockopt$llc_int(r5, 0x10c, 0x1, &(0x7f0000000000)=0xd, 0x4)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000000c0), 0x12)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r7 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r7}}, 0x58)

4.565213682s ago: executing program 3 (id=898):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {}, 0xa}}, 0x26)
sendmmsg$inet(r2, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)
r3 = socket$netlink(0x10, 0x3, 0x13)
setsockopt$sock_int(r3, 0x1, 0x8, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f00000002c0), 0x0, 0x6, 0x40)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000009c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x478, 0x1e0, 0x128, 0x324, 0x128, 0x1e0, 0x3e4, 0x3e4, 0x3e4, 0x3e4, 0x3e4, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00', {}, {0xff}, 0x6, 0x0, 0x1}, 0x0, 0x70, 0x94}, @ECN={0x24, 'ECN\x00', 0x0, {0x20}}}, {{@uncond, 0x0, 0x70, 0x94}, @TTL={0x24}}, {{@uncond, 0x0, 0x94, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @TTL={0x24, 'TTL\x00', 0x0, {0x3, 0x1}}}, {{@uncond, 0x0, 0xe4, 0x144, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x2]}, {0x0, [0x0, 0x0, 0x0, 0x3]}}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'macvtap0\x00'}, 0x0, 0x9c, 0xc0, 0x0, {}, [@common=@inet=@udplite={{0x2c}}]}, @ECN={0x24, 'ECN\x00', 0x0, {0x65f5c1fa4b778e1a, 0x6, 0x1}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x4d4)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x200)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x100000, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'geneve0\x00'})
sendto$packet(r6, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x0, 0x0, 0x0)

3.710483614s ago: executing program 3 (id=899):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x3a6}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r9 = dup(r8)
write$FUSE_INIT(r9, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xf4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000004380), 0x20801a, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRESHEX=r7, @ANYBLOB=',wf', @ANYRESHEX=r9, @ANYBLOB=',directio,k'])
read$FUSE(r6, &(0x7f00000022c0)={0x2020}, 0x2020)
io_uring_enter(r3, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x20, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x8}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)

2.745458181s ago: executing program 3 (id=902):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x3a6}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r9 = dup(r8)
write$FUSE_BMAP(r9, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r9, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xf4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000004380), 0x20801a, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRESHEX=r7, @ANYBLOB=',w', @ANYRESHEX=r9, @ANYBLOB=',directio,k'])
read$FUSE(r6, &(0x7f00000022c0)={0x2020}, 0x2020)
setuid(0x0)
io_uring_enter(r3, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x20, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x8}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)
socket$l2tp6(0xa, 0x2, 0x73)

2.395962243s ago: executing program 32 (id=847):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x101}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="2c0000002e0001002abd7000000000000945d000", @ANYRES32, @ANYBLOB="0b000080976b6408686030000500018099000000"], 0x2c}], 0x1}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
timerfd_create(0x0, 0x0)
r5 = creat(0x0, 0x0)
ftruncate(r5, 0x8208200)
accept4$llc(r5, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000380)=0x10, 0x800)
ioctl$PIO_UNIMAP(r3, 0x4b67, &(0x7f0000000400)={0x1, &(0x7f00000003c0)=[{0x200, 0x81}]})
setsockopt$llc_int(r5, 0x10c, 0x1, &(0x7f0000000000)=0xd, 0x4)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000000c0), 0x12)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r7 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r7}}, 0x58)

2.012865845s ago: executing program 0 (id=907):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0200bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000011c0)={r0, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (fail_nth: 1)

2.012526894s ago: executing program 2 (id=908):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
futex(0x0, 0x2, 0xffffffff, &(0x7f0000000100), 0x0, 0x2)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x4d, 0x0, &(0x7f00000000c0)=0x10)
r2 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$inet_buf(r2, 0x0, 0x29, 0x0, &(0x7f0000000080))
r3 = syz_open_dev$MSR(&(0x7f0000000100), 0x4, 0x0)
ioctl$X86_IOC_RDMSR_REGS(r3, 0xc02063a0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x10010, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}, {0x3, 0xc8, @any, 0x0, 0x1, 0x9, 0x1, 0x7ff, 0x22}}}, 0x14)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r4, 0x0)
socket$kcm(0x10, 0x2, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0xf5, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000012000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000058000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0c00098008000140ffffff1f0800084000000001080003000000"], 0xa0}}, 0x0) (fail_nth: 1)

1.955670703s ago: executing program 0 (id=909):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x101}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="2c0000002e0001002abd7000000000000945d000", @ANYRES32, @ANYBLOB="0b000080976b6408686030000500018099000000"], 0x2c}], 0x1}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
timerfd_create(0x0, 0x0)
r5 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ftruncate(r5, 0x8208200)
accept4$llc(r5, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x0, 0x800)
ioctl$PIO_UNIMAP(r3, 0x4b67, &(0x7f0000000400)={0x1, &(0x7f00000003c0)=[{0x200, 0x81}]})
setsockopt$llc_int(r5, 0x10c, 0x1, &(0x7f0000000000)=0xd, 0x4)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000000c0), 0x12)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r7 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r7}}, 0x58)

1.800947526s ago: executing program 3 (id=910):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
socket$inet_sctp(0x2, 0x400000000001, 0x84)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
r4 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000000380)=<r5=>0x0)
syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(r4, 0xa3d, 0x0, 0x0, 0x0, 0x0)
r7 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x92, &(0x7f0000000300)={0x1, 0x1, 0x3})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
write$binfmt_elf64(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="7f454c460e02fab7ff7f00000000000002000300fffeffffdf020000000000004000000000000000030300000000000000000000040038000100040004000d0006000000008000000000000000000000070000000000000008000000000040000100000000000000020400"], 0xad)
ioctl$SNDCTL_SEQ_SYNC(r8, 0x5101)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f0000000180)=""/204, 0xcc, 0x0, 0x0)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00'}, 0x10)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r10}, 0x10)
r11 = socket$kcm(0x2, 0x1, 0x106)
sendmsg$inet(r11, &(0x7f0000000080)={0x0, 0x3, 0x0}, 0x30004001)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r9, 0x84009422, &(0x7f0000000980)={0x0, 0x0, {0x0, @struct}, {0x0, @struct}})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r12, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, 0x1, 0x4, 0x301, 0x900, 0x0, {0x5, 0x0, 0xa}, [@NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x3}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x7fff}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)

1.374284366s ago: executing program 3 (id=911):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x3a6}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r8 = dup(r7)
write$FUSE_INIT(r8, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xf4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000004380), 0x20801a, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRESHEX=r6, @ANYBLOB=',wf', @ANYRESHEX=r8, @ANYBLOB=',directio,k'])
read$FUSE(r5, &(0x7f00000022c0)={0x2020}, 0x2020)
io_uring_enter(r2, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x20, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x8}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)

1.235819293s ago: executing program 2 (id=912):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000000)='proc\x00', 0x0)
write$proc_mixer(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB], 0xe6)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fsmount(r4, 0x0, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(r5, 0x101, 0x19, &(0x7f00000001c0)=@rose={'rose', 0x0}, 0x10)
r6 = socket$inet(0xa, 0x801, 0x84)
sendto$inet(r6, &(0x7f0000000080)='w', 0x1, 0x0, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x4)
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)

1.05788379s ago: executing program 0 (id=913):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000006500))
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
openat$nullb(0xffffffffffffff9c, 0x0, 0x48882, 0x0) (rerun: 64)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x4f565559, 0x0, 0xa, [{}, {0x10, 0x2}], 0x0, 0x80, 0x3, 0x0, 0x2}}) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
socket(0x11, 0x800000003, 0x0) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0}) (rerun: 32)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x80}, [@NDA_LLADDR={0xa, 0x2, @link_local}]}, 0x28}}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000800)=@filter={'filter\x00', 0x4, 0x4, 0x324, 0xffffffff, 0x194, 0xc8, 0x0, 0xfeffffff, 0xffffffff, 0x25c, 0x25c, 0x25c, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private2, [], [], 'batadv_slave_0\x00', 'team_slave_1\x00', {}, {}, 0x6, 0x0, 0x1}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x6}}}, {{@ipv6={@remote, @private0, [], [], 'hsr0\x00', 'veth0_macvtap\x00'}, 0x0, 0xa4, 0xcc}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x0, 0xa4, 0xc8}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x380) (async)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
socket(0x2000000000000021, 0x2, 0x10000000000002)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b34393b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c00000000b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa88af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000080)=0x10) (async, rerun: 32)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84) (rerun: 32)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, &(0x7f0000000040)=0x3ff, 0x4) (async)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x0, 0x6}, 0xc) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x18, 0x1418, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}}, 0x0) (async)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x1, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async, rerun: 32)
writev(r5, &(0x7f0000000080)=[{&(0x7f0000000100)='J', 0x1}], 0x1) (rerun: 32)

442.342962ms ago: executing program 3 (id=914):
fanotify_init(0x4, 0x40803)
r0 = syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@can_newroute={0x24, 0x18, 0x1, 0x0, 0x0, {}, [@CGW_DST_IF={0x8, 0xa, r2}, @CGW_SRC_IF={0x8, 0x9, r3}]}, 0x24}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x4, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r4)
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x16)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x12, r5, 0x0)
mount$9p_rdma(&(0x7f0000000200), &(0x7f0000000240)='./cgroup\x00', &(0x7f00000002c0), 0x1000000, &(0x7f00000004c0)={'trans=rdma,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@timeout={'timeout', 0x3d, 0xfffffdf9}}]}})
ioctl$SG_GET_REQUEST_TABLE(r5, 0x2286, &(0x7f0000000000))
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r6, 0x0, 0x0)

327.967643ms ago: executing program 2 (id=915):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe)
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f00000002c0), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000180)={'wpan1\x00', <r4=>0x0})
r5 = getpid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x24, r3, 0x1, 0x70bd27, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_PID={0x8, 0x1c, r5}]}, 0x24}}, 0x0)
sendmsg$GTP_CMD_ECHOREQ(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYRESOCT=r4, @ANYRES16=r2, @ANYBLOB="fcff28bd7000fe333a1402", @ANYRES64=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x44890}, 0x24008004)

123.876241ms ago: executing program 2 (id=916):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f8, 0x0, 0x150, 0x150, 0x144, 0x0, 0x230, 0x238, 0x238, 0x230, 0x238, 0x3, 0x0, {[{{@ipv6={@remote, @mcast2, [0x0, 0x0, 0x0, 0xff000000], [0x0, 0xff], 'batadv0\x00', 'ip6tnl0\x00', {}, {}, 0x2f}, 0x0, 0x120, 0x144, 0x0, {}, [@common=@inet=@dscp={{0x24}, {0x26}}, @common=@inet=@hashlimit1={{0x58}, {'\x00', {0x8}}}]}, @common=@inet=@TCPMSS={0x24}}, {{@uncond, 0x0, 0xa4, 0xec}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0xfffd, 0xfffe, 0x0, 0x80004, '\x00', {0x6d}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x354)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r2, 0x6, 0x3, &(0x7f00000001c0)=0x1, 0x4)
mkdir(&(0x7f00000001c0)='./file1\x00', 0x122)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000001980)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001a00)={0x1c, r4, 0xb09, 0x0, 0x0, {0x5}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='hpfs\x00', 0x400106c, &(0x7f0000000340)='\x00\x00\x00\x00\x00\x00\x00\x00\xbc3}\xa7\xd0J\xdd\x85Y<b\xf2=\xf6\xfe\xfa9\x9e\xc8\xc6\x81<s\x9e\xbe\xd4\x9b\r*\x82\x03\x00\x19\x8b\x9eP\xad4\x04\xbe\x82\b}\xb8\xb7\xfc\xea\xa8\x80^NI\x14x\v\xf6\xe2\x01\xfd;\a\x85\xf7e\x16:\xf7\xcc\xd1v#YV\xf7\xf0\xa3\x18.\x05c*\xbc\xcb\xaf*H6\xd7\x99\xc5\x1aF+\x13w1\xf2\xe8 \x93\xc2\xf0\x87\xe6\xb2\x80\xd0\x80\xdfc\xab\xd9\xdc\xc3\a\x05\xc1\x97u\xe5\r#\xf8uC\xd3d\xa4\x12\xe6\a\xd4\xed\x17?\xba\xfd\xda\xe7\x8b\xc6{\xbc\x9b\xafr*\xe4\x9c\xda\xbd]\xe5\xfa\x8e\xf3[{\xf0_\"\x9bM\xd9\xaay\\1\x97\x8a\xde\xd9\x99\f\xe2\v\xb1\x13Z\x96KRUN\xec\xe2\xd3w\xe1\t\xa4\xc2\xbc\xad\xf2\x91.\x9e\xea\x9f\x83\xc7\x98\xc7\xf6P\x12@z\x9f\x12Nd\x1b\x1b\xdaWs\xca\t\xdc\xc1\xbf\xb6\x10<\xcd\xf8\xcd\xd1@\xd4Y\xcb5\xf3\x02\xad\xf7}\xd1\n\xac\xdbQn\xf8Xs:\x86\xafC/\x00\x8f\xa0\xbb\xb4^')
chdir(&(0x7f0000000040)='./file1\x00')
r5 = creat(&(0x7f0000000540)='./bus\x00', 0x0)
r6 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000580)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$chown(0x4, r6, 0xffffffffffffffff, 0xee00)
quotactl_fd$Q_GETQUOTA(r5, 0xffffffff80000700, 0xffffffffffffffff, 0x0)
bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r7 = socket(0x1e, 0x4, 0x0)
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
lseek(r8, 0x851, 0x0)
setxattr$incfs_metadata(&(0x7f0000000480)='./bus\x00', &(0x7f00000004c0), &(0x7f0000000ac0)="54109024974bd16d775b9ce879a645b5ef48298eb722bb39396b7d9f9f8e028430a192d9554a8aafff56dcd830f3f4df3dfbfc2535f9e66d6d6b6e6b9fcd2ac2bd233ec3a1ea75d82d7f58c17cf3ea951ebfc8fa41cb3680c7566f8f98ff23424a603a2c28865df3b7f40efaeb35c9d5c83c194f9a582370415690cafe98f15a4802238c9f1c939b2241d779", 0x8c, 0x1)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r7, 0x84, 0x13, &(0x7f0000000080)={<r9=>0x0, 0x2}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000180)={r9, 0xe8, &(0x7f00000009c0)=[@in6={0xa, 0x4e24, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3}, @in6={0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x36}}, @in6={0xa, 0x4e22, 0xfffffbcb, @private1, 0x100}, @in={0x2, 0x4e20, @loopback}, @in={0x2, 0x4e24, @empty}, @in6={0xa, 0x4e21, 0x8, @loopback, 0x2}, @in6={0xa, 0x4e21, 0x6, @loopback, 0x1}, @in6={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x2a}, 0xfff}, @in={0x2, 0x4e23, @broadcast}]}, &(0x7f0000000280)=0xc)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000000000)=@req3={0x64f, 0x7fffffff, 0x0, 0x3, 0x1ff, 0x401, 0x9}, 0x1c)
recvmmsg(r7, &(0x7f0000008140)=[{{0x0, 0x0, &(0x7f0000002880)=[{&(0x7f0000000140)=""/8, 0x8}], 0x1}}], 0x1, 0x7fb10726dd8b, 0x0)
sendfile(r1, r1, 0x0, 0x40005)

55.151514ms ago: executing program 2 (id=917):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x3, 0x400200)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f0000000040))
sendfile(r0, r0, &(0x7f0000000080)=0x4, 0x5)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f00000000c0)={0x9cb2, 0x1000, {<r1=>0xffffffffffffffff}, {0xffffffffffffffff}, 0x101, 0x1})
prlimit64(r1, 0xe, &(0x7f0000000100)={0x2, 0x4}, &(0x7f0000000140))
fchdir(r0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r2, 0x65, 0x5, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
setrlimit(0x6, &(0x7f0000000200)={0x6, 0x8})
prlimit64(r1, 0x7, &(0x7f0000000240)={0x9, 0x8}, &(0x7f0000000280))
ioctl(r0, 0x9, &(0x7f00000002c0))
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r4 = fcntl$dupfd(r0, 0x406, r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000300)={'batadv_slave_1\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000340)={0x11, 0x2d, r5, 0x1, 0x6, 0x6, @random="3a0e3a2dca57"}, 0x14)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r4}, 0x4)
r6 = openat$drirender128(0xffffff9c, &(0x7f00000003c0), 0xc40, 0x0)
r7 = signalfd4(r6, &(0x7f0000000400)={[0xff, 0x7]}, 0x8, 0x0)
r8 = openat$hwrng(0xffffff9c, &(0x7f0000000440), 0x101000, 0x0)
setsockopt$inet6_tcp_buf(r8, 0x6, 0x3, &(0x7f0000000480)="5b072fc75cecf4ca35a33762f038368d8d2be564d2b4e7fee514f4068cc01d379f633a197c6774f60475f91e43f83ee7b7ad0ebde58c5fc0e3cb8d77aaf31cf48c8859431f513898ecfb7c02c41e8ad22522c59bae4e640c82465cf3348fa88c770259aafafd64953cf221fa0a4b73915d97fd78", 0x74)
bind$pptp(r4, &(0x7f0000000500)={0x18, 0x2, {0x3, @loopback}}, 0x1e)
ioctl$BINDER_CTL_ADD(r7, 0xc1086201, &(0x7f0000000540)={'binder1\x00'})
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000680)={'vcan0\x00'})
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)=@ipv6_newrule={0x74, 0x20, 0x20, 0x70bd2b, 0x25dfdbfb, {0xa, 0x10, 0x80, 0x8, 0x7, 0x0, 0x0, 0x0, 0x6}, [@FIB_RULE_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x2f}, @FRA_SRC={0x14, 0x2, @mcast1}, @FRA_DST={0x14, 0x1, @empty}, @FIB_RULE_POLICY=@FRA_OIFNAME={0x14, 0x11, 'pim6reg\x00'}, @FRA_DST={0x14, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x80)
getrlimit(0x1, &(0x7f0000000880))
r9 = openat$cachefiles(0xffffff9c, &(0x7f00000008c0), 0x4000, 0x0)
setsockopt$CAN_RAW_LOOPBACK(r9, 0x65, 0x3, &(0x7f0000000900)=0x1, 0x4)
fsopen(&(0x7f0000000940)='efs\x00', 0x1)

53.477502ms ago: executing program 0 (id=918):
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000018c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r0}, 0x69)

