last executing test programs:

5.956576158s ago: executing program 0 (id=718):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x8000000002)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
execve(&(0x7f0000000380)='./file0\x00', &(0x7f00000004c0)={[&(0x7f0000000400)='\x00', &(0x7f0000000440)='\x00', &(0x7f0000000480)='*\'!#D#^*\x00']}, &(0x7f0000000640)={[&(0x7f0000000500)='\x00', &(0x7f0000000540)='ct\x00', &(0x7f0000000580)='ct\x00', &(0x7f00000005c0)=']%*\x00', &(0x7f0000000600)='\x00']})
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x801}, 0x48050)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
r3 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r3, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca0000c441f96ec8d3c4c60066400fe2def3ad46c7045300101000f00f94c422e10399c5c1202066410f6f15040000000000e1f563df", 0xdc000006, 0x0}, 0x0, 0x8, &(0x7f0000000300))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
syz_io_uring_setup(0x38a9, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0xfffffffe, 0x0, 0x0, r5}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r5})
sendmmsg$inet6(r4, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f00000000c0)={<r8=>0x0, @local, @local}, &(0x7f0000000680)=0xc)
ioctl$SNDCTL_DSP_GETTRIGGER(r5, 0x80045010, &(0x7f0000000280))
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCSIFADDR(r9, 0x8916, &(0x7f0000000000)={@remote, 0x3, r8})
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)

5.954176978s ago: executing program 1 (id=719):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x17}}}]}, 0x58}}, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
readv(r5, &(0x7f0000000340)=[{&(0x7f0000000480)=""/14, 0xe}, {&(0x7f0000003a40)=""/4097, 0x1001}, {&(0x7f0000001680)=""/4096, 0x1000}], 0x3)
splice(r4, 0x0, r3, 0x0, 0x1, 0x0)
fcntl$setpipe(r3, 0x408, 0x20000)
close_range(r3, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r6)
r7 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r8 = dup(r7)
r9 = syz_open_dev$video(&(0x7f0000000000), 0x75, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r9, 0xc034564b, &(0x7f0000000040)={0x0, 0x50424752, 0xf00, 0x5, 0x0, @stepwise={{0x3be1, 0x5}, {0x20006, 0xc}, {0x1, 0x8}}})
write$6lowpan_enable(r8, 0x0, 0x0)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000140)=<r10=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

5.802320526s ago: executing program 1 (id=720):
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card1/oss_mixer\x00', 0x1, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0xdc3, 0x2000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pipe(&(0x7f0000000080))
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_usb_disconnect(r0)

4.7545392s ago: executing program 0 (id=725):
r0 = openat$qrtrtun(0xffffff9c, &(0x7f0000000000), 0x2)
write$qrtrtun(r0, &(0x7f0000000040)="5b012e3389f8e4ec46e23868d9812408695347285161944c447c00408cfbaad4a9a6987240b5a8c83832", 0x2a)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000080)=0x1000001, 0x4)
r2 = syz_open_dev$MSR(&(0x7f00000000c0), 0x6, 0x0)
read$msr(r2, &(0x7f0000000100)=""/68, 0x44)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x7)
timer_create(0x3, &(0x7f0000000300)={0x0, 0x23, 0x0, @thr={&(0x7f0000000180)="12d1b27a49209d0aca45cd1892e4570333a177a54e90aad4f27d0ff7a8041eb2697d7594cc24e698a48e259dbee04c2bda28aaffd9bad2e29fc3f8e70a347cb3ad10abc6659ee6eee36a84efeb74a1fbfb8278a86022f6d71d9f07bbf6723ce8fa64dc3c4661ea881a8d728a2e34d537f71a6f19db6e5e5020e3eb", &(0x7f0000000200)="6625732b55a585778fc83b86bcf391975347cc46b337fcb5ff9ca25e50ab06dd5a46fd58b9f64db39b361a12c13e494c52ce5c53d253a27b36d56948eb8c55c1a764c26f6aa129685df08d233430dadd9c29b167d90b17c1e50cd1bb34df15307ead8b89a3b80bf8a30bacb1603f351172e4e17137ca1ed9a18e7504715bdafde740f6b830de9869e5cb1b0de58959f3e66280940f05c06c48d66358310d90c5456301ebbf1d43756149f326c5822d16713736a2d031a977d36ada5a45beb3e77da37a31d1982c47d91a7afce6f41c4c5b84938ff0db425f604340fadca72405147c51"}}, &(0x7f0000000340))
r4 = userfaultfd(0x0)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000ffb000/0x2000)=nil, 0x2000}})
r5 = syz_usb_connect$printer(0x2, 0x36, &(0x7f00000003c0)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1, 0x30, 0x8, [{{0x9, 0x4, 0x0, 0xca, 0x1, 0x7, 0x1, 0x1, 0x8, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0xfb, 0x0, 0x1}}, [{{0x9, 0x5, 0x82, 0x2, 0x40, 0x0, 0x10, 0xde}}]}}}]}}]}}, &(0x7f0000000780)={0xa, &(0x7f0000000400)={0xa, 0x6, 0x310, 0x40, 0x0, 0x5c, 0x40, 0x8}, 0x20, &(0x7f0000000440)={0x5, 0xf, 0x20, 0x2, [@ext_cap={0x7, 0x10, 0x2, 0x18, 0x3, 0xb, 0x8001}, @ss_container_id={0x14, 0x10, 0x4, 0xc7, "2abdf4bf557535277a86797abdc31af7"}]}, 0x8, [{0x3, &(0x7f0000000480)=@string={0x3, 0x3, "97"}}, {0x90, &(0x7f00000004c0)=@string={0x90, 0x3, "ff9fabb3853a9b22aa816cb55577c86d56460939fce06a2b880e126e8c7b08471ec80c16ab909737df70fcf18f17312b388f771cc3652fdac25f77039c4b9363a15f928a5dbbb02e56435e8d98e0c4858957ade153eb638b915cc34656c79ad49c73d0a57a946a6db0f8e2452a553a91b9227d95e787ec8d97bf6da22f6eb30fbc6662c3553616cb599b2f0ed921"}}, {0x65, &(0x7f0000000580)=@string={0x65, 0x3, "1f53fda70c91e09c8664defe629dd54659218565d791780a457a83bdfd573268b00be04b25fffdaf2362851428762f097d3c0462888f2ef6029abfffe99401512f54d9f032c04132c85c53f102af4aa186bd07031c00e34a62bf92b4ca0b64f0060d2b"}}, {0x48, &(0x7f0000000600)=@string={0x48, 0x3, "54fe8a86a70b5cf8b045db9dbb868262309267940acfc0492f7d441d6b05b72f8f0bc6a93cd94802654ccaa645b6ce84b91ba234d2df0a32dee6508b0dd98b5ea5f32907004f"}}, {0x7, &(0x7f0000000680)=@string={0x7, 0x3, "209397d00a"}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x424}}, {0x25, &(0x7f0000000700)=@string={0x25, 0x3, "d237d62b2a3d387adaf36457157a33f041b42ea4856d04e84b6b44eb3b638eb568bef5"}}, {0x4, &(0x7f0000000740)=@lang_id={0x4, 0x3, 0x44a}}]})
syz_usb_ep_write(r5, 0xfc, 0x7e, &(0x7f0000000800)="6b09b8e669a26d094b91e4c96142ddff931fb29ac25a01a424c8a5cee3653a7dac03b7185dc51a9ef7b4d575c7b8c7c25ecc1b12439882ee4d6f535572e170a9bbde9db61fbf17f15402afd837f26fecbd8cbe59830fced847982f4a115314797277238095d26f70ecf8f61dd69957f0c575ed8f78c5211db6fc1019bfbc")
mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
ioctl$F2FS_IOC_GET_FEATURES(r3, 0x8004f50c, &(0x7f0000000880))
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000940)={{{@in6=@initdev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0, <r7=>0x0}}, {{@in=@empty}, 0x0, @in6=@loopback}}, &(0x7f0000000a40)=0xe4)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000a80)={<r8=>0x0, <r9=>0x0}, &(0x7f0000000ac0)=0xc)
mount$overlay(0x0, &(0x7f00000008c0)='./file0\x00', &(0x7f0000000900), 0x80, &(0x7f0000000b00)={[{@metacopy_on}, {@uuid_on}, {@uuid_off}, {@uuid_off}, {@redirect_dir_nofollow}], [{@uid_gt={'uid>', r7}}, {@fowner_gt={'fowner>', r9}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]})
r10 = mq_open(&(0x7f0000000bc0)='/dev/qrtr-tun\x00', 0x800, 0x110, &(0x7f0000000c00)={0x9, 0xc, 0x3, 0x1ff})
mq_notify(r10, &(0x7f0000000c40)={0x0, 0x32, 0x4, @tid=r8})
mq_timedsend(r10, &(0x7f0000000c80)="324e12d82992ac728621da478b197a32d3217dc5dfa330e0722e22d5efa4c02aadd9795771d9c155dc2b90f652cf8895e1ded273827244c2e1762dfd02220f166edfea14d40d16b34c02ce3dd41752cf87fa42ede9d5fb9d097ec87a02b80fca37170e5852a2576a434a66b26df6d55116b4ecae068abf111c5e423ca0e88d3822493ea1d05ddd7f78266769979f2257bfd42a344b8a75f61e2a8544e8ff25890fb75e9bc9cbeb6220eae95a75867a6370cd3a1063435fe5409a9805471f8b547a3099f012435ce851a30cb81b33652d84a20aca33a5abb1fac1f3ca9ede6d3d5ddc1b458ad73b4d9d4ef823ab", 0xed, 0x0, &(0x7f0000000d80))
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000dc0)={0x1, 0x1000, "d4271244f4918148caadb91c910ffb4edf906c6c2c557abc10d2b49d7879668be11653ea7abd8825652b867d0f893786707b2245cbc897415da33d9e8e95b5dd44cfc49c505895f087189ac9b28a2dd5ca3d57d1ecad4f443e74b7ceac43580a6ce1c561a94dc962deb18a857cd23829d9b4375ea98acd6ea90679619c9502843339153e4cbaa849c0b009224154a06311b198f72c38301affeebe169ae841c46abf3c0b937103743b1518fd43e96db00bcb54c32fe252cc908b1ffac4106fb81a510caebc11ecd5079559ea729a0c3d741d7e245810c2a6ef24e3c57fdf9458f3213fec38f85e1ad5506a0ee8eb92da6c517ec8cf8af5824ea8d57621f21b3e0f92989029cd56292507546cc5f40c3e0cf9ac76a0ec0e0628a9c670b9ad97c583d7f774ae3f761f5d7b692880b09c8193c40e6216ab1cc84fe600fa1b9a3d081b3093ae650eee57dd6991f0a53b601bf35ca599f73146c73f99f1c35b5efdb3f6a485e2ea66e02265bc3a9772dd23cb398eb6b4056978773c5808fb5f3d2814556aaa8a2e3220ae4d7b7afcd4e158e4fb603618615cd11728aac5dd305707ed65e0ef6c0e7e07b81541dca8ec96854a4233393ec3a33c3b8b496e6a9f9a53b0fa727ec2ba053468807d3a258483218b165c8ead97494a0e1e46362a484f1a8564dc8715c37b68827b1a582f4ff5d5b283796528eb5d816ed133eb34dad44db2c456abf34e4aed655088b839b980d75cd8a797dfb0b421d159bef767b021dc5de218b2c8a9061a93a93374f915645f928776a196521c7dd3fb79c1f3ffbcfe3acf8be8baa0e662e80d60b23fb2a461556766596b3051c30c9a553a6cb4015c354206a1992a797a1075f9b683d357addc436310b1386522f0f41959b210d86805e28c7831718d8fdda2c2d5188496c4998f78b07552c5747d528a1908918abe9cb3bffc8671f64d582fc37377685d2dd22bbdb1db1a5ec3462ccd1088ec44a1f12b0894e28b8d061bec15cfea3dd7c42c6432d0284d8773dd6ff9dfd6bb870854c42c9adb673f930abf2869777ee8b32b37fcd3b44ef49667703930f31790b94072c084f99aefd1bc83ea312e1d4785597e191adbd6a1167ef16f837d492838f1aee55654f19c8a2966b2a96901bc5f507b613d0bd86cad0ab78df8f4d8aabd52b3c662d98eb13652246687aadf92976b8b4d54b8449669b090e3d6d332cee271e8fff78238867ae813efc10060c13f692fef7c42863980a2ba3b696f316b1c30b43bd7bff0ae84806b5e42da62ad59fbcaf0ef8fdd8d56dec3a3bdf0b2c19edfc923271583401d51e7e47bbf44f2a5b1f95959f4b7b8bd8df22187cfd665112377b09f9c42fa812803666483651010da7fe2bd9a4c03044373f5102f2866ec1a970ebcff5b6d36c158e9f6b3b8136b03b4fa44fb373956bcb5850699cf86d6180c2669e23356acaba94de21c899cdbfc74abfe489dd62a5d06f154d0c970f880cbfddcd4e00a0997fb2b9407016ab44f4d3c92ed9d3baba96f9cddf1b91b42c32d0376008740ef282410bc47e9ad5d40cc19ee4e370f1f08860f9a617e2d445bc13740a30232fbb939491c9054092abb1880dfa7375a58d3a70b5671223d1f2282e2b72548a0cd29d62e347fd390fda4a755d12adb6d8280f92c52429761e72986b3aa90763f76633f76e3709514170545238f5766474db7a6225030c0a027e8b79bf3836e32c83286a8a45b26834254878761d80164ea76425d19745bcd16f267f8142e27dbe1a706490d95c5ecff7b9247830fc5cfea894c72f1873d76b01ec2b181b6f18591867f29fd6ef6fc5901d5bd028340f69cd879b9d5cf612b8e0604088e8ad6a4f11673d6dc92a88e9d5cb29c25295c54e77991da02508e09bf787be817fa2c30466bd1d9145bda6c477ac000b7c5f51da860625403d3d8a3eecf005013893d09cca3f2b73eb7a80486c375db12164419b1ec28bcc765b98dfbd8a06ed4d144c284be865075582e818e9a83bfed9092f6aa85b6cf220d2991e3b06a092f5fdb11c0a6e680d631d42ecc7276db6bef26e0f006471649153e7885ff053da6c8dee03061a66822b1f1000a57d733dd79bdeed4836df017d5c643b4f6905f47528685e455d484377c22b5c8e0e35688f1bc7eb9a44bc33ac05764ccc99fba5c0750e220d16dc7323679e328aa771ba6396eaf1283a806f8d3d40720d0b1755a447ec21ea03fdd3c3adf72050ee9c1a3da8edbe7650b840505f894a8346b6f9b809692164062878eba64f90d7373c0e44e3383edfbf0d872e3e2b08554a12ae2ea1ba1c951ad44718d70b39f627bff99b05f6766d29446880828a08451c051b0f3214eb1ad18bdc3c8d06ddc4914335c710cef6cf45b63422f747145bb9efac074d0811ecf9573170cba86d1afca5957666ffa1946b580e1555e198a8ea9b77e6e222199295064a69e1f69349e7fe5e4de2336b4d76cfdd945ee11228d398e59261a8b18abb1a26feb66c3e75b4c618923bf0805de8226c6cfdd09df4f948ee6ff3132e2f91a2e33cfd46e6a12ed2e11c34e9d9ac7f4bef8f2d6a1ccdf456a9f146b36e1982b4c621f57165ca758134d5ba9683861fd58529808f5656d06fdf0cbb57083edae1819cbf1f8103b7bef7e6150811c62b3540fcb311418d025f576d5d4c4096c24ed4669e03bb25b12a3ae23e1b779420a8213d3b8febaa46b098a7054517ddaa871d93096c5fd36eee57a0c4809c742871a0d52d28fe658312c2d88a2535b3dcd6fbf1d9cbceb06bb55bfb59279e181249946efafa856d200dde2946f3b9d0cfef4388a59e4dcff6abccec288d30dc2e617ca602b1a41d40d53b629a0a7f43b28e25508c67caba64c261eeb1cc510cf7ad4af997c4a7452657bc164357faeec5e59589bfda97b562bff7e0cdf2139290f644372485a6e704f94f7efa47eff412f166feaf3e1f8a41323e45d0340ba4e88432228620c0ded079f65d3e18ebe0de634d4744ed1d648c38fefad496f15ceb0e9d8702fbec2b0f5d8f6ce4471538a2ae58a88af59bf90eccc2ee584e648b1731dc11b71000c63d06ce82ce60058b92047bdf346be0da4660ee3194b3cb7885eae76d1c53ffa68a68966119f5e4a29c916d5724cdf035919157b600c8f4e4c164053a2ce22108c309e40da575bca8ec59626b7a34f0ad1d19a8e42fbd60e325386fd602bdd369c511aafef103981257fa9df9acd0863560869c5c3180c9c509e6b12c9790c374aa00d9bef6d3b94a54292e069204efa3eabbde1305f4fc6646d3faeb6b48838250ea96da02d784b8a8eb60362db7cf9ee5534721a2658556b3e095b5dfb156e32336d49ffe81bec6bf0f82f89eb4a68594f90c224dce66c4034ac04b17e2d216ad7a98e21e02b6830fce4b8adde9ad0afde079c446cde38474822d8612a7b3904fb8ce09a1b667e74fed53c1831cea864761ec792951e61551173e0c5e9ab2b14a256d99989ce2966a1777968cad57a765824ebb792bbc0fd7ed8e2078664af294e90eb4f2515fc733a5daa33de807d2230dfc22192d19ed511d969dfb65ef475da5c0ae39479b0b7a42cb7932628142482cb26f7f9d77b08408dfcb12ab361948335f26816734a69bf5e88ae866413f29f60c32d694ebcb83f888190127620fb1c8e52516cfd5bc459a5ca089b9088a2e1dc6bf6743b3b31a158162e7d1d5106420c5d13c11b937e4e941122d9a7bcbb58525866c5f8ea67409f91acd35f9ccdd510f5f8a48ad3ca9a8c47025bf9844c6a55b66e4319557794405701084d0a1f43d5f640c36b20685db70ccb42231f4c27e0e9e4dad6b507b720fd9f243fbbb003dbf2a820532c478ae5e82f96c0f4eea3910423099e9cda4f79e7a9268c85704e4ef32f28e545eae20861916046f59bf57d7570356dc77090fb781b34eae44e8e180ba821ea8abf1dcecdb09dc3025a84be75551f4b020e651afe7dd32091bbaee9dcc5564301441f16ff48912d0d7aaafe95fef764bf61aa130057d096f14391df3b1a8933dd824f654025e01d48f295aad14e277a30ae4b5606f5e6d22cd9bc90cc7c2ff561badb81f2e437e074597008cf76205d6b32e9605e8b2f10f15dc8f441c5a15a9e2df92109b2face9e488bb74154476aef400a4843fc8a931e92f5d8f5e4e68ea3e32e97a2337d013c6054b6f01c9919d75e72b91407e0b15552b971dfd200c642a5ffe7a9e9ea8c980a40c600ce8f8d9460f48e97665db72acb9832b3e44f71ce99be0827c643f73c6477ea93600d612c8d0dba6a8b0d994af028d61791d6b3e1c546cd13aaeadd4e5a6d56aaa1c783409b33fd94b65bc9d7a4b15d58fe2448b1a386de83c8524d96e9df99a06f801740801d011d86ad40565c0b954dba14f4d8f9be5447dfd84eb921235301cdeb2708ef5cb844f683d593224ea08d65c7d831d4da03ea2d1efbf7afa5e388c654aafea148d7321c989975f88e6370e5e96bc72a91720fe4ef420390bd8c21ab145e13ddb67bb11c281bc9bad7dd08ad51a22f48e6d451df8c1235ff6f60ce6a1f22bf453b44c62050ce087e6cb1c9b1372d9726f284dbeeae9d6caea512d7a5cbea2e824590937d49875a6d1b35bea55962582eed3c90f260e10395204fa0f6fda4e963d916092f144e16803a6e2b56cb2dca8a441985acaf2de672d011baf1678bbb99e6446d38e9a68e52365fffcbf4f3caca811b2c2b764fb87b36b681619dc122001d6e87aa55d8bee538d3c8c854c60223887e927dcca2dc4bd980068328db6469f536707bc9bc9c47392efb22b875e725be2968e2b9853017e1c3f6adb1c9e796efd880bd4dafb6a59882a9df0955ef1db84820c34aa5131ff62361684aa9cc723e92cadf7ae0869570f8a6aadef2e06243f6a0923a700d5f65a92b302781507b9eedca37b1b9ecf2903bdcfd5f80dc9bc62e28fe00c52779863b27e90fa35f8186500f0bffa0fa35a2e6d879ff691827a34f428e4be7d0e5245c8a050f48a3637731381a867f73f96d16338784a18817fb7c49863150ae6a362a8bc470a38c3c435921665e04809fe4b0e3bab8a931ba80902d57c581b0ce18372e8e588953bf5818828ae3a11a50ade99ad0d36b5ae1084434cba1913c35d0cb33d62a80530fdef20aa01717930421f011dc3709a1ab3709e05a591817099ee4cfc2a5f9111a2352dfc4ab912ae27539c21bf6626d6d7572a1d30be499963f38f129f649d60c1ed5cfcd04a0011fb544de765c23a38ac68571a22e3302a9e871c692d2e7e13c1b88ec2367cd935b00f30ef30859552b7e891ae833a86892d5190130a85d222572f94ac09776bdb5dcf6211154d7cef1f49535ff4d0330b7c1c392edd71247cea2556c6ba915a2a7c22d0adca73f918938c810c52dbc7fe3593c8053a944e6c45cc19c9a5539cf1b1c00dcc3f107c97fc11f48d003cab225b2bb55aea5e62c774b140d76de1fefcc04d7dc87f1b1b841fce90be26be7373b9f4ddf9875bccf34f71274491ab71277a3fb22ff04f40a9829639fb9cefd896416dce27968f2a387efa441c900e76a4e699dafc4b570c39236507e5613630c6098f69b5fdc19638adbfd1cf6abc9cad169080145f0f96d5e8bb1539c70e1ecda9fbbc80651c18c98c036013b5eca7b3bd8e3947f08ba0da065836aa6a997e5751ff6a0bfbdefef4503ff466897e94e01147ef90b86977bda6e93bd9566ab95b4d93e5f6cbb21490c83be75afe0d398a1b0686e70dfb7748bc442e8a6dcb6750750ee5d325df8ba2f770200c27f1aae10"})
sendmsg$nl_route(r10, &(0x7f0000001f00)={&(0x7f0000001e00)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001ec0)={&(0x7f0000001e40)=@bridge_getvlan={0x50, 0x72, 0x4, 0x70bd2b, 0x25dfdbff, {0x7, 0x0, 0x0, r6}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x2000c000)
syz_clone3(&(0x7f00000030c0)={0x100000, &(0x7f0000001f40), &(0x7f0000001f80)=<r11=>0x0, &(0x7f0000001fc0), {0x18}, &(0x7f0000002000)=""/82, 0x52, &(0x7f0000002080)=""/4096, &(0x7f0000003080)=[r8, r8, r8, r8, r8, r8, r8], 0x7}, 0x58)
pipe(&(0x7f0000003140)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
ioctl$TUNSETOWNER(r13, 0x400454cc, r7)
lsetxattr$trusted_overlay_opaque(&(0x7f0000003180)='./file0\x00', &(0x7f00000031c0), &(0x7f0000003200), 0x2, 0x0)
mq_notify(r13, &(0x7f0000003240)={0x0, 0x21, 0x4, @tid=r11})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000003480)={&(0x7f0000003280)="a93b814e11f7382593db273b7dbb59621e1db9064b2c05b69b46482f6a540729ca3c2b9a6bf27e4359e3769a60a395bf9be41fd1dc31aff14f20683d68fceaad2a00f1b37a5c68e36a9142bdc43db7d06c5caa3cac0a81709c5c79443412524a40eeaf85b53862d49b7e", &(0x7f0000003300)=""/2, &(0x7f0000003340)="4c99e9c2bb2f4b03d9d1a322426a06c1be067d1cf76b47922fbf6e5f1e5464a7f703fc64615a137d5710e75ae5316c9b1f9f567bf82738fffa821d", &(0x7f0000003380)="03232cee79b9d119e563d3ac02a9d20cceabe4105f0d40c53b5bb4b14be342662a870f57c5dbec4ff30dd9d602e408a7b7a066c87de691964ef9457a4cfcf1e1711ab3fa0488cdb5b54cea3a6a91be3a83326a580223bae0c298828accc8c580da5fbfc2f9901ed886da7ef18a2c50a74a364eefb3cd36bd610a48fd2528d4bc27db8d043aff641b3317e9f2ab98e302d255523d75501fcf7c79ef0d6e05ab7df681484d9a9ed7927964ebb642f93f49d4e3d8bb65da5858c35bd2958a2dfd7e44", 0x80000001, r12, 0x4}, 0x38)
quotactl$Q_GETQUOTA(0xffffffff80000701, &(0x7f00000034c0)=@sg0, r9, &(0x7f0000003500))
ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x4004b100, &(0x7f0000003580)={0x18, 0x0, {0x3, @empty, 'pimreg1\x00'}})