53.24992ms ago: executing program 0 (id=919):
r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x40802, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000002740)={0x53, 0xfffffffffffffffc, 0x1a, 0x0, @buffer={0x0, 0x20000, &(0x7f0000002780)=""/4110}, &(0x7f00000025c0)="85c8800bfad6", 0x0, 0x103, 0x10011, 0x1, 0x0})

7.718978ms ago: executing program 0 (id=920):
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r5, 0x2000009)
sendfile(r4, r5, 0x0, 0x7ffff000)
lstat(&(0x7f00000002c0)='./file0\x00', 0x0) (fail_nth: 6)

0s ago: executing program 2 (id=921):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
recvmmsg(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000140)=""/1, 0x1}], 0x1}, 0x1a17}], 0x1, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0], 0x2, 0x80800})
r1 = io_uring_setup(0x7c41, &(0x7f0000000300)={0x0, 0x0, 0x40})
io_uring_register$IORING_REGISTER_RING_FDS(r1, 0x14, 0x0, 0x0)
socket$kcm(0x11, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{}, {}, {}, {0x1}, {}, {0xfffffffa, 0x6}], 0x0, 0x0, 0x8, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
creat(&(0x7f00000005c0)='./file0\x00', 0x0)
io_uring_setup(0x800036c2, &(0x7f0000000140)={0x0, 0xfc45, 0x9000, 0xfffffffd, 0x24b})
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000640)="d9b9547ed3c0021a6fd6a67ab922", 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
open(&(0x7f00000002c0)='./file0\x00', 0x1c1042, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000040), 0x100006, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], 0x0, 0x0, 0x0, 0x1})
r6 = io_uring_setup(0x5b2e, &(0x7f0000000500))
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

0x62e/0x1a70
[  204.338082][ T9378]  ? __pfx_device_add+0x10/0x10
[  204.340164][ T9378]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  204.342623][ T9378]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  204.345142][ T9378]  wiphy_register+0x1c7a/0x2860
[  204.346996][ T9378]  ? netdev_run_todo+0x837/0x12d0
[  204.348672][ T9378]  ? __pfx_wiphy_register+0x10/0x10
[  204.350663][ T9378]  ieee80211_register_hw+0x2951/0x3fa0
[  204.352921][ T9378]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  204.355364][ T9378]  ? net_generic+0xea/0x2a0
[  204.357294][ T9378]  ? lockdep_init_map_type+0x16d/0x7d0
[  204.359404][ T9378]  ? rcu_is_watching+0x12/0xc0
[  204.361336][ T9378]  ? trace_hrtimer_init+0x1a6/0x230
[  204.363218][ T9378]  ? __hrtimer_init+0x106/0x2c0
[  204.365057][ T9378]  mac80211_hwsim_new_radio+0x2c47/0x56c0
[  204.367090][ T9378]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  204.369672][ T9378]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  204.371360][ T9378]  hwsim_new_radio_nl+0xb42/0x12b0
[  204.372910][ T9378]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  204.374565][ T9378]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  204.376775][ T9378]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  204.379849][ T9378]  genl_family_rcv_msg_doit+0x202/0x2f0
[  204.381971][ T9378]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  204.383790][ T9378]  ? genl_get_cmd+0x195/0x580
[  204.385369][ T9378]  ? bpf_lsm_capable+0x9/0x10
[  204.387369][ T9378]  ? security_capable+0x7e/0x260
[  204.389409][ T9378]  ? ns_capable+0xd7/0x110
[  204.391318][ T9378]  genl_rcv_msg+0x565/0x800
[  204.393290][ T9378]  ? __pfx_genl_rcv_msg+0x10/0x10
[  204.395419][ T9378]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  204.397755][ T9378]  ? __pfx___lock_acquire+0x10/0x10
[  204.399922][ T9378]  netlink_rcv_skb+0x165/0x410
[  204.401665][ T9378]  ? __pfx_genl_rcv_msg+0x10/0x10
[  204.403234][ T9378]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  204.404829][ T9378]  ? down_read+0xc9/0x330
[  204.406132][ T9378]  ? __pfx_down_read+0x10/0x10
[  204.407720][ T9378]  ? netlink_deliver_tap+0x1ae/0xca0
[  204.409202][ T9378]  genl_rcv+0x28/0x40
[  204.410611][ T9378]  netlink_unicast+0x53c/0x7f0
[  204.412598][ T9378]  ? __pfx_netlink_unicast+0x10/0x10
[  204.414487][ T9378]  ? __phys_addr_symbol+0x30/0x80
[  204.416271][ T9378]  ? __check_object_size+0x488/0x710
[  204.417980][ T9378]  netlink_sendmsg+0x8b8/0xd70
[  204.419449][ T9378]  ? __pfx_netlink_sendmsg+0x10/0x10
[  204.421703][ T9378]  ____sys_sendmsg+0x9ae/0xb40
[  204.423416][ T9378]  ? __pfx_____sys_sendmsg+0x10/0x10
[  204.425065][ T9378]  ? get_compat_msghdr+0x11b/0x170
[  204.426593][ T9378]  ___sys_sendmsg+0x135/0x1e0
[  204.428225][ T9378]  ? __pfx____sys_sendmsg+0x10/0x10
[  204.429786][ T9378]  ? __pfx_lock_release+0x10/0x10
[  204.431262][ T9378]  ? trace_lock_acquire+0x14e/0x1f0
[  204.432884][ T9378]  ? __fget_files+0x206/0x3a0
[  204.434525][ T9378]  __sys_sendmsg+0x16e/0x220
[  204.435953][ T9378]  ? __pfx___sys_sendmsg+0x10/0x10
[  204.437674][ T9378]  ? __ia32_sys_futex_time32+0x1da/0x460
[  204.439343][ T9378]  __do_fast_syscall_32+0x73/0x120
[  204.440855][ T9378]  do_fast_syscall_32+0x32/0x80
[  204.442420][ T9378]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.444253][ T9378] RIP: 0023:0xf7fd2579
[  204.445482][ T9378] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.451962][ T9378] RSP: 002b:00000000f510555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  204.454410][ T9378] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000040
[  204.456780][ T9378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  204.459699][ T9378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.462256][ T9378] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  204.464600][ T9378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.466938][ T9378]  </TASK>
[  204.609693][ T9382] FAULT_INJECTION: forcing a failure.
[  204.609693][ T9382] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.614923][ T9382] CPU: 2 UID: 0 PID: 9382 Comm: syz.2.651 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  204.618795][ T9382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.622677][ T9382] Call Trace:
[  204.623906][ T9382]  <TASK>
[  204.625018][ T9382]  dump_stack_lvl+0x16c/0x1f0
[  204.626755][ T9382]  should_fail_ex+0x497/0x5b0
[  204.628510][ T9382]  _copy_from_user+0x2e/0xd0
[  204.630249][ T9382]  __sys_bpf+0x215/0x57a0
[  204.631868][ T9382]  ? __pfx_lock_release+0x10/0x10
[  204.633728][ T9382]  ? __pfx___sys_bpf+0x10/0x10
[  204.635607][ T9382]  ? vfs_write+0x306/0x1150
[  204.637466][ T9382]  ? __mutex_unlock_slowpath+0x164/0x690
[  204.639750][ T9382]  ? fput+0x67/0x440
[  204.641347][ T9382]  ? ksys_write+0x1ba/0x250
[  204.642693][ T9382]  ? __pfx_ksys_write+0x10/0x10
[  204.644094][ T9382]  __ia32_sys_bpf+0x76/0xe0
[  204.645428][ T9382]  __do_fast_syscall_32+0x73/0x120
[  204.647338][ T9382]  do_fast_syscall_32+0x32/0x80
[  204.649011][ T9382]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.650856][ T9382] RIP: 0023:0xf7f58579
[  204.652068][ T9382] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.659292][ T9382] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  204.662473][ T9382] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000500
[  204.665484][ T9382] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000
[  204.668693][ T9382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.671730][ T9382] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.674586][ T9382] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.677645][ T9382]  </TASK>
[  204.785910][ T9389] tmpfs: Bad value for 'mpol'
[  204.788550][ T9389] netlink: 28 bytes leftover after parsing attributes in process `syz.2.653'.
[  204.793859][ T9389] netlink: 'syz.2.653': attribute type 7 has an invalid length.
[  204.796799][ T9389] netlink: 'syz.2.653': attribute type 8 has an invalid length.
[  204.799483][ T9389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.653'.
[  204.805225][ T9389] erspan0: entered promiscuous mode
[  204.807407][ T9389] batadv_slave_1: entered promiscuous mode
[  204.809624][ T9389] gretap0: entered promiscuous mode
[  204.819519][ T9389] Invalid/unusable pipe
[  204.822101][ T9389] netlink: 32 bytes leftover after parsing attributes in process `syz.2.653'.
[  205.000311][ T6006] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  205.150325][ T6006] usb 5-1: Using ep0 maxpacket: 8
[  205.161641][ T6006] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  205.164870][ T6006] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  205.167732][ T6006] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  205.171084][ T6006] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  205.176270][ T6006] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  205.179674][ T6006] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.224352][ T9394] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  205.307401][ T9394] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  205.394024][ T6006] usb 5-1: GET_CAPABILITIES returned 0
[  205.396226][ T6006] usbtmc 5-1:16.0: can't read capabilities
[  205.531579][   T39] kauditd_printk_skb: 71 callbacks suppressed
[  205.531594][   T39] audit: type=1326 audit(1736540373.042:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9399 comm="syz.1.655" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x0
[  205.767622][ T9414] netlink: 8 bytes leftover after parsing attributes in process `syz.1.658'.
[  205.914014][ T9421] FAULT_INJECTION: forcing a failure.
[  205.914014][ T9421] name failslab, interval 1, probability 0, space 0, times 0
[  205.917629][ T9421] CPU: 3 UID: 0 PID: 9421 Comm: syz.1.659 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  205.920728][ T9421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  205.923757][ T9421] Call Trace:
[  205.924793][ T9421]  <TASK>
[  205.925647][ T9421]  dump_stack_lvl+0x16c/0x1f0
[  205.927004][ T9421]  should_fail_ex+0x497/0x5b0
[  205.928356][ T9421]  ? fs_reclaim_acquire+0xae/0x150
[  205.929868][ T9421]  should_failslab+0xc2/0x120
[  205.931220][ T9421]  __kmalloc_noprof+0xce/0x4f0
[  205.932511][ T9421]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  205.934114][ T9421]  ? tomoyo_realpath_from_path+0xbf/0x710
[  205.936148][ T9421]  tomoyo_realpath_from_path+0xbf/0x710
[  205.938417][ T9421]  ? tomoyo_path_number_perm+0x235/0x5b0
[  205.940738][ T9421]  tomoyo_path_number_perm+0x248/0x5b0
[  205.942955][ T9421]  ? tomoyo_path_number_perm+0x235/0x5b0
[  205.945247][ T9421]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  205.947707][ T9421]  ? __pfx_lock_release+0x10/0x10
[  205.949775][ T9421]  ? trace_lock_acquire+0x14e/0x1f0
[  205.951629][ T9421]  ? lock_acquire+0x2f/0xb0
[  205.952947][ T9421]  ? __fget_files+0x40/0x3a0
[  205.954282][ T9421]  ? __fget_files+0x206/0x3a0
[  205.955657][ T9421]  security_file_ioctl_compat+0x9b/0x240
[  205.957268][ T9421]  __do_compat_sys_ioctl+0x4e/0x2c0
[  205.958751][ T9421]  __do_fast_syscall_32+0x73/0x120
[  205.960245][ T9421]  do_fast_syscall_32+0x32/0x80
[  205.961753][ T9421]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  205.963608][ T9421] RIP: 0023:0xf7fd2579
[  205.964802][ T9421] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  205.970244][ T9421] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  205.973552][ T9421] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005303
[  205.975931][ T9421] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  205.978186][ T9421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  205.980460][ T9421] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  205.982721][ T9421] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  205.985101][ T9421]  </TASK>
[  205.987235][ T9421] ERROR: Out of memory at tomoyo_realpath_from_path.
[  206.111967][ T9425] netlink: 8 bytes leftover after parsing attributes in process `syz.2.660'.
[  206.610044][ T9436] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  207.293254][ T6006] usb 7-1: new full-speed USB device number 10 using dummy_hcd
[  207.342968][ T9449] tipc: Started in network mode
[  207.344589][ T9449] tipc: Node identity 360c1ea4a9c1, cluster identity 4711
[  207.346764][ T9449] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  207.348803][ T9447] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  207.352143][ T9449] syzkaller0: MTU too low for tipc bearer
[  207.353835][ T9449] tipc: Disabling bearer <eth:syzkaller0>
[  207.452518][ T6006] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  207.455953][ T6006] usb 7-1: config 0 has no interface number 0
[  207.458571][ T6006] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  207.463150][ T6006] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  207.467558][ T6006] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  207.472001][ T6006] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[  207.476200][ T6006] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  207.481127][ T6006] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  207.484479][ T6006] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.489446][ T6006] usb 7-1: config 0 descriptor??
[  207.499702][ T9441] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  207.504772][ T6006] ldusb 7-1:0.55: LD USB Device #1 now attached to major 180 minor 1
[  207.525914][ T9455] netlink: 4 bytes leftover after parsing attributes in process `syz.1.669'.
[  207.532473][ T9456] netlink: 173 bytes leftover after parsing attributes in process `syz.1.669'.
[  207.819456][ T9465] input: syz1 as /devices/virtual/input/input14
[  207.913230][ T9441] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.917918][ T9441] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.926703][ T5984] usb 7-1: USB disconnect, device number 10
[  207.943825][ T5984] ldusb 7-1:0.55: LD USB Device #1 now disconnected
[  208.073983][ T5986] usb 5-1: USB disconnect, device number 16
[  208.183697][ T9476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.673'.
[  208.782450][ T9497] netlink: 4 bytes leftover after parsing attributes in process `syz.2.680'.
[  208.901603][ T9505] program syz.2.682 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  209.852876][ T9519] usb 2-1: USB disconnect, device number 2
[  209.869922][ T9519] FAULT_INJECTION: forcing a failure.
[  209.869922][ T9519] name failslab, interval 1, probability 0, space 0, times 0
[  209.873967][ T9519] CPU: 2 UID: 0 PID: 9519 Comm: syz.1.685 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  209.877312][ T9519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.880495][ T9519] Call Trace:
[  209.881500][ T9519]  <TASK>
[  209.882375][ T9519]  dump_stack_lvl+0x16c/0x1f0
[  209.883754][ T9519]  should_fail_ex+0x497/0x5b0
[  209.885224][ T9519]  ? fs_reclaim_acquire+0xae/0x150
[  209.887282][ T9519]  should_failslab+0xc2/0x120
[  209.889180][ T9519]  __kmalloc_cache_noprof+0x68/0x420
[  209.891248][ T9519]  kobject_uevent_env+0x265/0x1670
[  209.893317][ T9519]  ? __pfx_dev_uevent_name+0x10/0x10
[  209.895471][ T9519]  ? bus_to_subsys+0x12d/0x160
[  209.897428][ T9519]  device_del+0x623/0x9f0
[  209.899170][ T9519]  ? __pfx_device_del+0x10/0x10
[  209.901168][ T9519]  cdev_device_del+0x1d/0x110
[  209.903051][ T9519]  mousedev_disconnect+0x1c2/0x380
[  209.905092][ T9519]  __input_unregister_device+0x1d5/0x450
[  209.906903][ T9519]  input_unregister_device+0xb9/0x100
[  209.908925][ T9519]  hidinput_disconnect+0x160/0x3e0
[  209.910813][ T9519]  hid_disconnect+0x14d/0x1b0
[  209.912359][ T9519]  hid_device_remove+0x1a8/0x260
[  209.914230][ T9519]  ? __pfx_hid_device_remove+0x10/0x10
[  209.915806][ T9519]  device_remove+0xc8/0x170
[  209.917214][ T9519]  device_release_driver_internal+0x44a/0x610
[  209.919619][ T9519]  bus_remove_device+0x22f/0x420
[  209.921663][ T9519]  device_del+0x396/0x9f0
[  209.923412][ T9519]  ? usbhid_disconnect+0x98/0xe0
[  209.925127][ T9519]  ? __pfx_device_del+0x10/0x10
[  209.926609][ T9519]  ? do_raw_spin_lock+0x12d/0x2c0
[  209.928373][ T9519]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  209.929982][ T9519]  hid_destroy_device+0x19c/0x240
[  209.931507][ T9519]  usbhid_disconnect+0xa0/0xe0
[  209.933154][ T9519]  usb_unbind_interface+0x1e2/0x960
[  209.935212][ T9519]  ? kernfs_find_ns+0x2e0/0x3f0
[  209.937199][ T9519]  ? __pfx_usb_unbind_interface+0x10/0x10
[  209.939376][ T9519]  device_remove+0x122/0x170
[  209.940990][ T9519]  device_release_driver_internal+0x44a/0x610
[  209.942993][ T9519]  bus_remove_device+0x22f/0x420
[  209.945018][ T9519]  device_del+0x396/0x9f0
[  209.946790][ T9519]  ? __pfx_device_del+0x10/0x10
[  209.948762][ T9519]  ? kobject_put+0x210/0x5a0
[  209.950680][ T9519]  usb_disable_device+0x36c/0x7f0
[  209.952669][ T9519]  usb_disconnect+0x2e1/0x920
[  209.954537][ T9519]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  209.956822][ T9519]  hub_quiesce+0x170/0x310
[  209.958589][ T9519]  hub_disconnect+0xd5/0x500
[  209.960426][ T9519]  usb_unbind_interface+0x1e2/0x960
[  209.963017][ T9519]  ? kernfs_find_ns+0x2e0/0x3f0
[  209.964505][ T9519]  ? __pfx_usb_unbind_interface+0x10/0x10
[  209.966774][ T9519]  device_remove+0x122/0x170
[  209.968679][ T9519]  device_release_driver_internal+0x44a/0x610
[  209.971085][ T9519]  usb_driver_release_interface+0x109/0x190
[  209.973416][ T9519]  proc_ioctl+0x5b5/0x6a0
[  209.975126][ T9519]  usbdev_ioctl+0x177d/0x3f90
[  209.977054][ T9519]  ? __pfx_usbdev_ioctl+0x10/0x10
[  209.978839][ T9519]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  209.981084][ T9519]  ? do_vfs_ioctl+0x513/0x1950
[  209.982797][ T9519]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  209.984853][ T9519]  ? __pfx_lock_release+0x10/0x10
[  209.986678][ T9519]  ? trace_lock_acquire+0x14e/0x1f0
[  209.988598][ T9519]  ? __fget_files+0x206/0x3a0
[  209.990075][ T9519]  ? __pfx_usbdev_ioctl+0x10/0x10
[  209.991683][ T9519]  compat_ptr_ioctl+0x6b/0xa0
[  209.993128][ T9519]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  209.994756][ T9519]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  209.996418][ T9519]  __do_fast_syscall_32+0x73/0x120
[  209.998029][ T9519]  do_fast_syscall_32+0x32/0x80
[  209.999948][ T9519]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  210.002383][ T9519] RIP: 0023:0xf7fd2579
[  210.003701][ T9519] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  210.009493][ T9519] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  210.012151][ T9519] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c0105512
[  210.014648][ T9519] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  210.017099][ T9519] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  210.019941][ T9519] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  210.022594][ T9519] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  210.024855][ T9519]  </TASK>
[  210.067157][ T9529] hub 2-0:1.0: USB hub found
[  210.068694][ T9529] hub 2-0:1.0: 6 ports detected
[  210.079488][ T9519] binder: 9518:9519 ioctl 4018620d 0 returned -22
[  210.176020][ T6898] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  210.183023][ T5950] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  210.186528][ T5950] CPU: 3 UID: 0 PID: 5950 Comm: kworker/u33:3 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  210.189683][ T5950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.192816][ T5950] Workqueue: hci1 hci_rx_work
[  210.194234][ T5950] Call Trace:
[  210.195225][ T5950]  <TASK>
[  210.196071][ T5950]  dump_stack_lvl+0x16c/0x1f0
[  210.197450][ T5950]  sysfs_warn_dup+0x7f/0xa0
[  210.198773][ T5950]  sysfs_create_dir_ns+0x24d/0x2b0
[  210.200270][ T5950]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  210.202076][ T5950]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  210.204263][ T5950]  ? kobject_add_internal+0x12d/0x990
[  210.205949][ T5950]  ? do_raw_spin_unlock+0x172/0x230
[  210.207492][ T5950]  kobject_add_internal+0x2c8/0x990
[  210.209245][ T5950]  kobject_add+0x16f/0x240
[  210.210776][ T5950]  ? __pfx_kobject_add+0x10/0x10
[  210.212439][ T5950]  ? class_to_subsys+0x3e/0x160
[  210.213834][ T5950]  ? do_raw_spin_unlock+0x172/0x230
[  210.215604][ T5950]  ? kobject_put+0xab/0x5a0
[  210.217478][ T5950]  device_add+0x289/0x1a70
[  210.219005][ T5950]  ? __pfx_dev_set_name+0x10/0x10
[  210.220549][ T5950]  ? __pfx_device_add+0x10/0x10
[  210.222012][ T5950]  ? mgmt_send_event_skb+0x2f2/0x460
[  210.223603][ T5950]  hci_conn_add_sysfs+0x17e/0x230
[  210.225194][ T5950]  le_conn_complete_evt+0xfce/0x1d10
[  210.226748][ T5950]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  210.228452][ T5950]  ? __mutex_lock+0x1cc/0xa60
[  210.230264][ T5950]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  210.232008][ T5950]  ? skb_pull_data+0x166/0x210
[  210.233377][ T5950]  hci_le_meta_evt+0x2e2/0x5d0
[  210.234807][ T5950]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  210.237361][ T5950]  hci_event_packet+0x666/0x1190
[  210.238933][ T5950]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  210.240451][ T5950]  ? __pfx_hci_event_packet+0x10/0x10
[  210.241893][ T5950]  ? mark_held_locks+0x9f/0xe0
[  210.243237][ T5950]  ? kcov_remote_start+0x3cf/0x6e0
[  210.244630][ T5950]  ? lockdep_hardirqs_on+0x7c/0x110
[  210.246092][ T5950]  hci_rx_work+0x2c5/0x16b0
[  210.247307][ T5950]  ? process_one_work+0x8bb/0x1b30
[  210.248703][ T5950]  process_one_work+0x958/0x1b30
[  210.250100][ T5950]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  210.251890][ T5950]  ? __pfx_process_one_work+0x10/0x10
[  210.253447][ T5950]  ? rcu_is_watching+0x12/0xc0
[  210.254757][ T5950]  ? assign_work+0x1a0/0x250
[  210.256550][ T5950]  worker_thread+0x6c8/0xf00
[  210.258259][ T5950]  ? __kthread_parkme+0x148/0x220
[  210.259677][ T5950]  ? __pfx_worker_thread+0x10/0x10
[  210.261145][ T5950]  kthread+0x2c1/0x3a0
[  210.262327][ T5950]  ? _raw_spin_unlock_irq+0x23/0x50
[  210.263794][ T5950]  ? __pfx_kthread+0x10/0x10
[  210.265228][ T5950]  ret_from_fork+0x45/0x80
[  210.266521][ T5950]  ? __pfx_kthread+0x10/0x10
[  210.267800][ T5950]  ret_from_fork_asm+0x1a/0x30
[  210.269183][ T5950]  </TASK>
[  210.270415][ T6006] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  210.273949][ T5950] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  210.278115][ T5950] Bluetooth: hci1: failed to register connection device
[  210.350360][ T6898] usb 8-1: Using ep0 maxpacket: 16
[  210.353230][ T6898] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  210.357677][ T6898] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  210.363254][ T6898] usb 8-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  210.365679][ T6898] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.368111][ T6898] usb 8-1: Product: syz
[  210.369633][ T6898] usb 8-1: Manufacturer: syz
[  210.372678][ T6898] usb 8-1: SerialNumber: syz
[  210.397077][ T6898] usb 8-1: config 0 descriptor??
[  210.457796][ T6006] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  210.470512][ T6006] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  210.472911][ T6006] usb 2-1: Product: QEMU USB Tablet
[  210.474339][ T6006] usb 2-1: Manufacturer: QEMU
[  210.475766][ T6006] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  210.501293][ T6006] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0011/input/input15
[  210.563325][ T6006] hid-generic 0003:0627:0001.0011: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  210.765904][ T6898] appledisplay 8-1:0.0: Error while getting initial brightness: -110