4.226083992s ago: executing program 3 (id=726):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c000000d4ccbef3ae8fe9805e9f10", @ANYBLOB="0040000080a0040004002b8008001b"], 0x2c}}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r5, 0x330b)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r7=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x3, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r7, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$inet6(r8, &(0x7f0000001000)={&(0x7f0000000a40)={0xa, 0x4e21, 0x7f, @mcast1, 0x1ff}, 0x1c, 0x0, 0x0, &(0x7f0000000f40)=[@dstopts_2292={{0x14, 0x29, 0x4, {0x1}}}], 0x14}, 0x800)

3.5310549s ago: executing program 0 (id=729):
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x80000000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xf}, 0x1c)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2, &(0x7f0000000800)=ANY=[@ANYBLOB="85008055000000050000009501ff9f00fe698183243c58b36fa913884ad4f44cd7139a8190ef2b3e694060585600b2b1d7cf96a513a90e8bfb8c191078e72016dd117bca0a31ca7995d055af778e555f4d893370d8fa28e7f247"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='virtio_transport_alloc_pkt\x00', r6}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(0xffffffffffffffff, 0x28, 0x1, &(0x7f00000001c0)=0x8100000000000009, 0x8)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r9 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580)='X', 0x1, 0xfffffffffffffffe)
r10 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f0000000880)="ff7f003deeb14c7df93ea5ed19e2305fd4230c5e0fde38928bf7786c0cf03fd244a51e2b96a0bc5d1e75e6a30e71650774ca97d7ec065c029eb5b558e9923a6dd249180a9c6fa6cad76f7b0f", 0x4c, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r9, r10, r8}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={'sha1-generic\x00'}})
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x16, 0x14, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x9}, {}, {}, [@ldst={0x3, 0x2, 0x4, 0x0, 0x7, 0xffffffffffffffe0, 0x4237ec21d2974be}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8}, @map_fd={0x18, 0xb, 0x1, 0x0, 0x1}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000340)='GPL\x00', 0x415, 0x14, &(0x7f0000000440)=""/20, 0x41000, 0xd, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000680)={0x3, 0x9, 0x800, 0x1000}, 0x10, 0x0, r7, 0x1, 0x0, &(0x7f0000000700)=[{0x8, 0x2, 0xf, 0x9}], 0x10, 0x250, @void, @value}, 0x94)

3.250728192s ago: executing program 3 (id=730):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0x0, 0x200})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newtaction={0x14c, 0x30, 0x1, 0x0, 0x0, {}, [{0x138, 0x1, [@m_sample={0xdc, 0xc, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0xffffffff}, @TCA_SAMPLE_RATE={0x8, 0x3, 0xb}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x9, 0x8, 0x20000000, 0xffffffff, 0x9}}]}, {0x88, 0x6, "c65aa01eafcf82934da84dea9cc3627e5537a3b77cc09633d74e47e6571efcbd03573278399e722c3c05c19325f29cc94b88f284b7eb3c482fb30a6da57f7ea71652a805e6e4e4e1308c5e47725c08eda0ce08f928399f3282d573a68c9e89344954afa03ca6e764c994c648a16498d3126b2606223d683e99965562269729c320b21fe2"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}, @m_ife={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x7, 0x0, 0x2}, 0x7c}}]}, {0x14, 0x6, "9050a392272332ba3c225eb0e20e0109"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x14c}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = socket(0x2c, 0x4, 0x0)
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f0000001640), 0x0, &(0x7f00000015c0)=ANY=[])
chdir(&(0x7f0000000300)='./file0\x00')
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="747259ac73380779f4a5cfc0d4ee6ac3be8675737465642ee365d3b78346819f"])
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
connect$bt_rfcomm(r7, &(0x7f0000000340)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x80}, 0xa)
bind$inet(r8, &(0x7f0000000480)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r8, &(0x7f00000004c0)="ab", 0xff04, 0xc0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)

2.710986257s ago: executing program 1 (id=731):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0x0, 0x200})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newtaction={0x14c, 0x30, 0x1, 0x0, 0x0, {}, [{0x138, 0x1, [@m_sample={0xdc, 0xc, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0xffffffff}, @TCA_SAMPLE_RATE={0x8, 0x3, 0xb}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x9, 0x8, 0x20000000, 0xffffffff, 0x9}}]}, {0x88, 0x6, "c65aa01eafcf82934da84dea9cc3627e5537a3b77cc09633d74e47e6571efcbd03573278399e722c3c05c19325f29cc94b88f284b7eb3c482fb30a6da57f7ea71652a805e6e4e4e1308c5e47725c08eda0ce08f928399f3282d573a68c9e89344954afa03ca6e764c994c648a16498d3126b2606223d683e99965562269729c320b21fe2"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}, @m_ife={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x7, 0x0, 0x2}, 0x7c}}]}, {0x14, 0x6, "9050a392272332ba3c225eb0e20e0109"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x14c}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = socket(0x2c, 0x4, 0x0)
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f0000001640), 0x0, &(0x7f00000015c0)=ANY=[])
chdir(&(0x7f0000000300)='./file0\x00')
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="747259ac73380779f4a5cfc0d4ee6ac3be8675737465642ee365d3b78346819f"])
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
connect$bt_rfcomm(r7, &(0x7f0000000340)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x80}, 0xa)
bind$inet(r8, &(0x7f0000000480)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r8, &(0x7f00000004c0)="ab", 0xff04, 0xc0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)

2.183425252s ago: executing program 0 (id=733):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f00000002c0)={0x1, 0x800, 0x9, 0x3, 0x5})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b52, &(0x7f0000000180))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
socket(0x840000000002, 0x3, 0xff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
syz_open_dev$radio(0x0, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000640), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd74)
r5 = syz_io_uring_setup(0x1e, &(0x7f0000000300)={0x0, 0x8402, 0x800, 0x1000001, 0xe7fffffe}, 0x0, &(0x7f0000000680))
openat$qat_adf_ctl(0xffffff9c, &(0x7f0000000040), 0x40040, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x140, 0x0, 0x0, 0x4)
io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0)
timer_create(0x5, &(0x7f00000000c0)={0x0, 0x9, 0x2, @thr={&(0x7f0000000580)="13ad2e7a412fe17f82b84ced453a59a734a237724a3f42fd3ea0e7736d424eef99ec448ef903ef638f070ca82c8fee6d57ecdea20bc24c9944b592d079ebe6724b3538625b554c3c1facc83f9f2efb378ccb2d77485779b32f7996427bc36aba4bee784daa6426df9209d88ceba1df1d79efcd5624db5c43686ef1d222a26225995feac135ad298fce157f6104ac9d8ecd680fd12ab255e3b65342244e1862f300bba10d9e96e42e8272c21cb5a9ae567e9b7f2dff", &(0x7f0000000740)="588decc425d95859f53cfc3b628ff6429f1e39dadc15be503c0febe78c193f7c1e9dbef5c5819f57c66f37837750a7592d12d14ab74b029f124d1238e78541a714222df8a404e801233f2cc1c50984628ea0d40af78f2f276b4dbc737f0e9d86ff5dff06003f6f3aebcf6f175865ad604a547fd0c294d6e424e929a6cc1a2457e3b5bcdcb7170c33695c71e945508f85975a10b1e71231f6d24793cfff9979998992ccadb65a79477d44deb8a44640d0468df906078bc86f82d63999d984"}}, &(0x7f00000002c0))
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e4, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x20, 0x0)

2.112710162s ago: executing program 3 (id=734):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_set$pid(0x2, 0x0, 0x6000)
syz_clone(0x80280, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0xe, &(0x7f00000001c0))
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x14000180, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x3, 0x9, 0x8, 0x6, 0x3}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket(0x2, 0x80805, 0x0)
setreuid(0x0, 0xee01)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000000)={r5, 0x8}, &(0x7f0000000040)=0x8)
io_setup(0x2, &(0x7f0000000200)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80000000}])
io_getevents(r6, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0)
io_submit(r6, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040))
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x8, 0x530, 0xc, 0xfffffffffffffffd, 0x59c})

1.630494842s ago: executing program 2 (id=735):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_set$pid(0x2, 0x0, 0x6000)
syz_clone(0x80280, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0xe, &(0x7f00000001c0))
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x14000180, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x3, 0x9, 0x8, 0x6, 0x3}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket(0x2, 0x80805, 0x0)
setreuid(0x0, 0xee01)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000000)={r5, 0x8}, &(0x7f0000000040)=0x8)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x80000000}])
io_getevents(0x0, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0)
io_submit(0x0, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040))
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x8, 0x530, 0xc, 0xfffffffffffffffd, 0x59c})

1.463560513s ago: executing program 0 (id=736):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0xa, @void}, 0x10)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000bc0)={0x2, 0x0, [{0x8000000, 0x7b, &(0x7f00000001c0)=""/123}, {0x0, 0x3, &(0x7f0000000800)=""/3}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r3, 0xe0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001640)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000001880), 0x40101, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
sigaltstack(&(0x7f0000000a40)={0x0, 0x40000003}, 0x0)
r7 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r7, 0x0)
ioctl$BLKROSET(r7, 0x125d, &(0x7f0000000000)=0x4)
ioctl$BLKRRPART(r7, 0x125f, 0x0)

1.396253397s ago: executing program 1 (id=737):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x1e2e81)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000100)={0x80, 0x1, 'client1\x00', 0xffffffff80000004, "00000000ffffffe3", "e4a18560d99f00", 0x800000})
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x2, 0x0, {0x0, 0x1}, {0x45, 0x2}, @period={0x59, 0xfffc, 0x0, 0x0, 0x4, {0x10, 0xffff, 0x1, 0x1}, 0x0, 0x0}})
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x12d8)

1.191193031s ago: executing program 1 (id=738):
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f00000000c0)={0x3, 0x98f90f, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
userfaultfd(0x801)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r3 = dup(r0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
connect$vsock_stream(r3, &(0x7f0000000180)={0x28, 0x0, 0x2711, @hyper}, 0x10)
listen(0xffffffffffffffff, 0x6)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x4000000000080001, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140), 0x0, 0x6102)

960.230927ms ago: executing program 1 (id=739):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000000140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="4fda85ffdded8e29eac87015b17d1820"])
read$FUSE(r0, &(0x7f00000093c0)={0x2020}, 0x116c)
socket$inet6(0xa, 0x5, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mq_timedsend(0xffffffffffffffff, &(0x7f0000000900)="9f1cae6c1f481ed8497d0dee7899b842ef04eb9a2f1648c74e58e86187c5df687285256b402c9773c11b1890f25da73a9d2d99e147cc22fc3cd0b419613f0f0c760c302e047e631f499cdeeef2781d8337a4ef930bea84cdf94d0f0197ab62a912337d75bed7e2a533c2a4fc0cee49222f34f8d57aa84c5ae3d601d060145a9e4cd4fdda49da344fddf7b169e1e931a724096961879b16c44b211cf521eed1dd5fbe0855353a2b4d2781dff7967d9c06df78c12d4a09f93b731dc8a098926d2fb7ece46eb54de5d9fb901818a0199ef95cf227d7adc057", 0xd7, 0x2, &(0x7f00000002c0)={0x0, 0x3938700})
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0)
read(r3, &(0x7f0000001240)=""/4096, 0x1000)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_emit_ethernet(0x66, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0286dd607428dd00308800fe8000000000000000000000000000bbff02000000000000b72e0000000000000001040190780000000563"], 0x0)
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, &(0x7f0000000180)={0x1, 0x2, 0x1000, 0xb5, &(0x7f0000000040)="e38de581bdbbd5a34ba645cd543a863afdd9856c491b7a1f81132b2be4ce891e7f3c49d8bd9b98ba6ef4e1e2f30c36acde414fdaae70ddcf4def1a73c107501a857eeea4a47ad6eff562fe5173809b564c3c284e33ed0ac61a65cdadd83f667050b13592b390d7903861665429b5d6e8d56d7f727d24058a8213b4d658568f01b63d0d68b81cd3f45810ea41051e86430cb7855b0ecd8e6dedd059d572448172c5614b487d38951d5731ae57779382d6eb12e76a87", 0x0, 0x0, 0x0})
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b88f8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ptrace$getregset(0x4205, r4, 0x1, &(0x7f0000000080)={&(0x7f00000000c0)=""/120, 0x78})

654.001463ms ago: executing program 3 (id=740):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000140)=0x200000000)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x22048854, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r4)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x4c, r5, 0x607, 0x70bd26, 0x25dfdbfc, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0xfffffffd}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0x555f}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8801}, 0x80)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00', @ANYRES16=r6], 0x38}, 0x1, 0xf0ffff, 0x0, 0x8004}, 0x8000)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan4\x00', <r7=>0x0})
r8 = io_uring_setup(0x61b0, &(0x7f0000000400)={0x0, 0x2a80, 0x800, 0x3, 0xc})
syz_io_uring_setup(0x5f63, &(0x7f00000004c0)={0x0, 0xc9a9, 0x2000, 0x3, 0x7a, 0x0, r8}, 0x0, &(0x7f0000000340))
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xd996d7525a59ef66}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r6, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x40044)
sendto$inet(r3, &(0x7f00000012c0)='\f', 0x1, 0x11, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000021080)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x20, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x78, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x5c, 0xc, 0x0, 0x1, [{0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8018}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2f3c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3e48d656}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2a3e8324}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6ab473b}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3792b39}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5ff6e523}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x172033a0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xbe13c1}]}, {0x4}]}, @NLBL_CIPSOV4_A_MTYPE={0x8}]}, 0x78}}, 0x20008000)
prctl$PR_SET_SECCOMP(0x41, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x41, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYRES64, @ANYRESOCT=r0, @ANYRES8=r0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000fdffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000048000200656362286369706865725f6e756c6c2900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00001006d643500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0030000fd2f480f2e2ebb04183ebcaed78f40b20e8473b935f6cf6f3d2c402e34b339e1b0cd2b29cd33e8f258cf85e6c1348f664a094fe82198b2247fe438734b6b8a3542814e02b742120e6f30979c39395eff53a948009f9c5b73cc002ca5e0e93d1a1730a1593d11d726b04cf06a436e84581a4f7369563bd6ab"], 0x1f8}}, 0x4000008)

553.38345ms ago: executing program 2 (id=741):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x8, 0x200682)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b8, &(0x7f00000004c0)={0x8, 0xd4, 0x40000008})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0x1, 0x1}, 0xfffffffffffffd19)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
copy_file_range(r0, &(0x7f0000000040), 0xffffffffffffffff, &(0x7f00000002c0)=0x1, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x3c1, 0x3, 0x518, 0x340, 0x18c, 0x203, 0x340, 0x19030000, 0x450, 0x2e0, 0x2e0, 0x450, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2f8, 0x340, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {0x0, 0x9}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x8}, {0x0, 0x0, 0xfd}, {}, {}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfc}, {}, {0x0, 0x0, 0x0, 0x4754884}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x80, 0x0, 0x1000}, {}, {0x100}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x10}]}}, @inet=@rpfilter={{0x24}, {0xe}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private, 'veth1_macvtap\x00'}}}, {{@uncond, 0x0, 0xc8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x574)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=<r3=>0x0)
sched_setscheduler(r3, 0x6, &(0x7f00000000c0)=0x10000)
r4 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r4, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
listen(r4, 0x2)
accept4(r4, 0x0, 0x0, 0x0)
shutdown(r4, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000400)={&(0x7f0000000300)=[0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0], &(0x7f0000000380)=[<r5=>0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x2, 0x1, 0x6})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000440)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[{}, {}], &(0x7f0000000140)=[0x0, 0x0], &(0x7f0000000280)=[0x0], 0x2, 0x2, 0x7, 0x0, r5})

495.861073ms ago: executing program 3 (id=742):
socket$inet(0x2, 0x4000000000000001, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280409c, &(0x7f0000000280)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r3 = socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
preadv(r7, &(0x7f0000002100)=[{&(0x7f00000007c0)=""/80, 0x50}], 0x1, 0x1fffff, 0xa3ab)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r8=>0x0})
sendto$inet6(0xffffffffffffffff, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fe", 0xaf, 0x880, 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'hsr0\x00', <r9=>0x0})
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4)
sendto$packet(r3, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff00600300000000892f143488a87f43055762cb80948864113b022543424aa608", 0xfef2, 0x0, &(0x7f0000000a80)={0x11, 0x88a8, r9, 0x1, 0x0, 0x6, @multicast}, 0x14)
read$FUSE(r2, &(0x7f00000093c0)={0x2020, 0x0, <r10=>0x0, <r11=>0x0, <r12=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, r10, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r13 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r13, 0x0, 0x0)
syz_fuse_handle_req(r2, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001140)={0x150, 0x0, 0x0, [{{0x3, 0x2, 0x37a, 0x6, 0x9b, 0xc4b0, {0x0, 0x4, 0x8fb, 0xec3, 0x7, 0x8, 0x7f, 0xfffff5e3, 0x1, 0xa000, 0x5, r11, r12, 0xfffff057, 0xa}}, {0x4, 0x0, 0x8, 0x800, 'rootmode'}}, {{0x3, 0x2, 0x900000000000000, 0x1ff, 0x2, 0x2, {0x4, 0x87, 0x0, 0xffffffffffffffff, 0x2, 0xffffffffffffff81, 0x80, 0x5, 0x402, 0xa000, 0xff, r11, 0x0, 0x4, 0x4a}}, {0x6, 0x10000, 0x8, 0x2, 'rootmode'}}]}, 0x0, 0x0, 0x0})
splice(r1, 0x0, r0, 0x0, 0x1, 0x0)
fcntl$setpipe(r0, 0x408, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r14 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r14)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)