[  210.771463][ T6898] appledisplay 8-1:0.0: probe with driver appledisplay failed with error -110
[  211.089463][ T9541] netlink: 8 bytes leftover after parsing attributes in process `syz.1.691'.
[  211.128302][ T5986] libceph: connect (1)[c::]:6789 error -101
[  211.140334][ T5986] libceph: mon0 (1)[c::]:6789 connect error
[  211.160637][ T9544] ceph: No mds server is up or the cluster is laggy
[  211.459147][ T9559] xt_HMARK: proto mask must be zero with L3 mode
[  211.720344][   T25] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  211.903271][   T25] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  211.905909][   T25] usb 5-1: config 1 has an invalid descriptor of length 128, skipping remainder of the config
[  211.908976][   T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  211.913032][   T25] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 64, changing to 10
[  211.916306][   T25] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 58764, setting to 1024
[  211.920635][   T25] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  211.923231][   T25] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  211.925508][   T25] usb 5-1: Product: syz
[  211.926945][   T25] usb 5-1: Manufacturer: syz
[  211.931766][ T9559] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  211.934478][   T25] cdc_wdm 5-1:1.0: skipping garbage
[  211.935903][   T25] cdc_wdm 5-1:1.0: skipping garbage
[  211.938460][   T25] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  211.940215][   T25] cdc_wdm 5-1:1.0: Unknown control protocol
[  211.979203][ T9576] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$���UL�vy��آ�D��UD�w�}�zR'
[  211.982373][ T9576] CPU: 0 UID: 0 PID: 9576 Comm: syz.2.699 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  211.985325][ T9576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  211.988480][ T9576] Call Trace:
[  211.989465][ T9576]  <TASK>
[  211.990332][ T9576]  dump_stack_lvl+0x16c/0x1f0
[  211.991709][ T9576]  sysfs_warn_dup+0x7f/0xa0
[  211.993020][ T9576]  sysfs_do_create_link_sd+0x124/0x140
[  211.994492][ T9576]  sysfs_create_link+0x61/0xc0
[  211.995791][ T9576]  device_add+0x62e/0x1a70
[  211.997274][ T9576]  ? __pfx_device_add+0x10/0x10
[  211.998784][ T9576]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  212.000479][ T9576]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  212.002200][ T9576]  wiphy_register+0x1c7a/0x2860
[  212.003599][ T9576]  ? netdev_run_todo+0x837/0x12d0
[  212.005049][ T9576]  ? __pfx_wiphy_register+0x10/0x10
[  212.006549][ T9576]  ieee80211_register_hw+0x2951/0x3fa0
[  212.008126][ T9576]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  212.009818][ T9576]  ? net_generic+0xea/0x2a0
[  212.011129][ T9576]  ? lockdep_init_map_type+0x16d/0x7d0
[  212.012706][ T9576]  ? rcu_is_watching+0x12/0xc0
[  212.014080][ T9576]  ? trace_hrtimer_init+0x1a6/0x230
[  212.015572][ T9576]  ? __hrtimer_init+0x106/0x2c0
[  212.016966][ T9576]  mac80211_hwsim_new_radio+0x2c47/0x56c0
[  212.018603][ T9576]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  212.020352][ T9576]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  212.021882][ T9576]  hwsim_new_radio_nl+0xb42/0x12b0
[  212.023357][ T9576]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  212.024946][ T9576]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  212.027026][ T9576]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  212.029157][ T9576]  genl_family_rcv_msg_doit+0x202/0x2f0
[  212.030741][ T9576]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  212.032477][ T9576]  ? genl_get_cmd+0x195/0x580
[  212.033838][ T9576]  ? bpf_lsm_capable+0x9/0x10
[  212.035201][ T9576]  ? security_capable+0x7e/0x260
[  212.036635][ T9576]  ? ns_capable+0xd7/0x110
[  212.037927][ T9576]  genl_rcv_msg+0x565/0x800
[  212.039257][ T9576]  ? __pfx_genl_rcv_msg+0x10/0x10
[  212.040700][ T9576]  ? mark_held_locks+0x9f/0xe0
[  212.042067][ T9576]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  212.043650][ T9576]  ? __pfx___schedule+0x10/0x10
[  212.045053][ T9576]  netlink_rcv_skb+0x165/0x410
[  212.046426][ T9576]  ? __pfx_genl_rcv_msg+0x10/0x10
[  212.047862][ T9576]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  212.049480][ T9576]  ? down_read+0x1a6/0x330
[  212.050759][ T9576]  ? __pfx_down_read+0x10/0x10
[  212.052129][ T9576]  ? netlink_deliver_tap+0x1ae/0xca0
[  212.053651][ T9576]  genl_rcv+0x28/0x40
[  212.054796][ T9576]  netlink_unicast+0x53c/0x7f0
[  212.056178][ T9576]  ? __pfx_netlink_unicast+0x10/0x10
[  212.057758][ T9576]  ? __phys_addr_symbol+0x30/0x80
[  212.059224][ T9576]  ? __check_object_size+0x488/0x710
[  212.060763][ T9576]  netlink_sendmsg+0x8b8/0xd70
[  212.062135][ T9576]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.063651][ T9576]  ____sys_sendmsg+0x9ae/0xb40
[  212.065038][ T9576]  ? __pfx_____sys_sendmsg+0x10/0x10
[  212.066550][ T9576]  ? get_compat_msghdr+0x11b/0x170
[  212.068027][ T9576]  ___sys_sendmsg+0x135/0x1e0
[  212.069425][ T9576]  ? __pfx____sys_sendmsg+0x10/0x10
[  212.070964][ T9576]  ? __pfx_lock_release+0x10/0x10
[  212.072426][ T9576]  ? trace_lock_acquire+0x14e/0x1f0
[  212.073929][ T9576]  ? __fget_files+0x206/0x3a0
[  212.075316][ T9576]  __sys_sendmsg+0x16e/0x220
[  212.076653][ T9576]  ? __pfx___sys_sendmsg+0x10/0x10
[  212.078235][ T9576]  __do_fast_syscall_32+0x73/0x120
[  212.079831][ T9576]  do_fast_syscall_32+0x32/0x80
[  212.081235][ T9576]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  212.082956][ T9576] RIP: 0023:0xf7f58579
[  212.084122][ T9576] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  212.089584][ T9576] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  212.091939][ T9576] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000040
[  212.094183][ T9576] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  212.096446][ T9576] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  212.098556][ T9576] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  212.100515][ T9576] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.102677][ T9576]  </TASK>
[  212.143017][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  212.145013][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  212.147015][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  212.149636][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  212.151972][    C2] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  212.153953][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  212.156166][    C2] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  212.161049][ T5984] usb 5-1: USB disconnect, device number 17
[  213.301293][ T6898] usb 8-1: USB disconnect, device number 14
[  214.006191][ T9597] netlink: 40 bytes leftover after parsing attributes in process `syz.0.703'.
[  214.190378][ T6024] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  214.340316][ T6024] usb 7-1: Using ep0 maxpacket: 8
[  214.346632][ T6024] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  214.350206][ T6024] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  214.355474][ T6024] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  214.359515][ T6024] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  214.364037][ T6024] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  214.369294][ T6024] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  214.373576][ T6024] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.382051][   T45] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.452030][   T45] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.558560][   T66] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  214.559391][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  214.563939][   T66] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  214.569751][ T5955] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  214.571085][   T45] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.571904][   T66] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  214.572637][   T66] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  214.582735][ T5955] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  214.583957][   T66] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  214.587569][ T5955] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  214.587802][   T66] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  214.594079][ T5959] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  214.599443][ T5959] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  214.601482][ T6024] usb 7-1: usb_control_msg returned -32
[  214.607235][ T6024] usbtmc 7-1:16.0: can't read capabilities
[  214.647865][   T45] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.720219][ T9606] chnl_net:caif_netlink_parms(): no params data found
[  214.733784][ T9605] chnl_net:caif_netlink_parms(): no params data found
[  214.956591][ T9625] usbtmc 7-1:16.0: INITIATE_CLEAR returned 0
[  214.961779][ T9606] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.964581][ T9606] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.966947][ T9606] bridge_slave_0: entered allmulticast mode
[  214.972348][ T9606] bridge_slave_0: entered promiscuous mode
[  215.025095][ T9606] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.027815][ T9606] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.029961][ T9606] bridge_slave_1: entered allmulticast mode
[  215.033069][ T9606] bridge_slave_1: entered promiscuous mode
[  215.090139][ T9605] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.093527][ T9605] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.097119][ T9605] bridge_slave_0: entered allmulticast mode
[  215.103338][ T9605] bridge_slave_0: entered promiscuous mode
[  215.129356][ T9606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.134781][ T9606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.158433][ T9605] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.164419][   T30] usb 7-1: USB disconnect, device number 11
[  215.166245][ T9605] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.170394][ T9605] bridge_slave_1: entered allmulticast mode
[  215.172549][ T9605] bridge_slave_1: entered promiscuous mode
[  215.176897][   T45] bridge_slave_1: left allmulticast mode
[  215.179430][   T45] bridge_slave_1: left promiscuous mode
[  215.188078][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.197203][   T45] bridge_slave_0: left allmulticast mode
[  215.199092][   T45] bridge_slave_0: left promiscuous mode
[  215.205258][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.579220][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  215.602311][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  215.622838][   T45] bond0 (unregistering): Released all slaves
[  215.665699][ T9606] team0: Port device team_slave_0 added
[  215.708944][ T9629] FAULT_INJECTION: forcing a failure.
[  215.708944][ T9629] name failslab, interval 1, probability 0, space 0, times 0
[  215.712621][ T9629] CPU: 0 UID: 0 PID: 9629 Comm: syz.2.713 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  215.715666][ T9629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.718879][ T9629] Call Trace:
[  215.719859][ T9629]  <TASK>
[  215.720733][ T9629]  dump_stack_lvl+0x16c/0x1f0
[  215.722082][ T9629]  should_fail_ex+0x497/0x5b0
[  215.723466][ T9629]  ? fs_reclaim_acquire+0xae/0x150
[  215.724945][ T9629]  should_failslab+0xc2/0x120
[  215.726298][ T9629]  __kmalloc_noprof+0xce/0x4f0
[  215.727758][ T9629]  ? __pfx___mutex_trylock_common+0x10/0x10
[  215.729459][ T9629]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  215.731514][ T9629]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  215.733562][ T9629]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  215.735131][ T9629]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  215.736996][ T9629]  ? genl_get_cmd+0x195/0x580
[  215.738755][ T9629]  ? bpf_lsm_capable+0x9/0x10
[  215.740583][ T9629]  ? security_capable+0x7e/0x260
[  215.742571][ T9629]  genl_rcv_msg+0x565/0x800
[  215.744383][ T9629]  ? __pfx_genl_rcv_msg+0x10/0x10
[  215.746383][ T9629]  ? __pfx_ieee802154_llsec_add_devkey+0x10/0x10
[  215.748819][ T9629]  ? __pfx___lock_acquire+0x10/0x10
[  215.750947][ T9629]  netlink_rcv_skb+0x165/0x410
[  215.752870][ T9629]  ? __pfx_genl_rcv_msg+0x10/0x10
[  215.754912][ T9629]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  215.757054][ T9629]  ? down_read+0xc9/0x330
[  215.758770][ T9629]  ? __pfx_down_read+0x10/0x10
[  215.760682][ T9629]  ? netlink_deliver_tap+0x1ae/0xca0
[  215.762696][ T9629]  genl_rcv+0x28/0x40
[  215.764240][ T9629]  netlink_unicast+0x53c/0x7f0
[  215.766125][ T9629]  ? __pfx_netlink_unicast+0x10/0x10
[  215.768195][ T9629]  ? __phys_addr_symbol+0x30/0x80
[  215.770072][ T9629]  ? __check_object_size+0x488/0x710
[  215.771578][ T9629]  netlink_sendmsg+0x8b8/0xd70
[  215.772955][ T9629]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.774998][ T9629]  ____sys_sendmsg+0x9ae/0xb40
[  215.776882][ T9629]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.778877][ T9629]  ? get_compat_msghdr+0x11b/0x170
[  215.780649][ T9629]  ___sys_sendmsg+0x135/0x1e0
[  215.782001][ T9629]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.783516][ T9629]  ? __pfx_lock_release+0x10/0x10
[  215.784953][ T9629]  ? trace_lock_acquire+0x14e/0x1f0
[  215.786410][ T9629]  ? __fget_files+0x206/0x3a0
[  215.788201][ T9629]  __sys_sendmsg+0x16e/0x220
[  215.789938][ T9629]  ? __pfx___sys_sendmsg+0x10/0x10
[  215.791978][ T9629]  __do_fast_syscall_32+0x73/0x120
[  215.794049][ T9629]  do_fast_syscall_32+0x32/0x80
[  215.796018][ T9629]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.798571][ T9629] RIP: 0023:0xf7f58579
[  215.799946][ T9629] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  215.805337][ T9629] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  215.808130][ T9629] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000100
[  215.810791][ T9629] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  215.813047][ T9629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  215.815539][ T9629] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  215.817857][ T9629] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.820354][ T9629]  </TASK>
[  215.840847][   T45] IPVS: stopping backup sync thread 8177 ...
[  215.841448][ T9606] team0: Port device team_slave_1 added
[  215.851147][ T9605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.855985][ T9605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.875090][ T9606] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.877055][ T9606] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.885321][ T9606] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.910417][ T9606] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.914053][ T9606] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.928647][ T9606] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.938407][ T9634] vcan0: tx drop: invalid da for name 0x00000000000000fd
[  215.994114][ T9605] team0: Port device team_slave_0 added
[  215.997231][ T9605] team0: Port device team_slave_1 added
[  215.999029][ T9636] netlink: 12 bytes leftover after parsing attributes in process `syz.2.715'.
[  215.999073][ T9637] netlink: 16 bytes leftover after parsing attributes in process `syz.2.715'.
[  216.168727][ T9606] hsr_slave_0: entered promiscuous mode
[  216.174345][ T9606] hsr_slave_1: entered promiscuous mode
[  216.179698][ T9606] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  216.182956][ T9606] Cannot create hsr debugfs directory
[  216.211599][ T9605] batman_adv: batadv0: Adding interface: batadv_slave_0
[  216.214605][ T9605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.227241][ T9605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  216.284252][ T9605] batman_adv: batadv0: Adding interface: batadv_slave_1
[  216.286863][ T9605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.296846][ T9605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  216.320741][   T45] hsr_slave_0: left promiscuous mode
[  216.322813][   T45] hsr_slave_1: left promiscuous mode
[  216.324913][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.327164][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.329597][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.331827][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.361835][   T45] veth1_macvtap: left promiscuous mode
[  216.363708][   T45] veth0_macvtap: left promiscuous mode
[  216.366386][   T45] veth1_vlan: left promiscuous mode
[  216.368294][   T45] veth0_vlan: left promiscuous mode
[  216.471506][ T9640] FAULT_INJECTION: forcing a failure.
[  216.471506][ T9640] name failslab, interval 1, probability 0, space 0, times 0
[  216.479997][ T9640] CPU: 0 UID: 0 PID: 9640 Comm: syz.2.716 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  216.483146][ T9640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.486279][ T9640] Call Trace:
[  216.487241][ T9640]  <TASK>
[  216.488123][ T9640]  dump_stack_lvl+0x16c/0x1f0
[  216.489510][ T9640]  should_fail_ex+0x497/0x5b0
[  216.490867][ T9640]  ? fs_reclaim_acquire+0xae/0x150
[  216.492335][ T9640]  should_failslab+0xc2/0x120
[  216.493706][ T9640]  __kmalloc_noprof+0xce/0x4f0
[  216.495236][ T9640]  ? rcu_is_watching+0x12/0xc0
[  216.496737][ T9640]  ? p9_fcall_init+0x97/0x260
[  216.498089][ T9640]  p9_fcall_init+0x97/0x260
[  216.499402][ T9640]  p9_tag_alloc+0x17a/0x870
[  216.500792][ T9640]  ? __pfx_p9_tag_alloc+0x10/0x10
[  216.502638][ T9640]  ? hlock_class+0x4e/0x130
[  216.504147][ T9640]  p9_client_prepare_req+0x19f/0x4d0
[  216.506061][ T9640]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  216.507882][ T9640]  ? hlock_class+0x4e/0x130
[  216.509267][ T9640]  ? mark_lock+0xb5/0xc60
[  216.510505][ T9640]  ? __pfx___lock_acquire+0x10/0x10
[  216.512030][ T9640]  p9_client_rpc+0x1c3/0xc10
[  216.513753][ T9640]  ? __pfx_p9_client_rpc+0x10/0x10
[  216.515734][ T9640]  ? find_held_lock+0x2d/0x110
[  216.517631][ T9640]  ? p9_fid_create+0x26a/0x470
[  216.519398][ T9640]  ? __pfx_lock_release+0x10/0x10
[  216.521389][ T9640]  ? mark_held_locks+0x9f/0xe0
[  216.523161][ T9640]  ? trace_9p_fid_ref+0x179/0x1f0
[  216.524606][ T9640]  p9_client_walk+0x1ad/0x540
[  216.526163][ T9640]  ? __pfx_p9_client_walk+0x10/0x10
[  216.527679][ T9640]  ? v9fs_fid_lookup+0xe9/0xec0
[  216.529106][ T9640]  v9fs_vfs_lookup+0x208/0x5c0
[  216.530439][ T9640]  ? __pfx_v9fs_vfs_lookup+0x10/0x10
[  216.532024][ T9640]  ? lockdep_init_map_type+0x16d/0x7d0
[  216.533728][ T9640]  __lookup_slow+0x24f/0x460
[  216.535070][ T9640]  ? __pfx___lookup_slow+0x10/0x10
[  216.536815][ T9640]  ? lookup_one_unlocked+0x133/0x160
[  216.538337][ T9640]  ? d_lookup+0xe9/0x180
[  216.539574][ T9640]  lookup_one_unlocked+0x142/0x160
[  216.541059][ T9640]  ? __pfx_lookup_one_unlocked+0x10/0x10
[  216.542664][ T9640]  ovl_lookup_single+0x201/0xf60
[  216.544086][ T9640]  ? __pfx_ovl_lookup_single+0x10/0x10
[  216.545702][ T9640]  ovl_lookup_layer+0x3a9/0x4a0
[  216.547166][ T9640]  ? __pfx_ovl_lookup_layer+0x10/0x10
[  216.548708][ T9640]  ? trace_kmalloc+0x2d/0xd0
[  216.550056][ T9640]  ? __kmalloc_noprof+0x23b/0x4f0
[  216.551718][ T9640]  ? ovl_lookup+0x116a/0x21f0
[  216.553622][ T9640]  ovl_lookup+0x13a9/0x21f0
[  216.555482][ T9640]  ? __pfx_ovl_lookup+0x10/0x10
[  216.557447][ T9640]  ? lookup_open.isra.0+0x229/0x14c0
[  216.559594][ T9640]  ? __pfx_d_alloc_parallel+0x10/0x10
[  216.561750][ T9640]  ? __d_lookup+0x266/0x4a0
[  216.563576][ T9640]  ? __pfx_ovl_lookup+0x10/0x10
[  216.565537][ T9640]  lookup_open.isra.0+0x92d/0x14c0
[  216.567064][ T9640]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  216.568811][ T9640]  ? path_openat+0x88a/0x2d60
[  216.570675][ T9640]  ? lookup_fast+0x155/0x540
[  216.572566][ T9640]  path_openat+0x904/0x2d60
[  216.574425][ T9640]  ? __pfx_path_openat+0x10/0x10
[  216.576419][ T9640]  ? __pfx___lock_acquire+0x10/0x10
[  216.578516][ T9640]  ? lock_acquire.part.0+0x11b/0x380
[  216.580243][ T9640]  ? find_held_lock+0x2d/0x110
[  216.581625][ T9640]  do_filp_open+0x20c/0x470
[  216.582887][ T9640]  ? __pfx_do_filp_open+0x10/0x10
[  216.584313][ T9640]  ? find_held_lock+0x2d/0x110
[  216.585736][ T9640]  ? alloc_fd+0x41f/0x760
[  216.587314][ T9640]  do_sys_openat2+0x17a/0x1e0
[  216.588653][ T9640]  ? __pfx_do_sys_openat2+0x10/0x10
[  216.590113][ T9640]  ? find_held_lock+0x2d/0x110
[  216.591477][ T9640]  __ia32_compat_sys_openat+0x16e/0x210
[  216.593040][ T9640]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  216.594748][ T9640]  ? rcu_is_watching+0x12/0xc0
[  216.596114][ T9640]  __do_fast_syscall_32+0x73/0x120
[  216.597633][ T9640]  do_fast_syscall_32+0x32/0x80
[  216.598988][ T9640]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.600737][ T9640] RIP: 0023:0xf7f58579
[  216.601893][ T9640] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.607619][ T9640] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  216.609923][ T9640] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000340
[  216.612091][ T9640] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000
[  216.614287][ T9640] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.616548][ T9640] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.618690][ T9640] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.620888][ T9640]  </TASK>
[  216.632304][ T5959] Bluetooth: hci2: command tx timeout
[  216.634770][ T5959] Bluetooth: hci1: command tx timeout
[  217.333989][   T45] team0 (unregistering): Port device team_slave_1 removed
[  217.442104][   T45] team0 (unregistering): Port device team_slave_0 removed
[  218.230425][ T9605] hsr_slave_0: entered promiscuous mode
[  218.234062][ T9605] hsr_slave_1: entered promiscuous mode
[  218.671109][ T9677] netlink: 8 bytes leftover after parsing attributes in process `syz.0.721'.
[  218.711883][ T5950] Bluetooth: hci1: command tx timeout
[  218.713509][ T5950] Bluetooth: hci2: command tx timeout
[  219.121711][ T9605] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.185836][ T9605] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.310031][ T9605] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.382970][ T9605] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.469232][ T9606] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  219.473545][ T9606] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  219.487506][ T9606] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  219.497148][ T9606] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  219.512079][ T9605] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  219.516858][ T9605] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  219.541077][ T9605] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  219.547953][ T9605] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  219.603552][ T9606] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.609656][ T9606] 8021q: adding VLAN 0 to HW filter on device team0
[  219.627491][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.629518][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.654736][ T9605] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.662896][ T9605] 8021q: adding VLAN 0 to HW filter on device team0
[  219.667227][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.669339][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.676522][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.678651][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.695658][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.698401][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.814023][ T9605] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.840159][ T9605] veth0_vlan: entered promiscuous mode
[  219.845117][ T9605] veth1_vlan: entered promiscuous mode
[  219.849963][ T9606] 8021q: adding VLAN 0 to HW filter on device batadv0
[  219.871135][ T9605] veth0_macvtap: entered promiscuous mode
[  219.874747][ T9605] veth1_macvtap: entered promiscuous mode
[  219.876856][ T9720] block device autoloading is deprecated and will be removed.
[  219.889459][ T9716] md: md2 stopped.
[  219.892558][ T9606] veth0_vlan: entered promiscuous mode
[  219.896665][ T9605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.899983][ T9605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.903466][ T9605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.906427][ T9605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.909694][ T9605] batman_adv: batadv0: Interface activated: batadv_slave_0
[  219.915738][ T9606] veth1_vlan: entered promiscuous mode
[  219.920773][ T9605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.924043][ T9605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.926714][ T9605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.929917][ T9605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.933765][ T9605] batman_adv: batadv0: Interface activated: batadv_slave_1
[  219.938481][ T9605] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.941427][ T9605] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.943921][ T9605] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.946474][ T9605] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.955184][ T9606] veth0_macvtap: entered promiscuous mode
[  219.962697][ T9606] veth1_macvtap: entered promiscuous mode
[  219.978656][ T9606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.982194][ T9606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.984962][ T9606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.987957][ T9606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.991228][ T9606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.994435][ T9606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.997781][ T9606] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.007051][ T9606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.010091][ T9606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.013203][ T9606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.016207][ T9606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.019002][ T9606] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.022376][ T9606] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.025753][ T9606] batman_adv: batadv0: Interface activated: batadv_slave_1
[  220.028314][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.032191][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.039513][ T9606] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.042328][ T9606] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.044849][ T9606] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.047407][ T9606] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  220.059706][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.062664][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.087593][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.092025][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.104493][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.107253][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.481011][   T25] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  220.640450][   T25] usb 5-1: Using ep0 maxpacket: 16
[  220.644027][   T25] usb 5-1: config 0 has no interfaces?
[  220.648231][   T25] usb 5-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[  220.652136][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.655568][   T25] usb 5-1: Product: syz
[  220.657333][   T25] usb 5-1: Manufacturer: syz
[  220.659221][   T25] usb 5-1: SerialNumber: syz
[  220.662622][   T25] usb 5-1: config 0 descriptor??
[  220.790462][ T5959] Bluetooth: hci2: command tx timeout
[  220.792933][ T5959] Bluetooth: hci1: command tx timeout
[  221.040082][ T9734] fuse: Bad value for 'group_id'
[  221.042072][ T9734] fuse: Bad value for 'group_id'
[  221.342441][ T9743] netlink: 12 bytes leftover after parsing attributes in process `syz.1.730'.
[  221.345697][ T9743] netlink: 16 bytes leftover after parsing attributes in process `syz.1.730'.
[  221.475618][ T9746] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,���<�_e�F��"
[  221.478970][ T9746] CUSE: unknown device info "3�ܟ�,��̘�"
[  221.490292][ T9746] CUSE: DEVNAME unspecified
[  222.073312][ T9761] netlink: 4 bytes leftover after parsing attributes in process `syz.3.735'.
[  222.077436][ T9761] netlink: 28 bytes leftover after parsing attributes in process `syz.3.735'.
[  222.787531][ T9765] netlink: 8 bytes leftover after parsing attributes in process `syz.3.736'.
[  222.860321][ T5950] Bluetooth: hci2: command tx timeout
[  222.860485][ T5959] Bluetooth: hci1: command tx timeout
[  223.323432][ T5984] usb 5-1: USB disconnect, device number 18
[  223.693151][ T9784] random: crng reseeded on system resumption
[  223.842914][ T9789] IPv6: NLM_F_CREATE should be specified when creating new route
[  223.990328][ T5984] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  224.060397][ T6024] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  224.140470][ T5984] usb 7-1: Using ep0 maxpacket: 8
[  224.143143][ T5984] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  224.146048][ T5984] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  224.148828][ T5984] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  224.151904][ T5984] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  224.155529][ T5984] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  224.158395][ T5984] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.210354][ T6024] usb 6-1: Using ep0 maxpacket: 16
[  224.222525][ T6024] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  224.224857][ T6024] usb 6-1: config 0 has no interface number 0
[  224.226618][ T6024] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  224.229466][ T6024] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  224.243359][ T6024] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  224.245910][ T6024] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  224.248132][ T6024] usb 6-1: Product: syz
[  224.249365][ T6024] usb 6-1: SerialNumber: syz
[  224.253029][ T6024] usb 6-1: config 0 descriptor??
[  224.256264][ T6024] cm109 6-1:0.8: invalid payload size 0, expected 4
[  224.258964][ T6024] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input16
[  224.321076][ T9793] 9pnet_fd: Insufficient options for proto=fd
[  224.369341][ T5984] usb 7-1: GET_CAPABILITIES returned 0
[  224.371038][ T5984] usbtmc 7-1:16.0: can't read capabilities
[  224.599633][    C3] cm109 6-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  224.778304][ T9801] netlink: 8 bytes leftover after parsing attributes in process `syz.0.745'.
[  224.999284][ T9803] netlink: 8 bytes leftover after parsing attributes in process `syz.3.746'.
[  225.105034][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  225.108276][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  225.111100][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  225.113315][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  225.115526][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  225.117724][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  225.119918][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  225.122088][ T6006] usb 6-1: USB disconnect, device number 16
[  225.123870][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  225.123881][    C2] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  225.135262][ T6006] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  225.185179][ T9804] netlink: zone id is out of range
[  225.187572][ T9804] netlink: zone id is out of range
[  225.843303][ T9818] wg2: entered promiscuous mode
[  225.844816][ T9818] wg2: entered allmulticast mode
[  225.999596][ T9822] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  226.002462][ T9822] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  226.004963][ T9822] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  226.750019][ T9834] 9pnet_fd: Insufficient options for proto=fd
[  226.778936][   T39] audit: type=1326 audit(1736540396.284:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.785560][   T39] audit: type=1326 audit(1736540396.284:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.794262][   T39] audit: type=1326 audit(1736540396.284:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=70 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.800486][   T39] audit: type=1326 audit(1736540396.284:461): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.806524][   T39] audit: type=1326 audit(1736540396.284:462): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.813467][   T39] audit: type=1326 audit(1736540396.284:463): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.820441][   T39] audit: type=1326 audit(1736540396.294:464): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.826622][   T39] audit: type=1326 audit(1736540396.294:465): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.833084][   T39] audit: type=1326 audit(1736540396.294:466): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.839259][   T39] audit: type=1326 audit(1736540396.294:467): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9833 comm="syz.0.754" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.946209][ T6898] usb 7-1: USB disconnect, device number 12
[  226.970184][ T9845] netlink: 12 bytes leftover after parsing attributes in process `syz.2.757'.
[  226.976336][ T9845] netlink: 16 bytes leftover after parsing attributes in process `syz.2.757'.
[  227.811199][ T9870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.762'.
[  227.849291][ T9872] fuse: Unknown parameter '֟!�W(��U{G��'��W'
[  228.133772][ T9879] vxfs: WRONG superblock magic 00000000 at 1
[  228.135879][ T9879] vxfs: WRONG superblock magic 00000000 at 8
[  228.137608][ T9879] vxfs: can't find superblock.
[  228.181383][ T7640] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  228.225407][ T9892] netlink: 4 bytes leftover after parsing attributes in process `syz.1.770'.
[  228.228629][ T9892] netlink: 12 bytes leftover after parsing attributes in process `syz.1.770'.
[  228.330292][ T7640] usb 7-1: Using ep0 maxpacket: 8
[  228.333574][ T7640] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  228.336497][ T7640] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  228.339473][ T7640] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  228.342449][ T7640] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  228.346295][ T7640] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  228.349010][ T7640] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.510634][ T9898] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,���<�_e�F��"
[  228.513980][ T9898] CUSE: unknown device info "3�ܟ�,��̘�"
[  228.515557][ T9898] CUSE: DEVNAME unspecified
[  228.559004][ T7640] usb 7-1: GET_CAPABILITIES returned 0
[  228.560775][ T7640] usbtmc 7-1:16.0: can't read capabilities
[  228.919462][ T9916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.777'.
[  228.922300][ T9916] netlink: 12 bytes leftover after parsing attributes in process `syz.3.777'.
[  228.973661][ T9917] netlink: zone id is out of range
[  228.975487][ T9917] netlink: zone id is out of range
[  229.133705][ T9893] orangefs_mount: mount request failed with -4
[  229.805990][ T9929] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  229.811883][ T9929] netlink: 12 bytes leftover after parsing attributes in process `syz.1.781'.
[  230.273743][ T9938] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  230.279999][ T9938] IPv6: syztnl0: Disabled Multicast RS
[  230.351247][ T9945] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,���<�_e�F��"
[  230.354674][ T9945] CUSE: unknown device info "3�ܟ�,��̘�"
[  230.356404][ T9945] CUSE: DEVNAME unspecified
[  230.690338][ T5984] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  230.721904][ T9955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.790'.
[  230.852831][ T5984] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[  230.856608][ T5984] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  230.862118][ T5984] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  230.864915][ T5984] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  230.867731][ T5984] usb 8-1: Manufacturer: syz
[  230.870816][ T5984] usb 8-1: config 0 descriptor??
[  230.910386][ T5984] rc_core: IR keymap rc-hauppauge not found
[  230.912275][ T5984] Registered IR keymap rc-empty
[  230.914418][ T5984] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0
[  230.918461][ T5984] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input17
[  231.116932][ T6898] usb 7-1: USB disconnect, device number 13
[  231.274916][ T9979] FAULT_INJECTION: forcing a failure.
[  231.274916][ T9979] name failslab, interval 1, probability 0, space 0, times 0
[  231.278954][ T9979] CPU: 0 UID: 0 PID: 9979 Comm: syz.2.797 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  231.281992][ T9979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  231.285959][ T9979] Call Trace:
[  231.287216][ T9979]  <TASK>
[  231.288339][ T9979]  dump_stack_lvl+0x16c/0x1f0
[  231.290134][ T9979]  should_fail_ex+0x497/0x5b0
[  231.291899][ T9979]  ? fs_reclaim_acquire+0xae/0x150
[  231.293430][ T9979]  should_failslab+0xc2/0x120
[  231.295201][ T9979]  __kmalloc_noprof+0xce/0x4f0
[  231.297007][ T9979]  ? __pfx___mutex_trylock_common+0x10/0x10
[  231.298885][ T9979]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  231.301008][ T9979]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  231.303040][ T9979]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  231.304622][ T9979]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  231.306375][ T9979]  ? genl_get_cmd+0x195/0x580
[  231.307744][ T9979]  ? bpf_lsm_capable+0x9/0x10
[  231.309119][ T9979]  ? security_capable+0x7e/0x260
[  231.310567][ T9979]  genl_rcv_msg+0x565/0x800
[  231.311864][ T9979]  ? __pfx_genl_rcv_msg+0x10/0x10
[  231.313759][ T9979]  ? __pfx_ieee802154_del_iface+0x10/0x10
[  231.315911][ T9979]  ? __pfx___lock_acquire+0x10/0x10
[  231.317856][ T9979]  netlink_rcv_skb+0x165/0x410
[  231.319286][ T9979]  ? __pfx_genl_rcv_msg+0x10/0x10
[  231.320815][ T9979]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  231.322375][ T9979]  ? down_read+0xc9/0x330
[  231.323998][ T9979]  ? __pfx_down_read+0x10/0x10
[  231.325806][ T9979]  ? netlink_deliver_tap+0x1ae/0xca0
[  231.327816][ T9979]  genl_rcv+0x28/0x40
[  231.329364][ T9979]  netlink_unicast+0x53c/0x7f0
[  231.331155][ T9979]  ? __pfx_netlink_unicast+0x10/0x10
[  231.333139][ T9979]  ? __phys_addr_symbol+0x30/0x80
[  231.335017][ T9979]  ? __check_object_size+0x488/0x710
[  231.337005][ T9979]  netlink_sendmsg+0x8b8/0xd70
[  231.338792][ T9979]  ? __pfx_netlink_sendmsg+0x10/0x10
[  231.340806][ T9979]  ____sys_sendmsg+0x9ae/0xb40
[  231.342592][ T9979]  ? __pfx_____sys_sendmsg+0x10/0x10
[  231.345806][ T9979]  ? get_compat_msghdr+0x11b/0x170
[  231.345832][ T9979]  ___sys_sendmsg+0x135/0x1e0
[  231.349038][ T9979]  ? __pfx____sys_sendmsg+0x10/0x10
[  231.350993][ T9979]  ? __pfx_lock_release+0x10/0x10
[  231.352878][ T9979]  ? trace_lock_acquire+0x14e/0x1f0
[  231.354838][ T9979]  ? __fget_files+0x206/0x3a0
[  231.356618][ T9979]  __sys_sendmsg+0x16e/0x220
[  231.358352][ T9979]  ? __pfx___sys_sendmsg+0x10/0x10
[  231.360152][ T9979]  __do_fast_syscall_32+0x73/0x120
[  231.361646][ T9979]  do_fast_syscall_32+0x32/0x80
[  231.363045][ T9979]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  231.364879][ T9979] RIP: 0023:0xf7f58579
[  231.366053][ T9979] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  231.371562][ T9979] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  231.373952][ T9979] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000b00
[  231.376243][ T9979] RDX: 0000000004000000 RSI: 0000000000000000 RDI: 0000000000000000
[  231.378538][ T9979] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  231.380790][ T9979] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  231.383390][ T9979] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  231.385956][ T9979]  </TASK>
[  231.415894][ T9983] FAULT_INJECTION: forcing a failure.
[  231.415894][ T9983] name failslab, interval 1, probability 0, space 0, times 0
[  231.415934][ T9983] CPU: 2 UID: 0 PID: 9983 Comm: syz.0.798 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  231.415948][ T9983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  231.415954][ T9983] Call Trace:
[  231.415958][ T9983]  <TASK>
[  231.415962][ T9983]  dump_stack_lvl+0x16c/0x1f0
[  231.415979][ T9983]  should_fail_ex+0x497/0x5b0
[  231.415992][ T9983]  ? fs_reclaim_acquire+0xae/0x150
[  231.416007][ T9983]  should_failslab+0xc2/0x120
[  231.416022][ T9983]  __kmalloc_noprof+0xce/0x4f0
[  231.416036][ T9983]  ? drm_atomic_state_init+0x17e/0x320
[  231.416054][ T9983]  drm_atomic_state_init+0x17e/0x320
[  231.416068][ T9983]  ? __kasan_kmalloc+0xaa/0xb0
[  231.416081][ T9983]  drm_atomic_state_alloc+0xd3/0x120
[  231.416096][ T9983]  drm_client_modeset_commit_atomic+0xd1/0x7f0
[  231.416110][ T9983]  ? drm_client_modeset_commit_locked+0x4c/0x580
[  231.416124][ T9983]  ? rcu_is_watching+0x12/0xc0
[  231.416137][ T9983]  ? trace_contention_end+0xee/0x140
[  231.416148][ T9983]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  231.416161][ T9983]  ? __mutex_lock+0x1cc/0xa60
[  231.416183][ T9983]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  231.416201][ T9983]  drm_client_modeset_commit_locked+0x14d/0x580
[  231.416216][ T9983]  drm_fb_helper_pan_display+0x2a5/0x990
[  231.416240][ T9983]  ? clear_pending_if_disabled+0xa9/0x210
[  231.416256][ T9983]  fb_pan_display+0x477/0x7d0
[  231.416271][ T9983]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  231.416288][ T9983]  bit_update_start+0x49/0x1f0
[  231.416300][ T9983]  fbcon_switch+0xc11/0x14f0
[  231.416335][ T9983]  ? __pfx_fbcon_switch+0x10/0x10
[  231.416355][ T9983]  ? __pfx_bit_cursor+0x10/0x10
[  231.416365][ T9983]  ? fbcon_cursor+0x409/0x5f0
[  231.416379][ T9983]  ? __pfx_lock_release+0x10/0x10
[  231.416393][ T9983]  csi_J+0x868/0xad0
[  231.416409][ T9983]  do_con_write+0x3e87/0x7d00
[  231.416424][ T9983]  ? rcu_is_watching+0x12/0xc0
[  231.416436][ T9983]  ? trace_contention_end+0xee/0x140
[  231.416452][ T9983]  ? __pfx_do_con_write+0x10/0x10
[  231.416466][ T9983]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  231.416483][ T9983]  ? con_write+0x93/0xb0
[  231.416498][ T9983]  con_write+0x23/0xb0
[  231.416511][ T9983]  n_tty_write+0x419/0x1140
[  231.416528][ T9983]  ? __pfx_n_tty_write+0x10/0x10
[  231.416538][ T9983]  ? __virt_addr_valid+0x1a4/0x590
[  231.416551][ T9983]  ? __pfx_woken_wake_function+0x10/0x10
[  231.416565][ T9983]  ? __virt_addr_valid+0x5e/0x590
[  231.416580][ T9983]  ? __phys_addr_symbol+0x30/0x80
[  231.416592][ T9983]  ? __check_object_size+0x488/0x710
[  231.416606][ T9983]  ? __pfx_n_tty_write+0x10/0x10
[  231.416617][ T9983]  file_tty_write.constprop.0+0x506/0x9a0
[  231.416635][ T9983]  vfs_write+0x5ae/0x1150
[  231.416647][ T9983]  ? __pfx_tty_write+0x10/0x10