451.21088ms ago: executing program 2 (id=743):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xffffffff, 0x3, &(0x7f0000006680))
setxattr$incfs_metadata(&(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x6)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
capset(&(0x7f0000000180)={0x20080522}, &(0x7f0000000240))
sendmsg(r0, &(0x7f0000000500)={&(0x7f0000000000)=@un=@file={0x0, './file0\x00'}, 0x80, 0x0, 0x0, &(0x7f0000000a80)=[{0xc, 0x1, 0xc}], 0xc}, 0x0)

391.091864ms ago: executing program 2 (id=744):
r0 = socket$kcm(0x10, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x16, &(0x7f0000000280)=ANY=[@ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='xprtrdma_err_chunk\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r3, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)=ANY=[@ANYRESDEC=r2], 0x14}, 0x1, 0x0, 0x0, 0x886d}, 0x4004010)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "07bbc136c963254c66c42afcdd7d26931300e264c4feb642c8c42699f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f0000000140)={<r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0x0)
keyctl$chown(0x4, r4, 0x0, 0xee01)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
getpgid(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$PPPIOCGFLAGS1(r7, 0x8004745a, &(0x7f0000000140))
r8 = openat$vcsu(0xffffff9c, &(0x7f00000002c0), 0x84280, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x11, &(0x7f0000000940)={0x0, 0x45}}, 0x20000001)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r9 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r9, 0x29, 0x20, &(0x7f0000000180)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x1, 0x3, 0x8, 0x0, 0x4}, 0x20)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000440)=ANY=[], 0x8)
setsockopt$inet6_int(r7, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)

208.623392ms ago: executing program 2 (id=745):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$userio(0xffffff9c, &(0x7f00000000c0), 0x200000, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @loopback, 0x4e25, 0x3, 'lblc\x00', 0x1, 0x2, 0x6e}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'dh\x00', 0x2d, 0x9, 0x77}, {@dev={0xac, 0x14, 0x14, 0x23}, 0x4e23, 0x2, 0x100000cd, 0x12d5f, 0x3}}, 0x44)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x200000100000011, 0x1, 0x5)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$NFC_CMD_FW_DOWNLOAD(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="01002cbd7000000000101500000008000100", @ANYRES16=r0, @ANYBLOB="4b69482939b776f2da73538c3ec2559d8e2bd70fe64dfa5dc91e93be5744a12f5e9a551b8f1b114b81"], 0x1c}, 0x1, 0x200000000000000, 0x0, 0x30004010}, 0x24000880)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
mkdir(&(0x7f0000000200)='./file0\x00', 0x1c2)
r4 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r4, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000340001002dbd7000fedbdb2501000000080007000200000036203f13f911ca884a2e80586794f652d80f978e75ba20cc5217aae926b6d0ccf303248e7cd0ff3493ee53edc25763521a978d9d2e05000000"], 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x40400c0)
socket(0x10, 0x803, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
socket$alg(0x26, 0x5, 0x0)

156.762028ms ago: executing program 3 (id=746):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6000000002"], 0x60}, 0x1, 0x0, 0x0, 0x20000851}, 0x4004c004)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x3}, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x4)
write(r2, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)
r3 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600))
ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000180))
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@arm64={0x7f, 0x2, 0x0, '\x00', 0x7})
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_open_dev$sndpcmc(&(0x7f000000cc40), 0x3, 0x8000)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r7, 0xc25c4111, &(0x7f000000cc80)={0xf61, [[0x0, 0x5, 0x0, 0x5, 0x0, 0x4, 0xfffffffe, 0x5], [0x804, 0x6, 0x3, 0x3, 0x333, 0x27, 0x3000000, 0x1], [0x3, 0xb, 0xad, 0x9, 0x1, 0x6, 0x5, 0x73]], '\x00', [{0xa6, 0x2b, 0x1, 0x1, 0x0, 0x1}, {0x9, 0x8, 0x1, 0x1, 0x1}, {0x80, 0x3, 0x1, 0x0, 0x0, 0x1}, {0x104, 0x400005, 0x0, 0x1, 0x1}, {0x401, 0xfae, 0x1, 0x1}, {0x4, 0x3, 0x0, 0x0, 0x1}, {0xdfffff05, 0xff, 0x0, 0x1, 0x1}, {0x2, 0x4, 0x0, 0x1, 0x0, 0x1}, {0x7fff, 0x2, 0x1, 0x1, 0x1}, {0x2, 0x9, 0x1}, {0x5, 0xfff, 0x0, 0x1, 0x0, 0x1}, {0xffffff00, 0x40000, 0x1, 0x1, 0x1}], '\x00', 0x8412})
r8 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x4]}, 0x8)
tkill(r8, 0x27)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r9, &(0x7f0000000100)={0x1f, 0x3}, 0x6)
ioctl$sock_bt_hci(r9, 0x800448d5, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYRES64=r5], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x13)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00'}, 0x18)

59.370211ms ago: executing program 2 (id=747):
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f00000000c0)={0x3, 0x98f90f, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
userfaultfd(0x801)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r3 = dup(r0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
connect$vsock_stream(r3, &(0x7f0000000180)={0x28, 0x0, 0x2711, @hyper}, 0x10)
listen(0xffffffffffffffff, 0x6)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x4000000000080001, 0x0)
syz_open_dev$usbmon(&(0x7f0000000140), 0x0, 0x6102)

0s ago: executing program 0 (id=748):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x3)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc7822989d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e56724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800060000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
close(r2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3dd0e000)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r5, 0x0, 0xdfffffffffffffff}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0xffffff95, 0x0, 0xffffffffffffffff, 0xd, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
read$FUSE(r1, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x800)
dup(r7)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002640)=ANY=[@ANYBLOB="14fbee000000000000bd7000ffdbdf2512000000"], 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0xc804)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009c0000000b"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x14, &(0x7f0000000a00)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='sys_enter\x00', r10, 0x0, 0x6}, 0x18)

kernel console output (not intermixed with test programs):