[  231.416662][ T9983]  ? __pfx_vfs_write+0x10/0x10
[  231.416674][ T9983]  ? __fget_files+0x40/0x3a0
[  231.416694][ T9983]  ksys_write+0x12b/0x250
[  231.416706][ T9983]  ? __pfx_ksys_write+0x10/0x10
[  231.416722][ T9983]  __do_fast_syscall_32+0x73/0x120
[  231.416737][ T9983]  do_fast_syscall_32+0x32/0x80
[  231.416750][ T9983]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  231.416766][ T9983] RIP: 0023:0xf710e579
[  231.416775][ T9983] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  231.416784][ T9983] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  231.416796][ T9983] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001040
[  231.416802][ T9983] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000
[  231.416809][ T9983] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  231.416815][ T9983] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  231.416822][ T9983] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  231.416836][ T9983]  </TASK>
[  231.437428][ T9985] netlink: 84 bytes leftover after parsing attributes in process `syz.1.799'.
[  231.728570][ T9993] FAULT_INJECTION: forcing a failure.
[  231.728570][ T9993] name failslab, interval 1, probability 0, space 0, times 0
[  231.734004][ T9993] CPU: 0 UID: 0 PID: 9993 Comm: syz.0.801 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  231.737103][ T9993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  231.740334][ T9993] Call Trace:
[  231.741319][ T9993]  <TASK>
[  231.742230][ T9993]  dump_stack_lvl+0x16c/0x1f0
[  231.743628][ T9993]  should_fail_ex+0x497/0x5b0
[  231.745004][ T9993]  ? fs_reclaim_acquire+0xae/0x150
[  231.746568][ T9993]  should_failslab+0xc2/0x120
[  231.748148][ T9993]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  231.750388][ T9993]  ? __alloc_skb+0x2b3/0x380
[  231.752110][ T9993]  __alloc_skb+0x2b3/0x380
[  231.753757][ T9993]  ? __pfx___alloc_skb+0x10/0x10
[  231.755654][ T9993]  ? __mutex_trylock_common+0x80/0x250
[  231.757777][ T9993]  ? __pfx___mutex_trylock_common+0x10/0x10
[  231.759683][ T9993]  ? __netlink_dump_start+0x154/0x980
[  231.761426][ T9993]  netlink_dump+0x699/0xd00
[  231.762905][ T9993]  ? __mutex_lock+0x1cc/0xa60
[  231.764286][ T9993]  ? __pfx_netlink_dump+0x10/0x10
[  231.765781][ T9993]  ? __netlink_dump_start+0x154/0x980
[  231.767343][ T9993]  ? lock_acquire+0x2f/0xb0
[  231.768700][ T9993]  ? netlink_lookup+0x3d/0x270
[  231.770074][ T9993]  __netlink_dump_start+0x6d9/0x980
[  231.771657][ T9993]  ? __pfx_xfrm_dump_policy+0x10/0x10
[  231.773264][ T9993]  xfrm_user_rcv_msg+0x88b/0xbf0
[  231.774655][ T9993]  ? kfree_skbmem+0x1a4/0x1f0
[  231.775978][ T9993]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  231.778046][ T9993]  ? __pfx_xfrm_dump_policy_start+0x10/0x10
[  231.780295][ T9993]  ? __pfx_xfrm_dump_policy+0x10/0x10
[  231.782326][ T9993]  ? __pfx_xfrm_dump_policy_done+0x10/0x10
[  231.784529][ T9993]  ? __mutex_trylock_common+0xea/0x250
[  231.786548][ T9993]  ? __pfx___mutex_trylock_common+0x10/0x10
[  231.788754][ T9993]  netlink_rcv_skb+0x165/0x410
[  231.790558][ T9993]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  231.792588][ T9993]  ? __mutex_lock+0x1cc/0xa60
[  231.794345][ T9993]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  231.796358][ T9993]  ? netlink_deliver_tap+0x1ae/0xca0
[  231.798356][ T9993]  xfrm_netlink_rcv+0x71/0x90
[  231.800144][ T9993]  netlink_unicast+0x53c/0x7f0
[  231.801944][ T9993]  ? __pfx_netlink_unicast+0x10/0x10
[  231.803915][ T9993]  ? __phys_addr_symbol+0x30/0x80
[  231.805787][ T9993]  ? __check_object_size+0x488/0x710
[  231.807764][ T9993]  netlink_sendmsg+0x8b8/0xd70
[  231.809588][ T9993]  ? __pfx_netlink_sendmsg+0x10/0x10
[  231.811565][ T9993]  ____sys_sendmsg+0x9ae/0xb40
[  231.813377][ T9993]  ? __pfx_____sys_sendmsg+0x10/0x10
[  231.815355][ T9993]  ? get_compat_msghdr+0x11b/0x170
[  231.817280][ T9993]  ___sys_sendmsg+0x135/0x1e0
[  231.819061][ T9993]  ? __pfx____sys_sendmsg+0x10/0x10
[  231.821017][ T9993]  ? __pfx_lock_release+0x10/0x10
[  231.822882][ T9993]  ? trace_lock_acquire+0x14e/0x1f0
[  231.824844][ T9993]  ? __fget_files+0x206/0x3a0
[  231.826612][ T9993]  __sys_sendmsg+0x16e/0x220
[  231.828363][ T9993]  ? __pfx___sys_sendmsg+0x10/0x10
[  231.830326][ T9993]  __do_fast_syscall_32+0x73/0x120
[  231.832241][ T9993]  do_fast_syscall_32+0x32/0x80
[  231.834077][ T9993]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  231.836451][ T9993] RIP: 0023:0xf710e579
[  231.837974][ T9993] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  231.845106][ T9993] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  231.848186][ T9993] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180
[  231.851135][ T9993] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  231.854067][ T9993] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  231.857011][ T9993] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  231.859879][ T9993] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  231.862765][ T9993]  </TASK>
[  232.422633][T10000] netlink: 18 bytes leftover after parsing attributes in process `syz.1.803'.
[  232.425496][T10000] netlink: 18 bytes leftover after parsing attributes in process `syz.1.803'.
[  233.319230][T10016] FAULT_INJECTION: forcing a failure.
[  233.319230][T10016] name failslab, interval 1, probability 0, space 0, times 0
[  233.323076][T10016] CPU: 3 UID: 0 PID: 10016 Comm: syz.1.808 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  233.326085][T10016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  233.329080][T10016] Call Trace:
[  233.330047][T10016]  <TASK>
[  233.330896][T10016]  dump_stack_lvl+0x16c/0x1f0
[  233.332247][T10016]  should_fail_ex+0x497/0x5b0
[  233.333611][T10016]  should_failslab+0xc2/0x120
[  233.334791][T10016]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  233.336317][T10016]  ? trace_lock_acquire+0x14e/0x1f0
[  233.337803][T10016]  ? skb_clone+0x190/0x3f0
[  233.339111][T10016]  skb_clone+0x190/0x3f0
[  233.340346][T10016]  dev_queue_xmit_nit+0x38f/0xbc0
[  233.341788][T10016]  dev_hard_start_xmit+0x283/0x7b0
[  233.343250][T10016]  __dev_queue_xmit+0x7f0/0x43e0
[  233.344676][T10016]  ? __pfx___dev_queue_xmit+0x10/0x10
[  233.346216][T10016]  ? rcu_is_watching+0x12/0xc0
[  233.347582][T10016]  ? trace_kmem_cache_alloc+0x2d/0xd0
[  233.349147][T10016]  ? __copy_skb_header+0x2e8/0x5b0
[  233.350614][T10016]  ? __skb_clone+0x570/0x760
[  233.351949][T10016]  netlink_deliver_tap+0xa61/0xca0
[  233.353424][T10016]  netlink_unicast+0x5e1/0x7f0
[  233.354807][T10016]  ? __pfx_netlink_unicast+0x10/0x10
[  233.356334][T10016]  ? __phys_addr_symbol+0x30/0x80
[  233.357772][T10016]  ? __check_object_size+0x488/0x710
[  233.359290][T10016]  netlink_sendmsg+0x8b8/0xd70
[  233.360667][T10016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.362185][T10016]  ____sys_sendmsg+0x9ae/0xb40
[  233.363561][T10016]  ? __pfx_____sys_sendmsg+0x10/0x10
[  233.365079][T10016]  ? get_compat_msghdr+0x11b/0x170
[  233.366551][T10016]  ___sys_sendmsg+0x135/0x1e0
[  233.367903][T10016]  ? __pfx____sys_sendmsg+0x10/0x10
[  233.369443][T10016]  ? __pfx_lock_release+0x10/0x10
[  233.370886][T10016]  ? trace_lock_acquire+0x14e/0x1f0
[  233.372396][T10016]  ? __fget_files+0x206/0x3a0
[  233.373751][T10016]  __sys_sendmsg+0x16e/0x220
[  233.375099][T10016]  ? __pfx___sys_sendmsg+0x10/0x10
[  233.376663][T10016]  __do_fast_syscall_32+0x73/0x120
[  233.378143][T10016]  do_fast_syscall_32+0x32/0x80
[  233.379538][T10016]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  233.381387][T10016] RIP: 0023:0xf7f52579
[  233.382560][T10016] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  233.388141][T10016] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  233.390513][T10016] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  233.392765][T10016] RDX: 0000000000004004 RSI: 0000000000000000 RDI: 0000000000000000
[  233.395061][T10016] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  233.397334][T10016] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  233.399604][T10016] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  233.401872][T10016]  </TASK>
[  233.628214][ T6898] usb 8-1: USB disconnect, device number 15
[  234.756517][T10055] ntfs3(nbd3): try to read out of volume at offset 0x0
[  234.812340][T10062] FAULT_INJECTION: forcing a failure.
[  234.812340][T10062] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  234.816273][T10062] CPU: 1 UID: 0 PID: 10062 Comm: syz.1.822 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  234.819372][T10062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.822406][T10062] Call Trace:
[  234.823369][T10062]  <TASK>
[  234.824230][T10062]  dump_stack_lvl+0x16c/0x1f0
[  234.825597][T10062]  should_fail_ex+0x497/0x5b0
[  234.826948][T10062]  ? fs_reclaim_acquire+0xae/0x150
[  234.828418][T10062]  should_fail_alloc_page+0xe7/0x130
[  234.829965][T10062]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  234.831717][T10062]  ? __pfx_mark_lock+0x10/0x10
[  234.833108][T10062]  __alloc_pages_noprof+0x190/0x25b0
[  234.834621][T10062]  ? __pfx_mark_lock+0x10/0x10
[  234.836043][T10062]  ? lock_acquire.part.0+0x11b/0x380
[  234.837798][T10062]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  234.839461][T10062]  ? hlock_class+0x4e/0x130
[  234.840786][T10062]  ? __lock_acquire+0xcc5/0x3c40
[  234.842205][T10062]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  234.843895][T10062]  ? policy_nodemask+0xea/0x4e0
[  234.845308][T10062]  alloc_pages_mpol_noprof+0x2c9/0x610
[  234.846868][T10062]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  234.848590][T10062]  ? find_held_lock+0x2d/0x110
[  234.849982][T10062]  folio_alloc_mpol_noprof+0x36/0xd0
[  234.851486][T10062]  shmem_alloc_folio+0x135/0x160
[  234.852916][T10062]  shmem_alloc_and_add_folio+0x48b/0xc00
[  234.854522][T10062]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  234.856241][T10062]  ? shmem_allowable_huge_orders+0xd0/0x410
[  234.857946][T10062]  shmem_get_folio_gfp+0x689/0x1530
[  234.859416][T10062]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  234.861019][T10062]  ? fault_in_readable+0x100/0x200
[  234.862419][T10062]  shmem_write_begin+0x161/0x300
[  234.863835][T10062]  ? __pfx_fault_in_readable+0x10/0x10
[  234.865397][T10062]  ? __pfx_shmem_write_begin+0x10/0x10
[  234.866953][T10062]  generic_perform_write+0x2ba/0x920
[  234.868471][T10062]  ? __pfx_generic_perform_write+0x10/0x10
[  234.870133][T10062]  ? inode_needs_update_time.part.0+0x191/0x270
[  234.871900][T10062]  shmem_file_write_iter+0x10e/0x140
[  234.873419][T10062]  vfs_write+0x5ae/0x1150
[  234.874654][T10062]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  234.876326][T10062]  ? __pfx___mutex_lock+0x10/0x10
[  234.877756][T10062]  ? __pfx_vfs_write+0x10/0x10
[  234.879147][T10062]  ksys_write+0x12b/0x250
[  234.880389][T10062]  ? __pfx_ksys_write+0x10/0x10
[  234.881773][T10062]  __do_fast_syscall_32+0x73/0x120
[  234.883237][T10062]  do_fast_syscall_32+0x32/0x80
[  234.884630][T10062]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  234.886427][T10062] RIP: 0023:0xf7f52579
[  234.887588][T10062] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  234.893011][T10062] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  234.895362][T10062] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000200
[  234.897597][T10062] RDX: 0000000000043400 RSI: 0000000000000000 RDI: 0000000000000000
[  234.899844][T10062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  234.902098][T10062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  234.904347][T10062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  234.905172][T10066] netlink: 4 bytes leftover after parsing attributes in process `syz.3.824'.
[  234.906582][T10062]  </TASK>
[  234.911339][T10066] netlink: 12 bytes leftover after parsing attributes in process `syz.3.824'.
[  235.254903][T10073] FAULT_INJECTION: forcing a failure.
[  235.254903][T10073] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.258804][T10073] CPU: 3 UID: 0 PID: 10073 Comm: syz.0.827 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  235.261898][T10073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.264989][T10073] Call Trace:
[  235.265974][T10073]  <TASK>
[  235.266839][T10073]  dump_stack_lvl+0x16c/0x1f0
[  235.268235][T10073]  should_fail_ex+0x497/0x5b0
[  235.269647][T10073]  _copy_from_user+0x2e/0xd0
[  235.270985][T10073]  io_submit_one+0xbc/0x1da0
[  235.272350][T10073]  ? __pfx_io_submit_one+0x10/0x10
[  235.273821][T10073]  ? __might_fault+0x13b/0x190
[  235.275223][T10073]  ? lock_acquire+0x2f/0xb0
[  235.276562][T10073]  ? __might_fault+0xe3/0x190
[  235.277931][T10073]  ? __ia32_compat_sys_io_submit+0x1ba/0x3a0
[  235.279658][T10073]  __ia32_compat_sys_io_submit+0x1ba/0x3a0
[  235.281364][T10073]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  235.283186][T10073]  __do_fast_syscall_32+0x73/0x120
[  235.284695][T10073]  do_fast_syscall_32+0x32/0x80
[  235.286109][T10073]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  235.287919][T10073] RIP: 0023:0xf710e579
[  235.289113][T10073] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  235.294882][T10073] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  235.297303][T10073] RAX: ffffffffffffffda RBX: 00000000f7faf000 RCX: 0000000000000001
[  235.299573][T10073] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  235.301817][T10073] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  235.304081][T10073] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  235.306382][T10073] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.308677][T10073]  </TASK>
[  235.482876][T10084] FAULT_INJECTION: forcing a failure.
[  235.482876][T10084] name failslab, interval 1, probability 0, space 0, times 0
[  235.486977][T10084] CPU: 3 UID: 0 PID: 10084 Comm: syz.1.832 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  235.490601][T10084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.494030][T10084] Call Trace:
[  235.495178][T10084]  <TASK>
[  235.496038][T10084]  dump_stack_lvl+0x16c/0x1f0
[  235.497418][T10084]  should_fail_ex+0x497/0x5b0
[  235.498781][T10084]  ? fs_reclaim_acquire+0xae/0x150
[  235.500267][T10084]  should_failslab+0xc2/0x120
[  235.501643][T10084]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  235.503315][T10084]  ? __do_fast_syscall_32+0x73/0x120
[  235.504708][T10084]  ? do_fast_syscall_32+0x32/0x80
[  235.506179][T10084]  ? __alloc_skb+0x2b3/0x380
[  235.507597][T10084]  __alloc_skb+0x2b3/0x380
[  235.508920][T10084]  ? __pfx___alloc_skb+0x10/0x10
[  235.510369][T10084]  _sctp_make_chunk+0x51/0x270
[  235.511731][T10084]  sctp_make_datafrag_empty+0x15c/0x220
[  235.513328][T10084]  ? __pfx_sctp_make_datafrag_empty+0x10/0x10
[  235.515084][T10084]  sctp_datamsg_from_user+0x590/0x1320
[  235.516666][T10084]  sctp_sendmsg_to_asoc+0xafd/0x1ad0
[  235.518178][T10084]  ? sctp_assoc_add_peer+0x254/0x14b0
[  235.519738][T10084]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  235.521371][T10084]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  235.523095][T10084]  ? lock_acquire+0x2f/0xb0
[  235.524659][T10084]  ? sctp_endpoint_lookup_assoc+0xac/0x2a0
[  235.526445][T10084]  sctp_sendmsg+0x129c/0x1f10
[  235.527802][T10084]  ? __pfx___lock_acquire+0x10/0x10
[  235.529341][T10084]  ? __pfx_sctp_sendmsg+0x10/0x10
[  235.530805][T10084]  ? __pfx_aa_sk_perm+0x10/0x10
[  235.532222][T10084]  ? __pfx_sctp_sendmsg+0x10/0x10
[  235.533687][T10084]  inet_sendmsg+0x119/0x140
[  235.535018][T10084]  __sys_sendto+0x42a/0x4f0
[  235.536359][T10084]  ? __pfx___sys_sendto+0x10/0x10
[  235.537827][T10084]  ? ksys_write+0x1ba/0x250
[  235.539158][T10084]  ? __pfx_ksys_write+0x10/0x10
[  235.540856][T10084]  __ia32_sys_sendto+0xdd/0x1b0
[  235.542683][T10084]  ? lockdep_hardirqs_on+0x7c/0x110
[  235.544676][T10084]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  235.547350][T10084]  __do_fast_syscall_32+0x73/0x120
[  235.549310][T10084]  do_fast_syscall_32+0x32/0x80
[  235.551132][T10084]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  235.553484][T10084] RIP: 0023:0xf7f52579
[  235.555147][T10084] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  235.561010][T10084] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  235.563469][T10084] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020847fff
[  235.565716][T10084] RDX: 000000000000fee4 RSI: 00000000000003c4 RDI: 000000002005ffe4
[  235.567973][T10084] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  235.570375][T10084] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  235.572694][T10084] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.574983][T10084]  </TASK>
[  235.593948][T10091] netlink: 84 bytes leftover after parsing attributes in process `syz.2.831'.
[  235.969523][T10104] netlink: 4 bytes leftover after parsing attributes in process `syz.2.838'.
[  235.980116][T10104] netlink: 12 bytes leftover after parsing attributes in process `syz.2.838'.
[  236.266543][T10109] netlink: 24 bytes leftover after parsing attributes in process `syz.1.835'.
[  236.337625][T10111] netlink: 20 bytes leftover after parsing attributes in process `syz.0.839'.
[  236.343352][T10111] geneve0: entered allmulticast mode
[  236.572893][T10115] sock: sock_timestamping_bind_phc: sock not bind to device
[  236.707179][T10118] netlink: 12 bytes leftover after parsing attributes in process `syz.1.841'.
[  236.715087][T10118] netlink: 16 bytes leftover after parsing attributes in process `syz.1.841'.
[  237.820469][ T5988] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  237.970544][ T5988] usb 8-1: Using ep0 maxpacket: 8
[  237.973304][ T5988] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  237.976650][ T5988] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  237.979948][ T5988] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  237.983163][ T5988] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  237.987120][ T5988] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  237.990014][ T5988] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.194934][ T5988] usb 8-1: GET_CAPABILITIES returned 0
[  238.197233][ T5988] usbtmc 8-1:16.0: can't read capabilities
[  238.406493][ T5988] usb 8-1: USB disconnect, device number 16
[  238.414972][T10141] netlink: 12 bytes leftover after parsing attributes in process `syz.0.850'.
[  238.819657][T10148] FAULT_INJECTION: forcing a failure.
[  238.819657][T10148] name failslab, interval 1, probability 0, space 0, times 0
[  238.827930][T10148] CPU: 0 UID: 0 PID: 10148 Comm: syz.0.853 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  238.832432][T10148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  238.836703][T10148] Call Trace:
[  238.838030][T10148]  <TASK>
[  238.839217][T10148]  dump_stack_lvl+0x16c/0x1f0
[  238.841087][T10148]  should_fail_ex+0x497/0x5b0
[  238.842954][T10148]  ? fs_reclaim_acquire+0xae/0x150
[  238.845020][T10148]  should_failslab+0xc2/0x120
[  238.846887][T10148]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  238.848931][T10148]  ? __pfx_mark_lock+0x10/0x10
[  238.850832][T10148]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  238.853225][T10148]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  238.855405][T10148]  mmu_topup_memory_caches+0x22/0xd0
[  238.857001][T10148]  kvm_mmu_load+0xda/0x21f0
[  238.858333][T10148]  ? mark_held_locks+0x9f/0xe0
[  238.859737][T10148]  ? kvm_apic_has_interrupt+0xb6/0x190
[  238.861412][T10148]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  238.863128][T10148]  ? kvm_guest_time_update+0x780/0xeb0
[  238.864726][T10148]  ? clear_pending_if_disabled+0xa9/0x210
[  238.866413][T10148]  ? __pfx_kvm_mmu_load+0x10/0x10
[  238.867908][T10148]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  238.869657][T10148]  ? kvm_check_and_inject_events+0x725/0x12e0
[  238.871751][T10148]  vcpu_run+0x2e2e/0x4c00
[  238.873102][T10148]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  238.874873][T10148]  ? __pfx_vcpu_run+0x10/0x10
[  238.876395][T10148]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  238.877973][T10148]  ? rcu_is_watching+0x12/0xc0
[  238.879324][T10148]  ? trace_lock_acquire+0x14e/0x1f0
[  238.881052][T10148]  ? __local_bh_enable_ip+0xa4/0x120
[  238.883225][T10148]  ? lockdep_hardirqs_on+0x7c/0x110
[  238.885189][T10148]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  238.886843][T10148]  ? lock_acquire+0x2f/0xb0
[  238.888172][T10148]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  238.889854][T10148]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  238.891747][T10148]  kvm_vcpu_ioctl+0x6ce/0x1520
[  238.893157][T10148]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  238.894792][T10148]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  238.896347][T10148]  ? tomoyo_path_number_perm+0x190/0x5b0
[  238.897974][T10148]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  238.899716][T10148]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  238.901849][T10148]  ? do_vfs_ioctl+0x513/0x1950
[  238.903741][T10148]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  238.905736][T10148]  ? __pfx_lock_release+0x10/0x10
[  238.907656][T10148]  ? trace_lock_acquire+0x14e/0x1f0
[  238.909732][T10148]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[  238.911815][T10148]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  238.914110][T10148]  ? __fget_files+0x206/0x3a0
[  238.915890][T10148]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  238.918120][T10148]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  238.920211][T10148]  __do_fast_syscall_32+0x73/0x120
[  238.922260][T10148]  do_fast_syscall_32+0x32/0x80
[  238.924196][T10148]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  238.926686][T10148] RIP: 0023:0xf710e579
[  238.928313][T10148] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  238.935811][T10148] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  238.939076][T10148] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80
[  238.942149][T10148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  238.945248][T10148] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  238.948288][T10148] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  238.951406][T10148] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  238.954508][T10148]  </TASK>
[  239.756996][T10176] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  239.765126][T10176] UDF-fs: Scanning with blocksize 2048 failed
[  239.772593][T10176] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  239.777647][T10176] UDF-fs: Scanning with blocksize 4096 failed
[  240.081408][T10179] overlay: ./file0 is not a directory
[  240.608033][T10193] sp0: Synchronizing with TNC
[  240.971463][T10191] [U] �
[  241.034549][T10197] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,���<�_e�F��"
[  241.037984][T10197] CUSE: unknown device info "3�ܟ�,��̘�"
[  241.039719][T10197] CUSE: DEVNAME unspecified
[  241.321232][T10208] FAULT_INJECTION: forcing a failure.
[  241.321232][T10208] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  241.325297][T10208] CPU: 0 UID: 0 PID: 10208 Comm: syz.2.869 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  241.328376][T10208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  241.331425][T10208] Call Trace:
[  241.332402][T10208]  <TASK>
[  241.333268][T10208]  dump_stack_lvl+0x16c/0x1f0
[  241.334635][T10208]  should_fail_ex+0x497/0x5b0
[  241.336281][T10208]  ? fs_reclaim_acquire+0xae/0x150
[  241.337929][T10208]  should_fail_alloc_page+0xe7/0x130
[  241.339662][T10208]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  241.341500][T10208]  __alloc_pages_noprof+0x190/0x25b0
[  241.343023][T10208]  ? hlock_class+0x4e/0x130
[  241.344494][T10208]  ? mark_lock+0xb5/0xc60
[  241.345883][T10208]  ? __lock_acquire+0xcc5/0x3c40
[  241.347452][T10208]  ? __pfx_mark_lock+0x10/0x10
[  241.348865][T10208]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  241.351209][T10208]  ? hlock_class+0x4e/0x130
[  241.353012][T10208]  ? hlock_class+0x4e/0x130
[  241.354761][T10208]  ? hlock_class+0x4e/0x130
[  241.356600][T10208]  ? mark_lock+0xb5/0xc60
[  241.358383][T10208]  ? __pfx_mark_lock+0x10/0x10
[  241.360322][T10208]  ? hlock_class+0x4e/0x130
[  241.362036][T10208]  ? __lock_acquire+0xcc5/0x3c40
[  241.364025][T10208]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  241.366575][T10208]  ? policy_nodemask+0xea/0x4e0
[  241.368422][T10208]  alloc_pages_mpol_noprof+0x2c9/0x610
[  241.370494][T10208]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  241.372875][T10208]  folio_alloc_mpol_noprof+0x36/0xd0
[  241.375225][T10208]  vma_alloc_folio_noprof+0xee/0x1b0
[  241.377393][T10208]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  241.379862][T10208]  ? find_held_lock+0x2d/0x110
[  241.381743][T10208]  do_pte_missing+0x2017/0x3e00
[  241.383580][T10208]  __handle_mm_fault+0x103c/0x2a40
[  241.385619][T10208]  ? find_held_lock+0x2d/0x110
[  241.387454][T10208]  ? __pfx___handle_mm_fault+0x10/0x10
[  241.389502][T10208]  ? follow_page_pte+0x3c3/0x1b20
[  241.391116][T10208]  ? __pfx_lock_release+0x10/0x10
[  241.392588][T10208]  ? follow_page_pte+0x3f7/0x1b20
[  241.394134][T10208]  handle_mm_fault+0x3fa/0xaa0
[  241.395607][T10208]  __get_user_pages+0x8d9/0x3b50
[  241.397065][T10208]  ? __pfx___get_user_pages+0x10/0x10
[  241.398665][T10208]  ? down_read_killable+0xcc/0x380
[  241.400297][T10208]  ? __pfx_down_read_killable+0x10/0x10
[  241.402090][T10208]  ? mark_lock+0xb5/0xc60
[  241.403381][T10208]  ? __pfx___lock_acquire+0x10/0x10
[  241.404934][T10208]  __gup_longterm_locked+0x211/0x1870
[  241.406491][T10208]  ? __pfx___gup_longterm_locked+0x10/0x10
[  241.408230][T10208]  ? gup_fast_fallback+0x84c/0x2690
[  241.409730][T10208]  ? __pfx_lock_release+0x10/0x10
[  241.411189][T10208]  ? mark_held_locks+0x9f/0xe0
[  241.412578][T10208]  gup_fast_fallback+0x1802/0x2690
[  241.414007][T10208]  ? __pfx_gup_fast_fallback+0x10/0x10
[  241.415516][T10208]  get_user_pages_fast+0xa8/0x100
[  241.416925][T10208]  ? __pfx_get_user_pages_fast+0x10/0x10
[  241.418464][T10208]  ? rcu_is_watching+0x12/0xc0
[  241.419784][T10208]  ? lockdep_init_map_type+0x16d/0x7d0
[  241.421324][T10208]  ? __kmalloc_noprof+0x23b/0x4f0
[  241.422709][T10208]  qp_host_get_user_memory+0x18f/0x4b0
[  241.424234][T10208]  qp_broker_alloc+0x109e/0x1ce0
[  241.425597][T10208]  ? __pfx_qp_broker_alloc+0x10/0x10
[  241.427102][T10208]  ? __pfx_lock_release+0x10/0x10
[  241.428493][T10208]  ? trace_lock_acquire+0x14e/0x1f0
[  241.430005][T10208]  vmci_qp_broker_alloc+0x93/0xc0
[  241.431404][T10208]  vmci_host_do_alloc_queuepair.constprop.0+0x1cc/0x3d0
[  241.433267][T10208]  ? __pfx_vmci_host_do_alloc_queuepair.constprop.0+0x10/0x10
[  241.435803][T10208]  ? find_held_lock+0x2d/0x110
[  241.437622][T10208]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  241.439670][T10208]  ? tomoyo_path_number_perm+0x190/0x5b0
[  241.441704][T10208]  vmci_host_unlocked_ioctl+0x508/0x1fb0
[  241.443717][T10208]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  241.445919][T10208]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  241.447741][T10208]  ? __pfx_lock_release+0x10/0x10
[  241.449615][T10208]  ? trace_lock_acquire+0x14e/0x1f0
[  241.451588][T10208]  ? __fget_files+0x206/0x3a0
[  241.453302][T10208]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  241.455469][T10208]  compat_ptr_ioctl+0x6b/0xa0
[  241.457263][T10208]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  241.459300][T10208]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  241.461226][T10208]  __do_fast_syscall_32+0x73/0x120
[  241.463122][T10208]  do_fast_syscall_32+0x32/0x80
[  241.465013][T10208]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  241.467276][T10208] RIP: 0023:0xf7f58579
[  241.468794][T10208] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  241.476043][T10208] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  241.479014][T10208] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000007a8
[  241.481933][T10208] RDX: 0000000020000640 RSI: 0000000000000000 RDI: 0000000000000000
[  241.484837][T10208] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  241.487665][T10208] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  241.490567][T10208] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  241.493507][T10208]  </TASK>
[  242.575487][T10235] __nla_validate_parse: 3 callbacks suppressed
[  242.575502][T10235] netlink: 16 bytes leftover after parsing attributes in process `syz.3.876'.
[  242.660357][   T30] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  242.830374][   T30] usb 7-1: Using ep0 maxpacket: 32
[  242.834369][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.839605][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  242.843776][   T30] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  242.847410][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.852790][   T30] usb 7-1: config 0 descriptor??
[  243.262888][   T30] savu 0003:1E7D:2D5A.0012: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  243.580619][   T39] kauditd_printk_skb: 15 callbacks suppressed
[  243.580634][   T39] audit: type=1326 audit(1736540416.080:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.880" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000
[  243.591566][   T39] audit: type=1326 audit(1736540416.090:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.880" exe="/syz-executor" sig=0 arch=40000003 syscall=178 compat=1 ip=0xf7f41579 code=0x7ffc0000
[  243.598050][   T39] audit: type=1326 audit(1736540416.090:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.880" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000
[  243.604266][   T39] audit: type=1326 audit(1736540416.090:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.880" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000
[  243.680374][    T9] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  243.830388][    T9] usb 5-1: Using ep0 maxpacket: 8
[  243.833573][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  243.837247][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  243.840769][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  243.843547][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  243.847436][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  243.851052][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.908218][T10256] sg_write: data in/out 11/14 bytes for SCSI command 0x9-- guessing data in;
[  243.908218][T10256]    program syz.3.882 not setting count and/or reply_len properly
[  244.058447][    T9] usb 5-1: GET_CAPABILITIES returned 0
[  244.060831][    T9] usbtmc 5-1:16.0: can't read capabilities
[  244.583348][T10261] netlink: 'syz.3.883': attribute type 4 has an invalid length.
[  245.070335][ T6006] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  245.220338][ T6006] usb 8-1: Using ep0 maxpacket: 8
[  245.223272][ T6006] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  245.226175][ T6006] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  245.229335][ T6006] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  245.232853][ T6006] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  245.237276][ T6006] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  245.240460][ T6006] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.450805][ T6006] usb 8-1: GET_CAPABILITIES returned 0
[  245.452558][ T6006] usbtmc 8-1:16.0: can't read capabilities
[  245.500714][ T7640] usb 7-1: reset high-speed USB device number 14 using dummy_hcd
[  245.838744][T10271] netlink: zone id is out of range
[  245.840784][T10271] netlink: zone id is out of range
[  246.294739][    T9] usb 7-1: USB disconnect, device number 14
[  246.548465][   T30] usb 5-1: USB disconnect, device number 19
[  246.654118][T10275] block nbd2: shutting down sockets
[  246.699510][T10280] netlink: 16 bytes leftover after parsing attributes in process `syz.2.888'.
[  246.960343][   T30] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  247.120289][   T30] usb 5-1: Using ep0 maxpacket: 8
[  247.124083][   T30] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  247.127797][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  247.130661][   T30] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  247.133448][   T30] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  247.137134][   T30] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  247.139677][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.351940][   T30] usb 5-1: GET_CAPABILITIES returned 0
[  247.353896][   T30] usbtmc 5-1:16.0: can't read capabilities
[  247.779712][T10285] netlink: zone id is out of range
[  247.781624][T10285] netlink: zone id is out of range
[  247.801786][T10287] sg_write: data in/out 11/14 bytes for SCSI command 0x9-- guessing data in;
[  247.801786][T10287]    program syz.2.889 not setting count and/or reply_len properly
[  248.001650][   T30] usb 8-1: USB disconnect, device number 17
[  248.575203][T10293] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,���<�_e�F��"
[  248.578575][T10293] CUSE: unknown device info "3�ܟ�,��̘�"
[  248.580416][T10293] CUSE: DEVNAME unspecified
[  248.803561][T10295] sg_write: process 809 (syz.2.892) changed security contexts after opening file descriptor, this is not allowed.
[  249.110320][   T30] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  249.260476][   T30] usb 7-1: Using ep0 maxpacket: 32
[  249.263324][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.266394][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.269185][   T30] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  249.271810][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.276196][   T30] usb 7-1: config 0 descriptor??
[  249.685445][   T30] savu 0003:1E7D:2D5A.0013: hiddev1,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  249.707393][ T6006] usb 5-1: USB disconnect, device number 20
[  250.281431][ T6006] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  250.430391][ T6006] usb 5-1: Using ep0 maxpacket: 32
[  250.433931][ T6006] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  250.437350][ T6006] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  250.441865][ T6006] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  250.446305][ T6006] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  250.451850][ T6006] usb 5-1: config 0 interface 0 has no altsetting 0
[  250.456480][ T6006] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  250.460092][ T6006] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  250.463614][ T6006] usb 5-1: Product: syz
[  250.465245][ T6006] usb 5-1: Manufacturer: syz
[  250.467066][ T6006] usb 5-1: SerialNumber: syz
[  250.470419][ T6006] usb 5-1: config 0 descriptor??
[  250.474190][ T6006] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  250.477430][ T6006] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  250.679371][T10307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  250.682058][T10307] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  250.764798][T10317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.897'.
[  251.893172][ T6024] usb 7-1: USB disconnect, device number 15
[  251.938969][T10330] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,���<�_e�F��"
[  251.943658][T10330] CUSE: unknown device info "3�ܟ�,��̘�"
[  251.946269][T10330] CUSE: DEVNAME unspecified
[  252.320466][ T6024] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  252.470348][ T6024] usb 7-1: Using ep0 maxpacket: 16
[  252.473819][ T6024] usb 7-1: config 0 has no interfaces?
[  252.477036][ T6024] usb 7-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[  252.479588][ T6024] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.481918][ T6024] usb 7-1: Product: syz
[  252.483166][ T6024] usb 7-1: Manufacturer: syz
[  252.484516][ T6024] usb 7-1: SerialNumber: syz
[  252.487688][ T6024] usb 7-1: config 0 descriptor??
[  252.697010][ T6024] usb 7-1: USB disconnect, device number 16
[  253.080502][ T5959] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  253.083292][ T5959] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  253.090455][ T5959] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  253.101737][ T5959] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  253.105693][ T5959] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  253.108043][ T5959] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  253.123789][ T6898] usb 5-1: USB disconnect, device number 21
[  253.132326][ T6898] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  253.242270][T10342] chnl_net:caif_netlink_parms(): no params data found
[  253.279333][T10354] FAULT_INJECTION: forcing a failure.
[  253.279333][T10354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.285090][T10354] CPU: 2 UID: 0 PID: 10354 Comm: syz.0.907 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  253.289187][T10354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.292741][T10354] Call Trace:
[  253.293888][T10354]  <TASK>
[  253.294918][T10354]  dump_stack_lvl+0x16c/0x1f0
[  253.296539][T10354]  should_fail_ex+0x497/0x5b0
[  253.298154][T10354]  _copy_from_user+0x2e/0xd0
[  253.299742][T10354]  __sys_bpf+0x215/0x57a0
[  253.301237][T10354]  ? __pfx_lock_release+0x10/0x10
[  253.302970][T10354]  ? __pfx___sys_bpf+0x10/0x10
[  253.304611][T10354]  ? vfs_write+0x306/0x1150
[  253.306171][T10354]  ? __mutex_unlock_slowpath+0x164/0x690
[  253.308092][T10354]  ? fput+0x67/0x440
[  253.309477][T10354]  ? ksys_write+0x1ba/0x250
[  253.311015][T10354]  ? __pfx_ksys_write+0x10/0x10
[  253.312651][T10354]  __ia32_sys_bpf+0x76/0xe0
[  253.314177][T10354]  __do_fast_syscall_32+0x73/0x120
[  253.315898][T10354]  do_fast_syscall_32+0x32/0x80
[  253.317540][T10354]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.319598][T10354] RIP: 0023:0xf710e579
[  253.320975][T10354] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  253.327286][T10354] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  253.330082][T10354] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200011c0
[  253.332724][T10354] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  253.335333][T10354] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.337837][T10354] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  253.340405][T10354] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.342958][T10354]  </TASK>
[  253.414816][T10342] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.416852][T10342] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.418863][T10342] bridge_slave_0: entered allmulticast mode
[  253.421897][T10342] bridge_slave_0: entered promiscuous mode
[  253.424940][T10342] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.427046][T10342] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.429160][T10342] bridge_slave_1: entered allmulticast mode
[  253.431673][T10342] bridge_slave_1: entered promiscuous mode
[  253.446052][T10363] FAULT_INJECTION: forcing a failure.
[  253.446052][T10363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.449690][T10363] CPU: 2 UID: 0 PID: 10363 Comm: syz.2.908 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  253.453588][T10363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.457744][T10363] Call Trace:
[  253.459100][T10363]  <TASK>
[  253.460278][T10363]  dump_stack_lvl+0x16c/0x1f0
[  253.461924][T10363]  should_fail_ex+0x497/0x5b0
[  253.463189][T10363]  _copy_from_user+0x2e/0xd0
[  253.464487][T10363]  get_compat_msghdr+0xa8/0x170
[  253.466076][T10363]  ? __pfx_get_compat_msghdr+0x10/0x10
[  253.467557][T10363]  ___sys_sendmsg+0x1b0/0x1e0
[  253.468879][T10363]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.470360][T10363]  ? __pfx_lock_release+0x10/0x10
[  253.471708][T10363]  ? trace_lock_acquire+0x14e/0x1f0
[  253.473170][T10363]  ? __fget_files+0x206/0x3a0
[  253.474476][T10363]  __sys_sendmsg+0x16e/0x220
[  253.475771][T10363]  ? __pfx___sys_sendmsg+0x10/0x10
[  253.477252][T10363]  __do_fast_syscall_32+0x73/0x120
[  253.478649][T10363]  do_fast_syscall_32+0x32/0x80
[  253.479993][T10363]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.482417][T10363] RIP: 0023:0xf7f58579
[  253.484031][T10363] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  253.490346][T10363] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  253.492739][T10363] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000000
[  253.494886][T10363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  253.497032][T10363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.499174][T10363] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  253.501670][T10363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.504638][T10363]  </TASK>
[  253.526261][T10342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.531624][T10342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.580007][T10342] team0: Port device team_slave_0 added
[  253.585198][T10342] team0: Port device team_slave_1 added
[  253.672057][T10342] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.674786][T10342] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.685948][T10342] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.692292][T10342] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.695722][T10342] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.705667][T10342] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.732990][T10366] netlink: 'syz.3.910': attribute type 1 has an invalid length.
[  253.899698][T10366] bond1: entered promiscuous mode
[  253.905038][T10366] 8021q: adding VLAN 0 to HW filter on device bond1
[  253.927042][T10342] hsr_slave_0: entered promiscuous mode
[  253.929065][T10342] hsr_slave_1: entered promiscuous mode
[  253.931844][T10342] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  253.935153][T10342] Cannot create hsr debugfs directory
[  254.025392][T10342] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  254.028739][T10342] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  254.035061][T10342] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  254.038871][T10342] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  254.047974][T10342] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.051209][T10342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.053291][T10342] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.055289][T10342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.110588][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.139843][T10342] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.144712][   T84] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.147716][   T84] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.167629][T10342] 8021q: adding VLAN 0 to HW filter on device team0
[  254.185683][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.198246][   T84] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.202312][   T84] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.208504][   T84] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.211357][   T84] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.305064][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.376755][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.412217][T10342] 8021q: adding VLAN 0 to HW filter on device batadv0