nce. Setting the MTU to 1560 would solve the problem.
[   47.756001][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.802602][ T5954] hsr_slave_0: entered promiscuous mode
[   47.805966][ T5954] hsr_slave_1: entered promiscuous mode
[   47.819909][ T5949] hsr_slave_0: entered promiscuous mode
[   47.822944][ T5949] hsr_slave_1: entered promiscuous mode
[   47.825409][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.828299][ T5949] Cannot create hsr debugfs directory
[   47.968912][ T5941] hsr_slave_0: entered promiscuous mode
[   47.971144][ T5941] hsr_slave_1: entered promiscuous mode
[   47.973230][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.975832][ T5941] Cannot create hsr debugfs directory
[   47.990486][ T5940] hsr_slave_0: entered promiscuous mode
[   47.993832][ T5940] hsr_slave_1: entered promiscuous mode
[   47.996809][ T5940] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.999977][ T5940] Cannot create hsr debugfs directory
[   48.274608][ T5948] Bluetooth: hci1: command tx timeout
[   48.274615][ T5305] Bluetooth: hci2: command tx timeout
[   48.274642][ T5957] Bluetooth: hci0: command tx timeout
[   48.275167][   T63] Bluetooth: hci3: command tx timeout
[   48.352672][ T5954] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   48.361801][ T5954] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   48.368960][ T5954] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   48.379400][ T5954] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   48.414557][ T5949] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   48.421522][ T5949] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   48.428412][ T5949] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   48.435234][ T5949] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   48.496857][ T5940] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   48.500958][ T5940] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   48.522345][ T5940] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   48.529133][ T5940] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   48.582096][ T5941] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   48.589565][ T5941] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   48.596063][ T5941] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   48.602492][ T5941] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   48.616335][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.649745][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.663856][ T5954] 8021q: adding VLAN 0 to HW filter on device team0
[   48.686488][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.689658][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.707445][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   48.717953][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.720331][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.725221][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.728229][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.747654][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.750595][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.781353][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.814855][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.829858][ T5940] 8021q: adding VLAN 0 to HW filter on device team0
[   48.842812][   T99] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.845647][   T99] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.858949][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[   48.867041][   T99] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.870139][   T99] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.881448][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.883711][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.906972][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.909714][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.919810][ T5940] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   48.973297][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.019015][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.035325][ T5954] veth0_vlan: entered promiscuous mode
[   49.047508][ T5954] veth1_vlan: entered promiscuous mode
[   49.079265][ T5949] veth0_vlan: entered promiscuous mode
[   49.085972][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.100714][ T5949] veth1_vlan: entered promiscuous mode
[   49.108386][ T5954] veth0_macvtap: entered promiscuous mode
[   49.122275][ T5954] veth1_macvtap: entered promiscuous mode
[   49.146374][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.152788][ T5940] veth0_vlan: entered promiscuous mode
[   49.161669][ T5940] veth1_vlan: entered promiscuous mode
[   49.169550][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.175080][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.180518][ T5949] veth0_macvtap: entered promiscuous mode
[   49.186922][ T5954] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.189877][ T5954] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.192811][ T5954] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.196678][ T5954] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.202923][ T5949] veth1_macvtap: entered promiscuous mode
[   49.236094][ T5941] veth0_vlan: entered promiscuous mode
[   49.241903][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.253089][ T5941] veth1_vlan: entered promiscuous mode
[   49.261393][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.280101][ T5949] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.283845][ T5949] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.288434][ T5949] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.292034][ T5949] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.312521][ T5940] veth0_macvtap: entered promiscuous mode
[   49.320217][ T5940] veth1_macvtap: entered promiscuous mode
[   49.325153][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.328759][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.348418][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.371204][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.376111][   T99] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.379037][   T99] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.393744][ T5940] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.398119][ T5940] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.400997][ T5940] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.403774][ T5940] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.408843][ T5941] veth0_macvtap: entered promiscuous mode
[   49.421519][ T5941] veth1_macvtap: entered promiscuous mode
[   49.432447][   T99] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.436553][   T99] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.455542][ T5954] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   49.480778][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.483512][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.493464][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.528513][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.539780][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.543068][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.543679][ T5941] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.550371][ T5941] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.552310][ T6009] =======================================================
[   49.552310][ T6009] WARNING: The mand mount option has been deprecated and
[   49.552310][ T6009]          and is ignored by this kernel. Remove the mand
[   49.552310][ T6009]          option from the mount to silence this warning.
[   49.552310][ T6009] =======================================================
[   49.553829][ T5941] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.569367][ T5941] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.603876][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.607818][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.630357][ T6009] netfs: Couldn't get user pages (rc=-14)
[   49.638377][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.641431][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.663733][   T99] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.668280][   T99] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.743525][ T6018] 9pnet_virtio: no channels available for device syz
[   49.755298][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.785042][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.788601][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.792226][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.101511][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   50.102673][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   50.231591][ T6021] block device autoloading is deprecated and will be removed.
[   50.246053][ T6002] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   50.354208][ T5305] Bluetooth: hci3: command tx timeout
[   50.354634][ T5948] Bluetooth: hci1: command tx timeout
[   50.356687][   T63] Bluetooth: hci0: command tx timeout
[   50.364248][ T5305] Bluetooth: hci2: command tx timeout
[   50.414308][ T6002] usb 7-1: Using ep0 maxpacket: 8
[   50.423212][ T6002] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[   50.428752][ T6002] usb 7-1: config 179 has no interface number 0
[   50.434388][ T6002] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[   50.437817][ T6002] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[   50.455899][ T6002] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   50.459530][ T6002] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[   50.462913][ T6002] usb 7-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   50.469367][ T6002] usb 7-1: config 179 interface 65 has no altsetting 0
[   50.471715][ T6002] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[   50.474829][ T6002] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.488206][ T6002] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input5
[   50.774360][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.894249][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.940639][ T6041] deleting an unspecified loop device is not supported.
[   50.961774][ T6041] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   51.069402][ T6044] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   51.204296][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.264307][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   52.248803][ T6055] mmap: syz.3.13 (6055) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   52.435148][ T5305] Bluetooth: hci0: command tx timeout
[   52.435174][   T63] Bluetooth: hci2: command tx timeout
[   52.439789][ T5948] Bluetooth: hci3: command tx timeout
[   52.439826][ T5957] Bluetooth: hci1: command tx timeout
[   52.933677][ T6062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13'.
[   52.938897][ T6062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13'.
[   52.977153][    C2] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   52.977202][   T61] usb 7-1: USB disconnect, device number 2
[   52.982079][   T61] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   53.157246][ T6067] netlink: 40 bytes leftover after parsing attributes in process `syz.1.16'.
[   53.234611][ T6070] 9pnet_virtio: no channels available for device syz
[   53.388860][ T6074] 9pnet_virtio: no channels available for device syz
[   54.068628][ T6087] 9pnet_virtio: no channels available for device syz
[   54.514212][ T5957] Bluetooth: hci2: command tx timeout
[   54.514321][ T5305] Bluetooth: hci3: command tx timeout
[   54.528731][ T5305] Bluetooth: hci1: command tx timeout
[   54.528742][ T5957] Bluetooth: hci0: command tx timeout
[   55.334808][ T6111] netfs: Couldn't get user pages (rc=-14)
[   55.406703][ T6113] 9pnet_virtio: no channels available for device syz
[   55.776393][ T6127] Bluetooth: MGMT ver 1.23
[   56.283580][ T6139] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[   56.332385][ T6140] raw_sendmsg: syz.3.35 forgot to set AF_INET. Fix it!
[   56.369324][ T6142] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   56.677275][ T6150] 9pnet_virtio: no channels available for device syz
[   56.842074][ T6153] Zero length message leads to an empty skb
[   57.291634][ T6163] 9pnet_virtio: no channels available for device syz
[   57.994547][ T6176] FAULT_INJECTION: forcing a failure.
[   57.994547][ T6176] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   57.999054][ T6176] CPU: 2 UID: 0 PID: 6176 Comm: syz.0.46 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   57.999068][ T6176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   57.999075][ T6176] Call Trace:
[   57.999079][ T6176]  <TASK>
[   57.999083][ T6176]  dump_stack_lvl+0x16c/0x1f0
[   57.999101][ T6176]  should_fail_ex+0x512/0x640
[   57.999118][ T6176]  _copy_to_user+0x32/0xd0
[   57.999135][ T6176]  simple_read_from_buffer+0xcb/0x170
[   57.999152][ T6176]  proc_fail_nth_read+0x197/0x270
[   57.999173][ T6176]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   57.999205][ T6176]  ? rw_verify_area+0xcf/0x680
[   57.999229][ T6176]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   57.999254][ T6176]  vfs_read+0x1e1/0xc60
[   57.999272][ T6176]  ? fdget_pos+0x2a2/0x370
[   57.999292][ T6176]  ? __pfx_vfs_read+0x10/0x10
[   57.999308][ T6176]  ? find_held_lock+0x2b/0x80
[   57.999329][ T6176]  ? __fget_files+0x20e/0x3c0
[   57.999343][ T6176]  ksys_read+0x12a/0x250
[   57.999353][ T6176]  ? __pfx_ksys_read+0x10/0x10
[   57.999364][ T6176]  ? rcu_is_watching+0x12/0xc0
[   57.999384][ T6176]  __do_fast_syscall_32+0x7c/0x3a0
[   57.999405][ T6176]  do_fast_syscall_32+0x32/0x80
[   57.999426][ T6176]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   57.999444][ T6176] RIP: 0023:0xf70be579
[   57.999459][ T6176] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   57.999474][ T6176] RSP: 002b:00000000f50ae590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   57.999489][ T6176] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50ae620
[   57.999501][ T6176] RDX: 000000000000000f RSI: 00000000f7422ff4 RDI: 0000000000000000
[   57.999510][ T6176] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   57.999518][ T6176] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   57.999527][ T6176] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   57.999549][ T6176]  </TASK>
[   58.263338][ T6193] FAULT_INJECTION: forcing a failure.
[   58.263338][ T6193] name failslab, interval 1, probability 0, space 0, times 1
[   58.268724][ T6193] CPU: 3 UID: 0 PID: 6193 Comm: syz.2.54 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   58.268740][ T6193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   58.268746][ T6193] Call Trace:
[   58.268751][ T6193]  <TASK>
[   58.268755][ T6193]  dump_stack_lvl+0x16c/0x1f0
[   58.268772][ T6193]  should_fail_ex+0x512/0x640
[   58.268788][ T6193]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   58.268799][ T6193]  should_failslab+0xc2/0x120
[   58.268812][ T6193]  __kmalloc_cache_noprof+0x6a/0x3e0
[   58.268823][ T6193]  ? nfnl_err_add+0x4e/0x350
[   58.268841][ T6193]  nfnl_err_add+0x4e/0x350
[   58.268868][ T6193]  nfnetlink_rcv_batch+0xc95/0x2330
[   58.268919][ T6193]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[   58.268933][ T6193]  ? __local_bh_enable_ip+0xa4/0x120
[   58.268949][ T6193]  ? __dev_queue_xmit+0x896/0x43e0
[   58.268959][ T6193]  ? __dev_queue_xmit+0x8b7/0x43e0
[   58.268974][ T6193]  ? __pfx___dev_queue_xmit+0x10/0x10
[   58.268997][ T6193]  ? __nla_parse+0x40/0x60
[   58.269008][ T6193]  nfnetlink_rcv+0x3c1/0x430
[   58.269018][ T6193]  ? __pfx_nfnetlink_rcv+0x10/0x10
[   58.269031][ T6193]  netlink_unicast+0x53d/0x7f0
[   58.269048][ T6193]  ? __pfx_netlink_unicast+0x10/0x10
[   58.269066][ T6193]  netlink_sendmsg+0x8d1/0xdd0
[   58.269083][ T6193]  ? __pfx_netlink_sendmsg+0x10/0x10
[   58.269106][ T6193]  ? __import_iovec+0x1dd/0x650
[   58.269125][ T6193]  ____sys_sendmsg+0xa95/0xc70
[   58.269142][ T6193]  ? __pfx_____sys_sendmsg+0x10/0x10
[   58.269156][ T6193]  ? get_compat_msghdr+0x11a/0x170
[   58.269177][ T6193]  ___sys_sendmsg+0x134/0x1d0
[   58.269190][ T6193]  ? __pfx____sys_sendmsg+0x10/0x10
[   58.269208][ T6193]  ? find_held_lock+0x2b/0x80
[   58.269231][ T6193]  __sys_sendmsg+0x16d/0x220
[   58.269243][ T6193]  ? __pfx___sys_sendmsg+0x10/0x10
[   58.269261][ T6193]  ? rcu_is_watching+0x12/0xc0
[   58.269277][ T6193]  __do_fast_syscall_32+0x7c/0x3a0
[   58.269291][ T6193]  do_fast_syscall_32+0x32/0x80
[   58.269303][ T6193]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   58.269316][ T6193] RIP: 0023:0xf7fc1579
[   58.269325][ T6193] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   58.269334][ T6193] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   58.269344][ T6193] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[   58.269351][ T6193] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   58.269356][ T6193] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   58.269362][ T6193] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   58.269367][ T6193] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   58.269380][ T6193]  </TASK>
[   58.451938][ T6204] 9pnet_virtio: no channels available for device syz
[   59.385571][ T6230] input: syz0 as /devices/virtual/input/input7
[   59.687852][ T6243] netlink: 40 bytes leftover after parsing attributes in process `syz.0.66'.
[   59.748863][   T29] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   59.771849][   T61] libceph: connect (1)[c::]:6789 error -101
[   59.774861][   T61] libceph: mon0 (1)[c::]:6789 connect error
[   59.809993][ T6247] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   60.044413][   T61] libceph: connect (1)[c::]:6789 error -101
[   60.046540][   T29] usb 6-1: Using ep0 maxpacket: 8
[   60.049082][   T61] libceph: mon0 (1)[c::]:6789 connect error
[   60.059467][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   60.071818][   T29] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   60.080543][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.093465][   T29] usb 6-1: config 0 descriptor??
[   60.361679][ T6244] ceph: No mds server is up or the cluster is laggy
[   60.564375][   T40] audit: type=1326 audit(1748571235.127:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   60.571131][   T40] audit: type=1326 audit(1748571235.127:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   60.578274][   T40] audit: type=1326 audit(1748571235.137:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=314 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   60.586594][   T40] audit: type=1326 audit(1748571235.137:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   60.593315][   T40] audit: type=1326 audit(1748571235.137:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   60.600892][   T40] audit: type=1326 audit(1748571235.137:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   60.604749][ T6256] netlink: 4 bytes leftover after parsing attributes in process `syz.2.67'.
[   60.608409][   T40] audit: type=1326 audit(1748571235.137:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   60.617589][ T6256] netlink: 8 bytes leftover after parsing attributes in process `syz.2.67'.
[   60.618012][   T40] audit: type=1326 audit(1748571235.137:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   60.627102][   T40] audit: type=1326 audit(1748571235.137:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   60.633955][   T40] audit: type=1326 audit(1748571235.137:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz.2.67" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[   61.035627][   T29] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   61.041650][   T29] usb 6-1: USB disconnect, device number 2
[   61.070423][ T6263] syz.1.70 uses obsolete (PF_INET,SOCK_PACKET)
[   61.075811][ T6263] netlink: 'syz.1.70': attribute type 1 has an invalid length.
[   61.078587][ T6263] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   61.089761][ T6265] netlink: 4 bytes leftover after parsing attributes in process `syz.3.69'.
[   61.144794][ T6269] bond_slave_1: entered promiscuous mode
[   61.147298][ T6269] bond_slave_1: left promiscuous mode
[   61.381507][ T6279] Illegal XDP return value 4294967274 on prog  (id 11) dev N/A, expect packet loss!
[   62.274221][ T6003] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   62.434160][ T6003] usb 7-1: Using ep0 maxpacket: 8
[   62.438628][ T6003] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   62.443043][ T6003] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   62.456911][ T6003] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.468315][ T6003] usb 7-1: config 0 descriptor??
[   63.442924][ T6003] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   63.465295][ T6003] usb 7-1: USB disconnect, device number 3
[   63.923800][ T6346] MTD: Attempt to mount non-MTD device "/dev/sr0"
[   63.988449][ T6349] MTD: Attempt to mount non-MTD device "/dev/sr0"
[   64.045966][ T6346] /dev/sr0: Can't open blockdev
[   64.144773][ T6349] /dev/sr0: Can't open blockdev
[   64.286758][ T6357] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   64.727422][ T6366] 9pnet: Could not find request transport: fdiYfdno=0x0000000000000003
[   65.340115][ T6381] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   65.621224][   T40] kauditd_printk_skb: 64 callbacks suppressed
[   65.621240][   T40] audit: type=1326 audit(1748571240.187:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.101" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7fc00000
[   66.208510][ T6402] process 'syz.2.109' launched './file0' with NULL argv: empty string added
[   66.406332][ T6412] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   66.924308][ T6431] netlink: 4 bytes leftover after parsing attributes in process `syz.0.121'.
[   66.930449][ T5305] Bluetooth: min 6 > max 0
[   67.619118][ T6447] 9pnet_virtio: no channels available for device syz
[   67.685415][ T6449] NILFS (loop0): device size too small
[   68.008970][ T6464] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   68.366927][   T29] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   68.488205][ T6474] usb 2-1: USB disconnect, device number 2
[   68.514547][   T29] usb 8-1: Using ep0 maxpacket: 8
[   68.532323][   T29] usb 8-1: config 92 has an invalid interface number: 120 but max is 3
[   68.547955][   T29] usb 8-1: config 92 has an invalid descriptor of length 0, skipping remainder of the config
[   68.567094][   T29] usb 8-1: config 92 has 1 interface, different from the descriptor's value: 4
[   68.588475][   T29] usb 8-1: config 92 has no interface number 0
[   68.606027][   T29] usb 8-1: config 92 interface 120 has no altsetting 0
[   68.625321][   T29] usb 8-1: New USB device found, idVendor=0bb4, idProduct=0a52, bcdDevice=a0.d0
[   68.649436][   T29] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   68.653374][   T29] usb 8-1: Product: Ᾰ鿀欭也疓挧懲鳧넘➝Ⓘ煨隝귏♮盺㶛뾇䯋⧹뾭쐆⢤쳠Ἕ픎ⵊ짭࿡꽺㞺ඹᙂㆎ䔙ᮟ͕䃨䡧鯻꼮壸癭룖걿酺䀷沛뵕ɬ㈖쐆古ḷ뚬ࣸ㋶䉂㉸ꬠ츢劀꽤⌊⋘స벋吷⃝籁ﴳ᮸㦊ｱ撥辖➀涤룕캢虖媾䄉ﬡ扥䖾漪權㞁⥼郫왻ꪀ뀹⏸ᵫ纬亿鍉莹ᓍ䧆ᩄೄ㡘⣠뫲ヷ歏
[   68.673114][   T29] usb 8-1: Manufacturer: Г
[   68.675502][   T29] usb 8-1: SerialNumber: ఇ
[   68.734575][ T6475] hub 2-0:1.0: USB hub found
[   68.748316][ T6475] hub 2-0:1.0: 6 ports detected
[   68.924295][   T61] usb 2-1: new high-speed USB device number 3 using ehci-pci
[   68.991214][ T6465] bond0: Error: Cannot enslave bond to itself.
[   68.994152][ T5305] Bluetooth: hci1: command tx timeout
[   69.091237][   T24] libceph: connect (1)[c::]:6789 error -101
[   69.096374][   T24] libceph: mon0 (1)[c::]:6789 connect error
[   69.106490][   T61] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[   69.109422][   T61] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[   69.111838][ T6487] overlayfs: conflicting lowerdir path
[   69.112004][   T61] usb 2-1: Product: QEMU USB Tablet
[   69.117032][   T61] usb 2-1: Manufacturer: QEMU
[   69.119816][   T61] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[   69.167216][   T61] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0002/input/input8
[   69.273159][   T61] hid-generic 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[   69.435419][   T29] usb 8-1: USB disconnect, device number 2
[   69.465017][ T6490] netlink: 84 bytes leftover after parsing attributes in process `syz.0.139'.
[   69.716055][   T24] libceph: connect (1)[c::]:6789 error -101
[   69.718391][   T24] libceph: mon0 (1)[c::]:6789 connect error
[   69.875334][ T6484] ceph: No mds server is up or the cluster is laggy
[   70.682138][ T6531] netlink: 'syz.3.149': attribute type 11 has an invalid length.
[   70.837491][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[   70.839757][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[   71.192357][ T6542] FAULT_INJECTION: forcing a failure.
[   71.192357][ T6542] name failslab, interval 1, probability 0, space 0, times 0
[   71.196818][ T6542] CPU: 3 UID: 0 PID: 6542 Comm: syz.0.153 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   71.196841][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   71.196852][ T6542] Call Trace:
[   71.196858][ T6542]  <TASK>
[   71.196865][ T6542]  dump_stack_lvl+0x16c/0x1f0
[   71.196889][ T6542]  should_fail_ex+0x512/0x640
[   71.196918][ T6542]  should_failslab+0xc2/0x120
[   71.196940][ T6542]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   71.196961][ T6542]  ? skb_clone+0x190/0x3f0
[   71.196991][ T6542]  skb_clone+0x190/0x3f0
[   71.197012][ T6542]  netlink_deliver_tap+0xabd/0xd30
[   71.197042][ T6542]  netlink_unicast+0x5df/0x7f0
[   71.197069][ T6542]  ? __pfx_netlink_unicast+0x10/0x10
[   71.197100][ T6542]  netlink_sendmsg+0x8d1/0xdd0
[   71.197128][ T6542]  ? __pfx_netlink_sendmsg+0x10/0x10
[   71.197153][ T6542]  ? __import_iovec+0x1dd/0x650
[   71.197185][ T6542]  ____sys_sendmsg+0xa95/0xc70
[   71.197213][ T6542]  ? __pfx_____sys_sendmsg+0x10/0x10
[   71.197235][ T6542]  ? get_compat_msghdr+0x11a/0x170
[   71.197268][ T6542]  ___sys_sendmsg+0x134/0x1d0
[   71.197290][ T6542]  ? __pfx____sys_sendmsg+0x10/0x10
[   71.197322][ T6542]  ? find_held_lock+0x2b/0x80
[   71.197363][ T6542]  __sys_sendmsg+0x16d/0x220
[   71.197383][ T6542]  ? __pfx___sys_sendmsg+0x10/0x10
[   71.197415][ T6542]  ? rcu_is_watching+0x12/0xc0
[   71.197442][ T6542]  __do_fast_syscall_32+0x7c/0x3a0
[   71.197465][ T6542]  do_fast_syscall_32+0x32/0x80
[   71.197486][ T6542]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   71.197507][ T6542] RIP: 0023:0xf70be579
[   71.197520][ T6542] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   71.197536][ T6542] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   71.197553][ T6542] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000240
[   71.197563][ T6542] RDX: 0000000000000014 RSI: 0000000000000000 RDI: 0000000000000000
[   71.197572][ T6542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   71.197582][ T6542] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   71.197592][ T6542] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   71.197615][ T6542]  </TASK>
[   71.327627][ T6545] sctp: [Deprecated]: syz.0.154 (pid 6545) Use of struct sctp_assoc_value in delayed_ack socket option.
[   71.327627][ T6545] Use struct sctp_sack_info instead
[   71.933932][ T6570] netlink: 128 bytes leftover after parsing attributes in process `syz.0.163'.
[   71.983320][ T6574] netlink: 16 bytes leftover after parsing attributes in process `syz.0.165'.
[   71.988481][ T6574] netlink: 16 bytes leftover after parsing attributes in process `syz.0.165'.
[   71.994573][ T6574] netlink: 8 bytes leftover after parsing attributes in process `syz.0.165'.
[   71.998869][ T6574] xt_limit: Overflow, try lower: 330673899/4200216962
[   72.054229][   T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   72.233001][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[   72.253216][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   72.271209][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[   72.304216][ T6003] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   72.312218][   T24] usb 7-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[   72.323211][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.334276][   T24] usb 7-1: Product: syz
[   72.340545][   T24] usb 7-1: Manufacturer: syz
[   72.349030][   T24] usb 7-1: SerialNumber: syz
[   72.413245][   T24] usb 7-1: config 0 descriptor??
[   72.467144][ T6003] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   72.469931][ T6003] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.482127][ T6003] usb 5-1: Product: syz
[   72.483488][ T6003] usb 5-1: Manufacturer: syz
[   72.484984][ T6003] usb 5-1: SerialNumber: syz
[   72.487680][ T6003] usb 5-1: config 0 descriptor??
[   72.657925][   T24] adutux 7-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[   72.707212][ T6004] usb 5-1: USB disconnect, device number 2
[   72.853634][ T6003] usb 7-1: USB disconnect, device number 4
[   72.860905][ T6556] trusted_key: syz.2.159 sent an empty control message without MSG_MORE.
[   73.941447][ T6633] FAULT_INJECTION: forcing a failure.
[   73.941447][ T6633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.947493][ T6633] CPU: 3 UID: 0 PID: 6633 Comm: syz.2.182 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   73.947515][ T6633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.947525][ T6633] Call Trace:
[   73.947531][ T6633]  <TASK>
[   73.947537][ T6633]  dump_stack_lvl+0x16c/0x1f0
[   73.947559][ T6633]  should_fail_ex+0x512/0x640
[   73.947585][ T6633]  _copy_from_user+0x2e/0xd0
[   73.947609][ T6633]  get_compat_msghdr+0xa7/0x170
[   73.947630][ T6633]  ? __pfx_get_compat_msghdr+0x10/0x10
[   73.947659][ T6633]  ___sys_sendmsg+0x1ae/0x1d0
[   73.947680][ T6633]  ? __pfx____sys_sendmsg+0x10/0x10
[   73.947710][ T6633]  ? find_held_lock+0x2b/0x80
[   73.947747][ T6633]  __sys_sendmsg+0x16d/0x220
[   73.947766][ T6633]  ? __pfx___sys_sendmsg+0x10/0x10
[   73.947794][ T6633]  ? rcu_is_watching+0x12/0xc0
[   73.947820][ T6633]  __do_fast_syscall_32+0x7c/0x3a0
[   73.947841][ T6633]  do_fast_syscall_32+0x32/0x80
[   73.947860][ T6633]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   73.947879][ T6633] RIP: 0023:0xf7fc1579
[   73.947891][ T6633] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   73.947906][ T6633] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   73.947921][ T6633] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[   73.947931][ T6633] RDX: 0000000004000840 RSI: 0000000000000000 RDI: 0000000000000000
[   73.947940][ T6633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   73.947948][ T6633] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   73.947957][ T6633] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   73.947977][ T6633]  </TASK>
[   74.140337][ T6637] FAULT_INJECTION: forcing a failure.
[   74.140337][ T6637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.145385][ T6637] CPU: 2 UID: 0 PID: 6637 Comm: syz.2.183 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   74.145408][ T6637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.145418][ T6637] Call Trace:
[   74.145424][ T6637]  <TASK>
[   74.145431][ T6637]  dump_stack_lvl+0x16c/0x1f0
[   74.145456][ T6637]  should_fail_ex+0x512/0x640
[   74.145483][ T6637]  _copy_from_user+0x2e/0xd0
[   74.145503][ T6637]  snd_seq_ioctl+0x1bf/0x410
[   74.145528][ T6637]  ? __pfx_snd_seq_ioctl+0x10/0x10
[   74.145566][ T6637]  ? __fget_files+0x20e/0x3c0
[   74.145581][ T6637]  ? fput+0x60/0xf0
[   74.145604][ T6637]  snd_seq_ioctl_compat+0xea/0x310
[   74.145627][ T6637]  ? __pfx_snd_seq_ioctl_compat+0x10/0x10
[   74.145651][ T6637]  __ia32_compat_sys_ioctl+0x23f/0x370
[   74.145678][ T6637]  __do_fast_syscall_32+0x7c/0x3a0
[   74.145699][ T6637]  do_fast_syscall_32+0x32/0x80
[   74.145719][ T6637]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   74.145741][ T6637] RIP: 0023:0xf7fc1579
[   74.145753][ T6637] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   74.145768][ T6637] RSP: 002b:00000000f50c555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   74.145783][ T6637] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000040605346
[   74.145805][ T6637] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[   74.145815][ T6637] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   74.145825][ T6637] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   74.145834][ T6637] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   74.145857][ T6637]  </TASK>
[   74.334612][ T6642] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   74.336814][ T6642] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   74.341432][ T6642] vhci_hcd vhci_hcd.0: Device attached
[   74.346683][ T6643] vhci_hcd: cannot find a urb of seqnum 6 max seqnum 0
[   74.350469][   T60] vhci_hcd: stop threads
[   74.352222][   T60] vhci_hcd: release socket
[   74.353775][   T60] vhci_hcd: disconnect device
[   74.428928][ T6646] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   74.506981][   T40] audit: type=1326 audit(1748571249.077:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.0.189" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   74.513870][   T40] audit: type=1326 audit(1748571249.077:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.0.189" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   74.521561][   T40] audit: type=1326 audit(1748571249.077:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.0.189" exe="/syz-executor" sig=0 arch=40000003 syscall=46 compat=1 ip=0xf70be579 code=0x7ffc0000
[   74.528955][   T40] audit: type=1326 audit(1748571249.077:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.0.189" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   74.536667][   T40] audit: type=1326 audit(1748571249.077:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.0.189" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   74.543414][   T40] audit: type=1326 audit(1748571249.077:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.0.189" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70be579 code=0x7ffc0000