[  254.524850][   T11] bridge_slave_1: left allmulticast mode
[  254.526874][   T11] bridge_slave_1: left promiscuous mode
[  254.529538][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.538558][   T11] bridge_slave_0: left allmulticast mode
[  254.541201][   T11] bridge_slave_0: left promiscuous mode
[  254.543206][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.946465][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  254.954513][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  254.961342][   T11] bond0 (unregistering): Released all slaves
[  255.180941][ T5959] Bluetooth: hci1: command tx timeout
[  255.219345][T10342] veth0_vlan: entered promiscuous mode
[  255.223680][T10342] veth1_vlan: entered promiscuous mode
[  255.237434][T10342] veth0_macvtap: entered promiscuous mode
[  255.240827][T10342] veth1_macvtap: entered promiscuous mode
[  255.247513][T10342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.260282][T10342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.263089][T10342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.271266][T10342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.274050][T10342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.276933][T10342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.279663][T10342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.284888][T10342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.288327][T10342] batman_adv: batadv0: Interface activated: batadv_slave_0
[  255.292867][T10342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  255.295970][T10342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.298771][T10342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  255.302249][T10342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.305084][T10342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  255.308075][T10342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.311748][T10342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  255.314824][T10342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.318227][T10342] batman_adv: batadv0: Interface activated: batadv_slave_1
[  255.339384][T10342] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  255.342799][T10342] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  255.345410][T10342] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.347939][T10342] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.351768][T10422] FAULT_INJECTION: forcing a failure.
[  255.351768][T10422] name failslab, interval 1, probability 0, space 0, times 0
[  255.356352][T10422] CPU: 1 UID: 0 PID: 10422 Comm: syz.0.920 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  255.359439][T10422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.362533][T10422] Call Trace:
[  255.363506][T10422]  <TASK>
[  255.364377][T10422]  dump_stack_lvl+0x16c/0x1f0
[  255.365746][T10422]  should_fail_ex+0x497/0x5b0
[  255.367111][T10422]  ? fs_reclaim_acquire+0xae/0x150
[  255.368597][T10422]  should_failslab+0xc2/0x120
[  255.369967][T10422]  __kmalloc_cache_noprof+0x68/0x420
[  255.371462][T10422]  ? __pfx___folio_start_writeback+0x10/0x10
[  255.373199][T10422]  ? do_raw_spin_lock+0x12d/0x2c0
[  255.374661][T10422]  netfs_buffer_make_space+0x432/0x6b0
[  255.376174][T10422]  netfs_buffer_append_folio+0x298/0x360
[  255.377701][T10422]  netfs_write_folio+0x540/0x1930
[  255.379106][T10422]  netfs_writepages+0x29a/0x8f0
[  255.380477][T10422]  ? __pfx_netfs_writepages+0x10/0x10
[  255.381970][T10422]  ? security_inode_getattr+0x116/0x290
[  255.383516][T10422]  ? __pfx___lock_acquire+0x10/0x10
[  255.384970][T10422]  ? hlock_class+0x4e/0x130
[  255.386252][T10422]  ? mark_lock+0xb5/0xc60
[  255.387464][T10422]  ? __pfx_netfs_writepages+0x10/0x10
[  255.388985][T10422]  do_writepages+0x1b3/0x820
[  255.390283][T10422]  ? find_held_lock+0x2d/0x110
[  255.391639][T10422]  ? __pfx_do_writepages+0x10/0x10
[  255.393101][T10422]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  255.394806][T10422]  ? __pfx_lock_release+0x10/0x10
[  255.396249][T10422]  ? do_raw_spin_lock+0x12d/0x2c0
[  255.397688][T10422]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  255.399238][T10422]  ? lock_acquire+0x2f/0xb0
[  255.400547][T10422]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  255.402228][T10422]  ? do_raw_spin_unlock+0x172/0x230
[  255.403711][T10422]  ? _raw_spin_unlock+0x28/0x50
[  255.405115][T10422]  filemap_fdatawrite_wbc+0x104/0x160
[  255.406614][T10422]  __filemap_fdatawrite_range+0xb3/0xf0
[  255.408198][T10422]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  255.409984][T10422]  ? tomoyo_path_perm+0x29c/0x480
[  255.411476][T10422]  ? end_current_label_crit_section+0xa8/0x1a0
[  255.413247][T10422]  v9fs_vfs_getattr+0x305/0x400
[  255.414630][T10422]  ? __pfx_v9fs_vfs_getattr+0x10/0x10
[  255.416127][T10422]  vfs_getattr_nosec+0x2ae/0x370
[  255.417510][T10422]  vfs_statx_path+0x52/0x310
[  255.418839][T10422]  vfs_statx+0x11f/0x1c0
[  255.420028][T10422]  ? __pfx_vfs_statx+0x10/0x10
[  255.421359][T10422]  ? getname_flags.part.0+0x1c5/0x550
[  255.422838][T10422]  __do_compat_sys_newlstat+0xb1/0x140
[  255.424375][T10422]  ? __pfx___do_compat_sys_newlstat+0x10/0x10
[  255.426055][T10422]  ? __pfx_ksys_write+0x10/0x10
[  255.427443][T10422]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  255.429285][T10422]  __do_fast_syscall_32+0x73/0x120
[  255.430748][T10422]  do_fast_syscall_32+0x32/0x80
[  255.432134][T10422]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.433930][T10422] RIP: 0023:0xf710e579
[  255.435100][T10422] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  255.440428][T10422] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 000000000000006b
[  255.442737][T10422] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000000000
[  255.445070][T10422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  255.447271][T10422] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.449528][T10422] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  255.451763][T10422] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.454017][T10422]  </TASK>
[  255.454980][    C1] vkms_vblank_simulate: vblank timer overrun
[  255.458349][T10422] ------------[ cut here ]------------
[  255.459904][T10422] WARNING: CPU: 1 PID: 10422 at lib/iov_iter.c:255 _copy_from_iter+0x39b/0x1400
[  255.462554][T10422] Modules linked in:
[  255.463701][T10422] CPU: 1 UID: 0 PID: 10422 Comm: syz.0.920 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  255.468372][T10422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  255.471633][T10422] RIP: 0010:_copy_from_iter+0x39b/0x1400
[  255.473145][T10422] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 06 3c 02 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 f8 3b 02 fd 89 de bf 01 00 00 00 e8 8c
[  255.478527][T10422] RSP: 0018:ffffc90007966fe0 EFLAGS: 00010293
[  255.480652][T10422] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff84971388
[  255.482908][T10422] RDX: ffff8880251f4880 RSI: ffffffff8497166a RDI: 0000000000000001
[  255.485419][T10422] RBP: 0000000000007fec R08: 0000000000000001 R09: 0000000000000000
[  255.487675][T10422] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888069e4af60
[  255.489948][T10422] R13: ffff888070defe20 R14: ffff888069e4af60 R15: 0000000000007fec
[  255.492324][T10422] FS:  0000000000000000(0000) GS:ffff88802b500000(0063) knlGS:00000000f5100b40
[  255.494767][T10422] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  255.496761][T10422] CR2: 000055c6bf81c131 CR3: 0000000052738000 CR4: 0000000000352ef0
[  255.498910][T10422] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  255.501396][T10422] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  255.503590][T10422] Call Trace:
[  255.504548][T10422]  <TASK>
[  255.505387][T10422]  ? __warn+0xea/0x3c0
[  255.506523][T10422]  ? _copy_from_iter+0x39b/0x1400
[  255.507936][T10422]  ? report_bug+0x3c0/0x580
[  255.509343][T10422]  ? handle_bug+0x54/0xa0
[  255.510764][T10422]  ? exc_invalid_op+0x17/0x50
[  255.512069][T10422]  ? asm_exc_invalid_op+0x1a/0x20
[  255.513534][T10422]  ? _copy_from_iter+0xb8/0x1400
[  255.514943][T10422]  ? _copy_from_iter+0x39a/0x1400
[  255.516340][T10422]  ? _copy_from_iter+0x39b/0x1400
[  255.517843][T10422]  ? __pfx_lock_release+0x10/0x10
[  255.519240][T10422]  ? trace_lock_acquire+0x14e/0x1f0
[  255.520752][T10422]  ? __pfx__copy_from_iter+0x10/0x10
[  255.522219][T10422]  ? __virt_addr_valid+0x1a4/0x590
[  255.523661][T10422]  ? __virt_addr_valid+0x5e/0x590
[  255.525081][T10422]  ? __phys_addr+0xc6/0x150
[  255.526353][T10422]  ? __phys_addr_symbol+0x30/0x80
[  255.527743][T10422]  ? __check_object_size+0x488/0x710
[  255.529209][T10422]  p9pdu_vwritef+0x2cb/0x21d0
[  255.530590][T10422]  ? p9pdu_writef+0xc4/0x100
[  255.531885][T10422]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  255.533322][T10422]  ? __pfx_p9_tag_alloc+0x10/0x10
[  255.534798][T10422]  ? hlock_class+0x4e/0x130
[  255.536066][T10422]  ? mark_lock+0xb5/0xc60
[  255.537283][T10422]  p9_client_prepare_req+0x244/0x4d0
[  255.538778][T10422]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  255.540432][T10422]  ? __kernel_text_address+0xd/0x40
[  255.541842][T10422]  ? unwind_get_return_address+0x59/0xa0
[  255.543401][T10422]  ? arch_stack_walk+0xa7/0x100
[  255.544745][T10422]  p9_client_rpc+0x1c3/0xc10
[  255.546052][T10422]  ? __lock_acquire+0xcc5/0x3c40
[  255.547454][T10422]  ? __pfx_p9_client_rpc+0x10/0x10
[  255.549238][T10422]  ? hlock_class+0x4e/0x130
[  255.550619][T10422]  ? mark_lock+0xb5/0xc60
[  255.551853][T10422]  p9_client_write+0x31f/0x680
[  255.553208][T10422]  ? __pfx_p9_client_write+0x10/0x10
[  255.554698][T10422]  ? mark_held_locks+0x9f/0xe0
[  255.556069][T10422]  v9fs_issue_write+0xe4/0x1b0
[  255.557467][T10422]  ? __pfx_v9fs_issue_write+0x10/0x10
[  255.558978][T10422]  ? rcu_is_watching+0x12/0xc0
[  255.560415][T10422]  netfs_do_issue_write+0x92/0x110
[  255.561841][T10422]  netfs_advance_write+0x384/0xc80
[  255.563274][T10422]  ? netfs_buffer_append_folio+0x276/0x360
[  255.565091][T10422]  netfs_write_folio+0xc19/0x1930
[  255.566508][T10422]  netfs_writepages+0x29a/0x8f0
[  255.567905][T10422]  ? __pfx_netfs_writepages+0x10/0x10
[  255.569437][T10422]  ? security_inode_getattr+0x116/0x290
[  255.571173][T10422]  ? __pfx___lock_acquire+0x10/0x10
[  255.572660][T10422]  ? hlock_class+0x4e/0x130
[  255.573966][T10422]  ? mark_lock+0xb5/0xc60
[  255.575235][T10422]  ? __pfx_netfs_writepages+0x10/0x10
[  255.576847][T10422]  do_writepages+0x1b3/0x820
[  255.578150][T10422]  ? find_held_lock+0x2d/0x110
[  255.579668][T10422]  ? __pfx_do_writepages+0x10/0x10
[  255.581378][T10422]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  255.583063][T10422]  ? __pfx_lock_release+0x10/0x10
[  255.584560][T10422]  ? do_raw_spin_lock+0x12d/0x2c0
[  255.586005][T10422]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  255.587528][T10422]  ? lock_acquire+0x2f/0xb0
[  255.588876][T10422]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  255.590607][T10422]  ? do_raw_spin_unlock+0x172/0x230
[  255.592068][T10422]  ? _raw_spin_unlock+0x28/0x50
[  255.593443][T10422]  filemap_fdatawrite_wbc+0x104/0x160
[  255.594999][T10422]  __filemap_fdatawrite_range+0xb3/0xf0
[  255.596597][T10422]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  255.598357][T10422]  ? tomoyo_path_perm+0x29c/0x480
[  255.599814][T10422]  ? end_current_label_crit_section+0xa8/0x1a0
[  255.601649][T10422]  v9fs_vfs_getattr+0x305/0x400
[  255.603008][T10422]  ? __pfx_v9fs_vfs_getattr+0x10/0x10
[  255.604532][T10422]  vfs_getattr_nosec+0x2ae/0x370
[  255.605951][T10422]  vfs_statx_path+0x52/0x310
[  255.607282][T10422]  vfs_statx+0x11f/0x1c0
[  255.608465][T10422]  ? __pfx_vfs_statx+0x10/0x10
[  255.609804][T10422]  ? getname_flags.part.0+0x1c5/0x550
[  255.611411][T10422]  __do_compat_sys_newlstat+0xb1/0x140
[  255.612927][T10422]  ? __pfx___do_compat_sys_newlstat+0x10/0x10
[  255.614618][T10422]  ? __pfx_ksys_write+0x10/0x10
[  255.616021][T10422]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  255.617938][T10422]  __do_fast_syscall_32+0x73/0x120
[  255.619397][T10422]  do_fast_syscall_32+0x32/0x80
[  255.620854][T10422]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.622663][T10422] RIP: 0023:0xf710e579
[  255.623824][T10422] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  255.629171][T10422] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 000000000000006b
[  255.631624][T10422] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000000000
[  255.633949][T10422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  255.636224][T10422] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.638485][T10422] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  255.640837][T10422] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.643092][T10422]  </TASK>
[  255.643985][T10422] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  255.646059][T10422] CPU: 1 UID: 0 PID: 10422 Comm: syz.0.920 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0
[  255.649081][T10422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.652131][T10422] Call Trace:
[  255.653094][T10422]  <TASK>
[  255.653942][T10422]  dump_stack_lvl+0x3d/0x1f0
[  255.655291][T10422]  panic+0x71d/0x800
[  255.656429][T10422]  ? __pfx_panic+0x10/0x10
[  255.657717][T10422]  ? show_trace_log_lvl+0x29d/0x3d0
[  255.659207][T10422]  ? check_panic_on_warn+0x1f/0xb0
[  255.660689][T10422]  ? _copy_from_iter+0x39b/0x1400
[  255.662074][T10422]  check_panic_on_warn+0xab/0xb0
[  255.663496][T10422]  __warn+0xf6/0x3c0
[  255.664635][T10422]  ? _copy_from_iter+0x39b/0x1400
[  255.666078][T10422]  report_bug+0x3c0/0x580
[  255.667350][T10422]  handle_bug+0x54/0xa0
[  255.668583][T10422]  exc_invalid_op+0x17/0x50
[  255.669924][T10422]  asm_exc_invalid_op+0x1a/0x20
[  255.671324][T10422] RIP: 0010:_copy_from_iter+0x39b/0x1400
[  255.672933][T10422] Code: 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de f3 a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff e8 06 3c 02 fd 90 <0f> 0b 90 e9 ae fd ff ff e8 f8 3b 02 fd 89 de bf 01 00 00 00 e8 8c
[  255.678395][T10422] RSP: 0018:ffffc90007966fe0 EFLAGS: 00010293
[  255.680146][T10422] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff84971388
[  255.682373][T10422] RDX: ffff8880251f4880 RSI: ffffffff8497166a RDI: 0000000000000001
[  255.684480][T10422] RBP: 0000000000007fec R08: 0000000000000001 R09: 0000000000000000
[  255.686574][T10422] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888069e4af60
[  255.688839][T10422] R13: ffff888070defe20 R14: ffff888069e4af60 R15: 0000000000007fec
[  255.691098][T10422]  ? _copy_from_iter+0xb8/0x1400
[  255.692517][T10422]  ? _copy_from_iter+0x39a/0x1400
[  255.693956][T10422]  ? __pfx_lock_release+0x10/0x10
[  255.695403][T10422]  ? trace_lock_acquire+0x14e/0x1f0
[  255.696896][T10422]  ? __pfx__copy_from_iter+0x10/0x10
[  255.698402][T10422]  ? __virt_addr_valid+0x1a4/0x590
[  255.699874][T10422]  ? __virt_addr_valid+0x5e/0x590
[  255.701326][T10422]  ? __phys_addr+0xc6/0x150
[  255.702628][T10422]  ? __phys_addr_symbol+0x30/0x80
[  255.704070][T10422]  ? __check_object_size+0x488/0x710
[  255.705606][T10422]  p9pdu_vwritef+0x2cb/0x21d0
[  255.706958][T10422]  ? p9pdu_writef+0xc4/0x100
[  255.708294][T10422]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  255.709768][T10422]  ? __pfx_p9_tag_alloc+0x10/0x10
[  255.711207][T10422]  ? hlock_class+0x4e/0x130
[  255.712521][T10422]  ? mark_lock+0xb5/0xc60
[  255.713765][T10422]  p9_client_prepare_req+0x244/0x4d0
[  255.715281][T10422]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  255.716946][T10422]  ? __kernel_text_address+0xd/0x40
[  255.718427][T10422]  ? unwind_get_return_address+0x59/0xa0
[  255.720019][T10422]  ? arch_stack_walk+0xa7/0x100
[  255.721419][T10422]  p9_client_rpc+0x1c3/0xc10
[  255.722746][T10422]  ? __lock_acquire+0xcc5/0x3c40
[  255.724167][T10422]  ? __pfx_p9_client_rpc+0x10/0x10
[  255.725646][T10422]  ? hlock_class+0x4e/0x130
[  255.726945][T10422]  ? mark_lock+0xb5/0xc60
[  255.728199][T10422]  p9_client_write+0x31f/0x680
[  255.729572][T10422]  ? __pfx_p9_client_write+0x10/0x10
[  255.731082][T10422]  ? mark_held_locks+0x9f/0xe0
[  255.732461][T10422]  v9fs_issue_write+0xe4/0x1b0
[  255.733839][T10422]  ? __pfx_v9fs_issue_write+0x10/0x10
[  255.735380][T10422]  ? rcu_is_watching+0x12/0xc0
[  255.736758][T10422]  netfs_do_issue_write+0x92/0x110
[  255.738220][T10422]  netfs_advance_write+0x384/0xc80
[  255.739679][T10422]  ? netfs_buffer_append_folio+0x276/0x360
[  255.741345][T10422]  netfs_write_folio+0xc19/0x1930
[  255.742779][T10422]  netfs_writepages+0x29a/0x8f0
[  255.744177][T10422]  ? __pfx_netfs_writepages+0x10/0x10
[  255.745699][T10422]  ? security_inode_getattr+0x116/0x290
[  255.747274][T10422]  ? __pfx___lock_acquire+0x10/0x10
[  255.748769][T10422]  ? hlock_class+0x4e/0x130
[  255.750072][T10422]  ? mark_lock+0xb5/0xc60
[  255.751310][T10422]  ? __pfx_netfs_writepages+0x10/0x10
[  255.752830][T10422]  do_writepages+0x1b3/0x820
[  255.754073][T10422]  ? find_held_lock+0x2d/0x110
[  255.755432][T10422]  ? __pfx_do_writepages+0x10/0x10
[  255.756931][T10422]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  255.758646][T10422]  ? __pfx_lock_release+0x10/0x10
[  255.760107][T10422]  ? do_raw_spin_lock+0x12d/0x2c0
[  255.761543][T10422]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  255.763068][T10422]  ? lock_acquire+0x2f/0xb0
[  255.764374][T10422]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  255.766068][T10422]  ? do_raw_spin_unlock+0x172/0x230
[  255.767555][T10422]  ? _raw_spin_unlock+0x28/0x50
[  255.768963][T10422]  filemap_fdatawrite_wbc+0x104/0x160
[  255.770494][T10422]  __filemap_fdatawrite_range+0xb3/0xf0
[  255.772069][T10422]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  255.773857][T10422]  ? tomoyo_path_perm+0x29c/0x480
[  255.775320][T10422]  ? end_current_label_crit_section+0xa8/0x1a0
[  255.777083][T10422]  v9fs_vfs_getattr+0x305/0x400
[  255.778473][T10422]  ? __pfx_v9fs_vfs_getattr+0x10/0x10
[  255.780006][T10422]  vfs_getattr_nosec+0x2ae/0x370
[  255.781464][T10422]  vfs_statx_path+0x52/0x310
[  255.782798][T10422]  vfs_statx+0x11f/0x1c0
[  255.784013][T10422]  ? __pfx_vfs_statx+0x10/0x10
[  255.785401][T10422]  ? getname_flags.part.0+0x1c5/0x550
[  255.786940][T10422]  __do_compat_sys_newlstat+0xb1/0x140
[  255.788442][T10422]  ? __pfx___do_compat_sys_newlstat+0x10/0x10
[  255.790181][T10422]  ? __pfx_ksys_write+0x10/0x10
[  255.791575][T10422]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  255.793441][T10422]  __do_fast_syscall_32+0x73/0x120
[  255.794908][T10422]  do_fast_syscall_32+0x32/0x80
[  255.796307][T10422]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.798108][T10422] RIP: 0023:0xf710e579
[  255.799279][T10422] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  255.804563][T10422] RSP: 002b:00000000f510055c EFLAGS: 00000296 ORIG_RAX: 000000000000006b
[  255.806817][T10422] RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000000000
[  255.809045][T10422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  255.811242][T10422] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.813430][T10422] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  255.815535][T10422] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.817667][T10422]  </TASK>
[  255.819119][T10422] Kernel Offset: disabled
[  255.820411][T10422] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:19:56  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff90ae7c74 RDX=1ffff92001b07e2a
RSI=0000000000000001 RDI=ffffffff902ddf2c RBP=ffffc9000d83f160 RSP=ffffc9000d83f0a8
R8 =ffffffff90ae7c92 R9 =ffffffff90ae7c78 R10=ffffc9000d83f118 R11=0000000000005920
R12=ffffc9000d83f168 R13=ffffc9000d83f118 R14=0000000000000005 R15=0000000000000000
RIP=ffffffff8148f448 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7fb6e40 CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7453ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851454b5 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc90007966948
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005
R12=0000000000000000 R13=0000000000000031 R14=ffffffff85145450 R15=0000000000000000
RIP=ffffffff851454df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055c6bf81c131 CR3=0000000052738000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ff0000000000 0000ff0000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
EAX=f6743b80 EBX=ffffffff ECX=00000000 EDX=818d5306
ESI=818d5306 EDI=ffffffff EBP=f6743068 ESP=ff846480
EIP=f70e496a EFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 58208440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 00091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c338a4b CR3=0000000067602000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000376d29 RBX=0000000000000003 RCX=ffffffff8b1a7899 RDX=0000000000000000
RSI=ffffffff8b4cd300 RDI=ffffffff8bb17140 RBP=ffffed10039df488 RSP=ffffc9000049fe08
R8 =0000000000000001 R9 =ffffed10056e6fed R10=ffff88802b737f6b R11=0000000000000000
R12=0000000000000003 R13=ffff88801cefa440 R14=ffffffff901cf250 R15=0000000000000000
RIP=ffffffff8b1a8c7f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000582084c0 CR3=000000004eb0a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000