[   74.550389][   T40] audit: type=1326 audit(1748571249.077:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.0.189" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   74.558420][ T6655] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   74.620724][ T6657] binder: BINDER_SET_CONTEXT_MGR already set
[   74.623355][ T6657] binder: 6656:6657 ioctl 4018620d 800001c0 returned -16
[   74.815068][ T6659] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.192'.
[   74.970251][ T6669] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[   74.973042][ T6669] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   74.978699][ T6669] vhci_hcd vhci_hcd.0: Device attached
[   74.982375][ T6670] usbip_core: unknown command
[   74.983942][ T6670] vhci_hcd: unknown pdu 774857321
[   74.986754][ T6670] usbip_core: unknown command
[   74.990274][   T99] vhci_hcd: stop threads
[   74.992076][   T99] vhci_hcd: release socket
[   74.993532][   T99] vhci_hcd: disconnect device
[   76.035421][ T5305] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   76.038165][ T5305] Bluetooth: hci1: Injecting HCI hardware error event
[   76.955449][ T6707] netlink: 4 bytes leftover after parsing attributes in process `syz.0.206'.
[   78.114571][ T5957] Bluetooth: hci1: command 0x0406 tx timeout
[   78.118871][ T6734] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   78.135383][ T5305] Bluetooth: hci1: hardware error 0x00
[   78.212126][ T6738] netlink: 'syz.0.209': attribute type 4 has an invalid length.
[   78.334285][ T6741] netlink: 16 bytes leftover after parsing attributes in process `syz.3.214'.
[   78.337872][ T6741] netlink: 16 bytes leftover after parsing attributes in process `syz.3.214'.
[   78.341240][ T6741] netlink: 8 bytes leftover after parsing attributes in process `syz.3.214'.
[   78.357498][ T6741] xt_limit: Overflow, try lower: 330673899/4200216962
[   78.552020][ T6732] syz.2.212 (6732) used greatest stack depth: 20776 bytes left
[   78.742221][ T6745] 9pnet_fd: p9_fd_create_tcp (6745): problem connecting socket to 127.0.0.1
[   78.812794][ T6749] netfs: Couldn't get user pages (rc=-14)
[   79.960864][ T6777] can0: slcan on ttyprintk.
[   80.052350][ T6778] 9pnet_virtio: no channels available for device syz
[   80.202147][ T6789] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   80.354860][ T5305] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   80.461274][ T6796] 9pnet_fd: Insufficient options for proto=fd
[   80.664902][ T6802] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   80.825668][ T6775] can0 (unregistered): slcan off ttyprintk.
[   81.077331][  T840] cfg80211: failed to load regulatory.db
[   81.624445][ T6834] netlink: 40 bytes leftover after parsing attributes in process `syz.1.238'.
[   81.659459][ T6838] netlink: 16 bytes leftover after parsing attributes in process `syz.1.240'.
[   81.663409][ T6838] netlink: 16 bytes leftover after parsing attributes in process `syz.1.240'.
[   81.668045][ T6838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.240'.
[   81.738375][ T6842] FAULT_INJECTION: forcing a failure.
[   81.738375][ T6842] name failslab, interval 1, probability 0, space 0, times 0
[   81.742581][ T6842] CPU: 3 UID: 0 PID: 6842 Comm: syz.3.242 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   81.742596][ T6842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.742602][ T6842] Call Trace:
[   81.742607][ T6842]  <TASK>
[   81.742611][ T6842]  dump_stack_lvl+0x16c/0x1f0
[   81.742627][ T6842]  should_fail_ex+0x512/0x640
[   81.742642][ T6842]  ? __kvmalloc_node_noprof+0x122/0x620
[   81.742654][ T6842]  should_failslab+0xc2/0x120
[   81.742668][ T6842]  __kvmalloc_node_noprof+0x135/0x620
[   81.742679][ T6842]  ? alloc_netdev_mqs+0xd2/0x1570
[   81.742692][ T6842]  ? _copy_from_user+0x59/0xd0
[   81.742708][ T6842]  ? __pfx_reg_vif_setup+0x10/0x10
[   81.742724][ T6842]  ? alloc_netdev_mqs+0xd2/0x1570
[   81.742735][ T6842]  alloc_netdev_mqs+0xd2/0x1570
[   81.742751][ T6842]  ip6_mroute_setsockopt+0xaca/0x20d0
[   81.742767][ T6842]  ? __pfx_ip6_mroute_setsockopt+0x10/0x10
[   81.742782][ T6842]  ? find_held_lock+0x2b/0x80
[   81.742796][ T6842]  ? __might_fault+0xe3/0x190
[   81.742807][ T6842]  ? __might_fault+0xe3/0x190
[   81.742817][ T6842]  ? __might_fault+0x13b/0x190
[   81.742833][ T6842]  ? copy_from_sockptr_offset.constprop.0+0xe4/0x1a0
[   81.742850][ T6842]  ? arch_stack_walk+0xa6/0x100
[   81.742870][ T6842]  ? do_ipv6_setsockopt+0x7b1/0x4300
[   81.742885][ T6842]  do_ipv6_setsockopt+0x7b1/0x4300
[   81.742904][ T6842]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[   81.742922][ T6842]  ? aa_label_sk_perm+0x19b/0x5a0
[   81.742935][ T6842]  ? __pfx_aa_label_sk_perm+0x10/0x10
[   81.742946][ T6842]  ? __lock_acquire+0x622/0x1c90
[   81.742966][ T6842]  ? __pfx___might_resched+0x10/0x10
[   81.742984][ T6842]  ? ipv6_setsockopt+0xcb/0x170
[   81.742998][ T6842]  ? aa_sk_perm+0x2f4/0xb10
[   81.743007][ T6842]  ipv6_setsockopt+0xcb/0x170
[   81.743023][ T6842]  rawv6_setsockopt+0xc2/0x510
[   81.743038][ T6842]  ? __pfx_rawv6_setsockopt+0x10/0x10
[   81.743053][ T6842]  ? sock_common_setsockopt+0x2e/0xf0
[   81.743069][ T6842]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   81.743083][ T6842]  do_sock_setsockopt+0x224/0x470
[   81.743098][ T6842]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   81.743121][ T6842]  __sys_setsockopt+0x120/0x1a0
[   81.743134][ T6842]  __ia32_sys_setsockopt+0xbc/0x160
[   81.743145][ T6842]  ? lockdep_hardirqs_on+0x7c/0x110
[   81.743157][ T6842]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   81.743169][ T6842]  __do_fast_syscall_32+0x7c/0x3a0
[   81.743183][ T6842]  do_fast_syscall_32+0x32/0x80
[   81.743195][ T6842]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   81.743209][ T6842] RIP: 0023:0xf712e579
[   81.743217][ T6842] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   81.743227][ T6842] RSP: 002b:00000000f511e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[   81.743237][ T6842] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[   81.743244][ T6842] RDX: 00000000000000ca RSI: 0000000080000040 RDI: 000000000000000c
[   81.743250][ T6842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   81.743255][ T6842] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   81.743261][ T6842] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.743273][ T6842]  </TASK>
[   81.872837][ T6843] 9pnet_virtio: no channels available for device syz
[   81.881298][ T6845] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   82.365399][ T5305] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[   82.369264][ T5305] Bluetooth: hci2: Injecting HCI hardware error event
[   82.422406][ T6850] 9pnet_virtio: no channels available for device syz
[   82.769127][ T6856] netlink: 8 bytes leftover after parsing attributes in process `syz.3.247'.
[   82.810210][ T6861] FAULT_INJECTION: forcing a failure.
[   82.810210][ T6861] name failslab, interval 1, probability 0, space 0, times 0
[   82.814433][ T6861] CPU: 0 UID: 0 PID: 6861 Comm: syz.1.248 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   82.814447][ T6861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   82.814453][ T6861] Call Trace:
[   82.814457][ T6861]  <TASK>
[   82.814461][ T6861]  dump_stack_lvl+0x16c/0x1f0
[   82.814477][ T6861]  should_fail_ex+0x512/0x640
[   82.814504][ T6861]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   82.814519][ T6861]  should_failslab+0xc2/0x120
[   82.814532][ T6861]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   82.814543][ T6861]  ? __pfx___might_resched+0x10/0x10
[   82.814558][ T6861]  ? alloc_vmap_area+0x64e/0x28f0
[   82.814576][ T6861]  alloc_vmap_area+0x64e/0x28f0
[   82.814596][ T6861]  ? __pfx_alloc_vmap_area+0x10/0x10
[   82.814614][ T6861]  __get_vm_area_node+0x1ca/0x330
[   82.814632][ T6861]  __vmalloc_node_range_noprof+0x277/0x1520
[   82.814649][ T6861]  ? bpf_prog_alloc_no_stats+0x54/0x630
[   82.814660][ T6861]  ? should_fail_alloc_page+0xee/0x130
[   82.814675][ T6861]  ? trace_mm_page_alloc+0x11f/0x1a0
[   82.814690][ T6861]  ? bpf_prog_alloc_no_stats+0x54/0x630
[   82.814701][ T6861]  ? is_bpf_text_address+0x94/0x1a0
[   82.814714][ T6861]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   82.814730][ T6861]  ? aa_get_newest_label+0x375/0x680
[   82.814748][ T6861]  ? __pfx_aa_get_newest_label+0x10/0x10
[   82.814766][ T6861]  ? bpf_prog_alloc_no_stats+0x54/0x630
[   82.814776][ T6861]  __vmalloc_node_noprof+0xad/0xf0
[   82.814792][ T6861]  ? bpf_prog_alloc_no_stats+0x54/0x630
[   82.814803][ T6861]  bpf_prog_alloc_no_stats+0x54/0x630
[   82.814813][ T6861]  ? security_capable+0x7e/0x260
[   82.814832][ T6861]  bpf_prog_alloc+0x3b/0x230
[   82.814840][ T6861]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   82.814854][ T6861]  bpf_prog_load+0x160e/0x2490
[   82.814870][ T6861]  ? __pfx_bpf_prog_load+0x10/0x10
[   82.814895][ T6861]  __sys_bpf+0x433c/0x4d80
[   82.814925][ T6861]  ? __pfx___sys_bpf+0x10/0x10
[   82.814939][ T6861]  ? ksys_write+0x190/0x250
[   82.814952][ T6861]  ? __mutex_unlock_slowpath+0x161/0x6a0
[   82.814973][ T6861]  ? fput+0x70/0xf0
[   82.814985][ T6861]  ? ksys_write+0x1ac/0x250
[   82.814994][ T6861]  ? __pfx_ksys_write+0x10/0x10
[   82.815007][ T6861]  __ia32_sys_bpf+0x76/0xe0
[   82.815021][ T6861]  __do_fast_syscall_32+0x7c/0x3a0
[   82.815035][ T6861]  do_fast_syscall_32+0x32/0x80
[   82.815047][ T6861]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   82.815060][ T6861] RIP: 0023:0xf7ff2579
[   82.815068][ T6861] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   82.815078][ T6861] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[   82.815088][ T6861] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000400
[   82.815094][ T6861] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[   82.815100][ T6861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   82.815105][ T6861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   82.815111][ T6861] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   82.815123][ T6861]  </TASK>
[   82.816579][ T6861] syz.1.248: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[   82.920073][ T6861] CPU: 0 UID: 0 PID: 6861 Comm: syz.1.248 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   82.920087][ T6861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   82.920093][ T6861] Call Trace:
[   82.920097][ T6861]  <TASK>
[   82.920101][ T6861]  dump_stack_lvl+0x16c/0x1f0
[   82.920117][ T6861]  warn_alloc+0x248/0x3a0
[   82.920130][ T6861]  ? __pfx_warn_alloc+0x10/0x10
[   82.920142][ T6861]  ? kfree+0x2b4/0x4d0
[   82.920154][ T6861]  ? __get_vm_area_node+0x208/0x330
[   82.920172][ T6861]  __vmalloc_node_range_noprof+0xd32/0x1520
[   82.920188][ T6861]  ? should_fail_alloc_page+0xee/0x130
[   82.920205][ T6861]  ? trace_mm_page_alloc+0x11f/0x1a0
[   82.920220][ T6861]  ? bpf_prog_alloc_no_stats+0x54/0x630
[   82.920232][ T6861]  ? is_bpf_text_address+0x94/0x1a0
[   82.920245][ T6861]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   82.920262][ T6861]  ? aa_get_newest_label+0x375/0x680
[   82.920279][ T6861]  ? __pfx_aa_get_newest_label+0x10/0x10
[   82.920297][ T6861]  ? bpf_prog_alloc_no_stats+0x54/0x630
[   82.920307][ T6861]  __vmalloc_node_noprof+0xad/0xf0
[   82.920323][ T6861]  ? bpf_prog_alloc_no_stats+0x54/0x630
[   82.920335][ T6861]  bpf_prog_alloc_no_stats+0x54/0x630
[   82.920345][ T6861]  ? security_capable+0x7e/0x260
[   82.920362][ T6861]  bpf_prog_alloc+0x3b/0x230
[   82.920370][ T6861]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   82.920384][ T6861]  bpf_prog_load+0x160e/0x2490
[   82.920400][ T6861]  ? __pfx_bpf_prog_load+0x10/0x10
[   82.920424][ T6861]  __sys_bpf+0x433c/0x4d80
[   82.920439][ T6861]  ? __pfx___sys_bpf+0x10/0x10
[   82.920452][ T6861]  ? ksys_write+0x190/0x250
[   82.920464][ T6861]  ? __mutex_unlock_slowpath+0x161/0x6a0
[   82.920485][ T6861]  ? fput+0x70/0xf0
[   82.920497][ T6861]  ? ksys_write+0x1ac/0x250
[   82.920506][ T6861]  ? __pfx_ksys_write+0x10/0x10
[   82.920519][ T6861]  __ia32_sys_bpf+0x76/0xe0
[   82.920533][ T6861]  __do_fast_syscall_32+0x7c/0x3a0
[   82.920547][ T6861]  do_fast_syscall_32+0x32/0x80
[   82.920560][ T6861]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   82.920572][ T6861] RIP: 0023:0xf7ff2579
[   82.920581][ T6861] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   82.920591][ T6861] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[   82.920600][ T6861] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000400
[   82.920607][ T6861] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[   82.920613][ T6861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   82.920618][ T6861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   82.920624][ T6861] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   82.920636][ T6861]  </TASK>
[   82.920640][ T6861] Mem-Info:
[   82.920646][ T6861] active_anon:8198 inactive_anon:17886 isolated_anon:0
[   82.920646][ T6861]  active_file:6184 inactive_file:40394 isolated_file:0
[   82.920646][ T6861]  unevictable:1768 dirty:293 writeback:0
[   82.920646][ T6861]  slab_reclaimable:9875 slab_unreclaimable:53341
[   82.920646][ T6861]  mapped:25901 shmem:22075 pagetables:764
[   82.920646][ T6861]  sec_pagetables:300 bounce:0
[   82.920646][ T6861]  kernel_misc_reclaimable:0
[   82.920646][ T6861]  free:39890 free_pcp:713 free_cma:0
[   82.920702][ T6861] Node 0 active_anon:3224kB inactive_anon:0kB active_file:208kB inactive_file:12552kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7364kB dirty:24kB writeback:0kB shmem:4580kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7788kB pagetables:576kB sec_pagetables:1108kB all_unreclaimable? yes Balloon:0kB
[   82.920729][ T6861] Node 1 active_anon:29568kB inactive_anon:71544kB active_file:24528kB inactive_file:149024kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:96240kB dirty:1148kB writeback:0kB shmem:83720kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4228kB pagetables:2480kB sec_pagetables:92kB all_unreclaimable? no Balloon:0kB
[   82.920755][ T6861] Node 0 DMA free:3180kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   82.920783][ T6861] lowmem_reserve[]: 0 290 290 290 290
[   82.920803][ T6861] Node 0 DMA32 free:33272kB boost:18432kB min:31764kB low:35096kB high:38428kB reserved_highatomic:4096KB active_anon:3224kB inactive_anon:0kB active_file:208kB inactive_file:12552kB unevictable:3536kB writepending:24kB present:1032196kB managed:296984kB mlocked:0kB bounce:0kB free_pcp:164kB local_pcp:56kB free_cma:0kB
[   82.920831][ T6861] lowmem_reserve[]: 0 0 0 0 0
[   82.920850][ T6861] Node 1 DMA32 free:123108kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:29568kB inactive_anon:71544kB active_file:24528kB inactive_file:149024kB unevictable:3536kB writepending:1148kB present:1048432kB managed:948276kB mlocked:0kB bounce:0kB free_pcp:2688kB local_pcp:1048kB free_cma:0kB
[   82.920878][ T6861] lowmem_reserve[]: 0 0 0 0 0
[   82.920897][ T6861] Node 0 DMA: 63*4kB (UE) 32*8kB (UE) 15*16kB (UE) 16*32kB (U) 2*64kB (UE) 0*128kB 1*256kB (E) 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 3180kB
[   83.080097][ T6861] Node 0 DMA32: 1122*4kB (UMH) 268*8kB (UME) 75*16kB (UMH) 317*32kB (UMEH) 83*64kB (UMH) 20*128kB (UMH) 9*256kB (UH) 2*512kB (UH) 4*1024kB (UMH) 0*2048kB 0*4096kB = 33272kB
[   83.085895][ T6861] Node 1 DMA32: 377*4kB (UME) 611*8kB (UME) 329*16kB (UME) 222*32kB (UME) 162*64kB (UME) 66*128kB (UME) 45*256kB (UME) 27*512kB (UME) 17*1024kB (UME) 5*2048kB (UM) 8*4096kB (UM) = 123340kB
[   83.091735][ T6861] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   83.094881][ T6861] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   83.097748][ T6861] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   83.100803][ T6861] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   83.103644][ T6861] 68674 total pagecache pages
[   83.105436][ T6861] 0 pages in swap cache
[   83.106777][ T6861] Free swap  = 124996kB
[   83.108104][ T6861] Total swap = 124996kB
[   83.109580][ T6861] 524155 pages RAM
[   83.110783][ T6861] 0 pages HighMem/MovableOnly
[   83.112250][ T6861] 209000 pages reserved
[   83.113589][ T6861] 0 pages cma reserved
[   83.169989][  T840] IPVS: starting estimator thread 0...
[   83.171939][ T6869] netlink: 16 bytes leftover after parsing attributes in process `syz.0.249'.
[   83.176391][ T6869] netlink: 16 bytes leftover after parsing attributes in process `syz.0.249'.
[   83.195983][ T6866] binder: BINDER_SET_CONTEXT_MGR already set
[   83.198005][ T6866] binder: 6864:6866 ioctl 4018620d 80000040 returned -16
[   83.200893][ T6866] binder: 6864:6866 ioctl c0306201 0 returned -14
[   83.236346][ T6875] netlink: 'syz.1.250': attribute type 7 has an invalid length.
[   83.274206][ T6870] IPVS: using max 43 ests per chain, 103200 per kthread
[   83.727211][ T6883] xt_CT: No such helper "snmp"
[   83.836770][ T6886] netlink: zone id is out of range
[   83.840730][ T6886] netlink: zone id is out of range
[   83.842396][ T6886] netlink: zone id is out of range
[   83.846483][ T6886] netlink: zone id is out of range
[   83.849499][ T6886] netlink: del zone limit has 4 unknown bytes
[   83.951513][ T6894] __nla_validate_parse: 1 callbacks suppressed
[   83.951523][ T6894] netlink: 16 bytes leftover after parsing attributes in process `syz.1.260'.
[   83.959182][ T6894] netlink: 16 bytes leftover after parsing attributes in process `syz.1.260'.
[   83.963739][ T6894] netlink: 8 bytes leftover after parsing attributes in process `syz.1.260'.
[   84.100391][ T6902] FAULT_INJECTION: forcing a failure.
[   84.100391][ T6902] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.104952][ T6902] CPU: 2 UID: 0 PID: 6902 Comm: syz.1.262 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   84.104967][ T6902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   84.104973][ T6902] Call Trace:
[   84.104977][ T6902]  <TASK>
[   84.104982][ T6902]  dump_stack_lvl+0x16c/0x1f0
[   84.104998][ T6902]  should_fail_ex+0x512/0x640
[   84.105015][ T6902]  _copy_to_user+0x32/0xd0
[   84.105032][ T6902]  simple_read_from_buffer+0xcb/0x170
[   84.105049][ T6902]  proc_fail_nth_read+0x197/0x270
[   84.105066][ T6902]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   84.105082][ T6902]  ? rw_verify_area+0xcf/0x680
[   84.105097][ T6902]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   84.105112][ T6902]  vfs_read+0x1e1/0xc60
[   84.105123][ T6902]  ? fdget_pos+0x2a2/0x370
[   84.105139][ T6902]  ? __pfx_vfs_read+0x10/0x10
[   84.105147][ T6902]  ? find_held_lock+0x2b/0x80
[   84.105166][ T6902]  ? __fget_files+0x20e/0x3c0
[   84.105180][ T6902]  ksys_read+0x12a/0x250
[   84.105189][ T6902]  ? __pfx_ksys_read+0x10/0x10
[   84.105200][ T6902]  ? rcu_is_watching+0x12/0xc0
[   84.105216][ T6902]  __do_fast_syscall_32+0x7c/0x3a0
[   84.105230][ T6902]  do_fast_syscall_32+0x32/0x80
[   84.105242][ T6902]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   84.105255][ T6902] RIP: 0023:0xf7ff2579
[   84.105264][ T6902] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   84.105274][ T6902] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   84.105284][ T6902] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5116620
[   84.105290][ T6902] RDX: 000000000000000f RSI: 00000000f7482ff4 RDI: 0000000000000000
[   84.105296][ T6902] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   84.105301][ T6902] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   84.105307][ T6902] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   84.105320][ T6902]  </TASK>
[   84.185885][    C2] vkms_vblank_simulate: vblank timer overrun
[   84.367005][ T6914] netlink: 4 bytes leftover after parsing attributes in process `syz.0.265'.
[   84.371517][ T6914] netlink: 4 bytes leftover after parsing attributes in process `syz.0.265'.
[   84.439990][ T5305] Bluetooth: hci2: hardware error 0x00
[   84.445547][ T5957] Bluetooth: hci2: command 0x0406 tx timeout
[   84.482711][ T6918] netlink: 20 bytes leftover after parsing attributes in process `syz.0.266'.
[   84.677983][ T6911] kvm: kvm [6910]: vcpu0, guest rIP: 0x1a3 Unhandled WRMSR(0xc2) = 0x8000
[   84.702980][ T6925] netlink: 16 bytes leftover after parsing attributes in process `syz.0.269'.
[   84.706325][ T6925] netlink: 16 bytes leftover after parsing attributes in process `syz.0.269'.
[   84.714530][ T6925] netlink: 8 bytes leftover after parsing attributes in process `syz.0.269'.
[   85.115986][ T6946] netlink: 4 bytes leftover after parsing attributes in process `syz.2.277'.
[   85.714679][ T5957] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[   85.717323][ T5957] Bluetooth: hci0: Injecting HCI hardware error event
[   85.720598][   T63] Bluetooth: hci0: hardware error 0x00
[   86.013253][ T7010] sp0: Synchronizing with TNC
[   86.524231][ T5305] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[   86.934196][ T1469] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   87.086920][ T1469] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   87.093427][ T1469] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.095994][ T1469] usb 8-1: Product: syz
[   87.097318][ T1469] usb 8-1: Manufacturer: syz
[   87.098738][ T1469] usb 8-1: SerialNumber: syz
[   87.101492][ T1469] usb 8-1: config 0 descriptor??
[   87.312569][   T34] usb 8-1: USB disconnect, device number 3
[   87.794127][   T63] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[   88.214212][  T840] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   88.366213][  T840] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.369610][  T840] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.372486][  T840] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   88.377442][  T840] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   88.380166][  T840] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.383870][  T840] usb 7-1: config 0 descriptor??
[   88.450737][ T7085] lo speed is unknown, defaulting to 1000
[   88.453200][ T7085] lo speed is unknown, defaulting to 1000
[   88.462109][ T7085] lo speed is unknown, defaulting to 1000
[   88.478192][ T7085] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   88.496176][ T7085] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   88.550924][ T7085] lo speed is unknown, defaulting to 1000
[   88.556761][ T7085] lo speed is unknown, defaulting to 1000
[   88.561696][ T7085] lo speed is unknown, defaulting to 1000
[   88.566649][ T7085] lo speed is unknown, defaulting to 1000
[   88.649980][ T7081] lo speed is unknown, defaulting to 1000
[   88.792687][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.795108][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.797480][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.799740][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.802121][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.804418][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.806711][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.809310][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.811505][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.814261][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.816844][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.819692][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.822365][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.824956][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.827421][  T840] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[   88.830317][  T840] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[   88.840524][  T840] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   88.958038][ T7091] __nla_validate_parse: 3 callbacks suppressed
[   88.958050][ T7091] netlink: 68 bytes leftover after parsing attributes in process `syz.3.316'.
[   89.221133][ T7101] netlink: 'syz.2.311': attribute type 4 has an invalid length.
[   89.233023][ T7101] netlink: 20 bytes leftover after parsing attributes in process `syz.2.311'.
[   89.242036][ T7098] netfs: Couldn't get user pages (rc=-14)
[   90.254922][  T840] usb 7-1: reset high-speed USB device number 5 using dummy_hcd
[   90.355749][  T838] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   90.526944][  T838] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   90.529957][  T838] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.532471][  T838] usb 6-1: Product: syz
[   90.533897][  T838] usb 6-1: Manufacturer: syz
[   90.535551][  T838] usb 6-1: SerialNumber: syz
[   90.538379][  T838] usb 6-1: config 0 descriptor??
[   90.745154][ T1469] usb 6-1: USB disconnect, device number 3
[   91.772543][   T59] usb 7-1: USB disconnect, device number 5
[   92.138449][ T6004] libceph: connect (1)[c::]:6789 error -101
[   92.154360][ T6004] libceph: mon0 (1)[c::]:6789 connect error
[   92.180365][ T7165] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   92.413884][ T7170] 9pnet_virtio: no channels available for device syz
[   92.416447][ T6004] libceph: connect (1)[c::]:6789 error -101
[   92.418575][ T6004] libceph: mon0 (1)[c::]:6789 connect error
[   92.419673][ T7172] 9pnet_virtio: no channels available for device syz
[   92.705618][ T7162] ceph: No mds server is up or the cluster is laggy
[   92.786926][ T7179] netlink: 12 bytes leftover after parsing attributes in process `syz.2.334'.
[   93.098580][ T7190] Dead loop on virtual device ip6_vti0, fix it urgently!
[   93.107842][ T7190] overlayfs: failed to resolve './file0': -2
[   93.164223][   T10] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   93.320140][   T10] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   93.323976][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.328131][   T10] usb 8-1: Product: syz
[   93.337982][   T10] usb 8-1: Manufacturer: syz
[   93.341514][   T10] usb 8-1: SerialNumber: syz
[   93.347602][   T10] usb 8-1: config 0 descriptor??
[   93.565326][  T838] usb 8-1: USB disconnect, device number 4
[   93.923094][ T7202] netfs: Couldn't get user pages (rc=-14)
[   94.038394][ T7210] FAULT_INJECTION: forcing a failure.
[   94.038394][ T7210] name failslab, interval 1, probability 0, space 0, times 0
[   94.042355][ T7210] CPU: 2 UID: 0 PID: 7210 Comm: syz.2.344 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   94.042369][ T7210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.042375][ T7210] Call Trace:
[   94.042379][ T7210]  <TASK>
[   94.042394][ T7210]  dump_stack_lvl+0x16c/0x1f0
[   94.042413][ T7210]  should_fail_ex+0x512/0x640
[   94.042430][ T7210]  should_failslab+0xc2/0x120
[   94.042445][ T7210]  __kmalloc_cache_noprof+0x6a/0x3e0
[   94.042455][ T7210]  ? __pfx_sctp_get_port_local+0x10/0x10
[   94.042469][ T7210]  ? sctp_bind_addr_match+0x193/0x300
[   94.042479][ T7210]  ? sctp_add_bind_addr+0xae/0x3f0
[   94.042492][ T7210]  sctp_add_bind_addr+0xae/0x3f0
[   94.042506][ T7210]  sctp_do_bind+0x2d6/0x700
[   94.042524][ T7210]  sctp_connect_new_asoc+0x5fd/0x790
[   94.042542][ T7210]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[   94.042561][ T7210]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[   94.042579][ T7210]  sctp_sendmsg+0x15f9/0x1ee0
[   94.042599][ T7210]  ? __pfx_sctp_sendmsg+0x10/0x10
[   94.042616][ T7210]  ? __pfx___might_resched+0x10/0x10
[   94.042636][ T7210]  ? __might_fault+0xe3/0x190
[   94.042648][ T7210]  ? __pfx_aa_sk_perm+0x10/0x10
[   94.042661][ T7210]  ? __pfx_sctp_sendmsg+0x10/0x10
[   94.042678][ T7210]  inet_sendmsg+0x11c/0x140
[   94.042690][ T7210]  __sys_sendto+0x43c/0x520
[   94.042702][ T7210]  ? __pfx___sys_sendto+0x10/0x10
[   94.042724][ T7210]  ? ksys_write+0x1ac/0x250
[   94.042734][ T7210]  ? __pfx_ksys_write+0x10/0x10
[   94.042746][ T7210]  __ia32_sys_sendto+0xdd/0x1b0
[   94.042756][ T7210]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.042768][ T7210]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   94.042780][ T7210]  __do_fast_syscall_32+0x7c/0x3a0
[   94.042794][ T7210]  do_fast_syscall_32+0x32/0x80
[   94.042807][ T7210]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   94.042820][ T7210] RIP: 0023:0xf7fc1579
[   94.042829][ T7210] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   94.042838][ T7210] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[   94.042848][ T7210] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080847fff
[   94.042855][ T7210] RDX: 00000000000034c8 RSI: 0000000000000000 RDI: 000000008005ffe4
[   94.042860][ T7210] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[   94.042866][ T7210] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   94.042872][ T7210] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   94.042884][ T7210]  </TASK>
[   94.123959][    C2] vkms_vblank_simulate: vblank timer overrun
[   94.466562][ T7234] 9pnet_virtio: no channels available for device syz
[   94.551673][ T7236] Dead loop on virtual device ip6_vti0, fix it urgently!
[   94.560276][ T7236] overlayfs: failed to resolve './file0': -2
[   95.474550][  T840] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   95.688770][  T840] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   95.692585][  T840] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.696356][  T840] usb 7-1: Product: syz
[   95.698153][  T840] usb 7-1: Manufacturer: syz
[   95.700168][  T840] usb 7-1: SerialNumber: syz
[   95.707034][  T840] usb 7-1: config 0 descriptor??
[   95.937636][  T838] usb 7-1: USB disconnect, device number 6
[   96.643052][ T7287] netlink: 'syz.1.366': attribute type 7 has an invalid length.
[   96.750369][ T7290] netlink: 16 bytes leftover after parsing attributes in process `syz.0.367'.
[   96.757779][ T7290] netlink: 16 bytes leftover after parsing attributes in process `syz.0.367'.
[   96.806197][ T6004] IPVS: starting estimator thread 0...
[   96.894186][ T7294] IPVS: using max 43 ests per chain, 103200 per kthread
[   96.945059][ T7297] netlink: 'syz.0.368': attribute type 7 has an invalid length.
[   97.221338][ T7304] FAULT_INJECTION: forcing a failure.
[   97.221338][ T7304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.228315][ T7304] CPU: 1 UID: 0 PID: 7304 Comm: syz.3.371 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   97.228340][ T7304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.228350][ T7304] Call Trace:
[   97.228356][ T7304]  <TASK>
[   97.228364][ T7304]  dump_stack_lvl+0x16c/0x1f0
[   97.228389][ T7304]  should_fail_ex+0x512/0x640
[   97.228417][ T7304]  _copy_to_user+0x32/0xd0
[   97.228444][ T7304]  simple_read_from_buffer+0xcb/0x170
[   97.228474][ T7304]  proc_fail_nth_read+0x197/0x270
[   97.228501][ T7304]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.228527][ T7304]  ? rw_verify_area+0xcf/0x680
[   97.228578][ T7304]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.228604][ T7304]  vfs_read+0x1e1/0xc60
[   97.228622][ T7304]  ? fdget_pos+0x2a2/0x370
[   97.228642][ T7304]  ? __pfx_vfs_read+0x10/0x10
[   97.228655][ T7304]  ? find_held_lock+0x2b/0x80
[   97.228684][ T7304]  ? __fget_files+0x20e/0x3c0
[   97.228708][ T7304]  ksys_read+0x12a/0x250
[   97.228724][ T7304]  ? __pfx_ksys_read+0x10/0x10
[   97.228742][ T7304]  ? rcu_is_watching+0x12/0xc0
[   97.228770][ T7304]  __do_fast_syscall_32+0x7c/0x3a0
[   97.228799][ T7304]  do_fast_syscall_32+0x32/0x80
[   97.228820][ T7304]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.228841][ T7304] RIP: 0023:0xf712e579
[   97.228854][ T7304] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   97.228870][ T7304] RSP: 002b:00000000f511e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   97.228887][ T7304] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f511e620
[   97.228898][ T7304] RDX: 000000000000000f RSI: 00000000f7492ff4 RDI: 0000000000000000
[   97.228908][ T7304] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   97.228918][ T7304] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   97.228927][ T7304] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.228950][ T7304]  </TASK>
[   97.604133][ T6004] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   97.758533][ T6004] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   97.762295][ T6004] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.765838][ T6004] usb 5-1: Product: syz
[   97.767617][ T6004] usb 5-1: Manufacturer: syz
[   97.769612][ T6004] usb 5-1: SerialNumber: syz
[   97.774582][ T6004] usb 5-1: config 0 descriptor??
[   97.994493][    T9] usb 5-1: USB disconnect, device number 3
[   98.205251][ T7316] netlink: 'syz.3.375': attribute type 7 has an invalid length.
[   98.208736][ T7316] netlink: 140 bytes leftover after parsing attributes in process `syz.3.375'.
[   98.349300][ T7319] netlink: 16 bytes leftover after parsing attributes in process `syz.3.376'.
[   98.353939][ T7319] netlink: 16 bytes leftover after parsing attributes in process `syz.3.376'.
[   98.451274][ T6002] IPVS: starting estimator thread 0...
[   98.511481][ T7329] netlink: 'syz.2.377': attribute type 7 has an invalid length.
[   98.534424][ T7326] IPVS: using max 43 ests per chain, 103200 per kthread
[   98.749680][ T7341] FAULT_INJECTION: forcing a failure.
[   98.749680][ T7341] name failslab, interval 1, probability 0, space 0, times 0
[   98.753653][ T7341] CPU: 1 UID: 0 PID: 7341 Comm: syz.0.382 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[   98.753668][ T7341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.753674][ T7341] Call Trace:
[   98.753681][ T7341]  <TASK>
[   98.753685][ T7341]  dump_stack_lvl+0x16c/0x1f0
[   98.753702][ T7341]  should_fail_ex+0x512/0x640
[   98.753719][ T7341]  should_failslab+0xc2/0x120
[   98.753733][ T7341]  __kmalloc_cache_noprof+0x6a/0x3e0
[   98.753743][ T7341]  ? __pfx_sctp_get_port_local+0x10/0x10
[   98.753757][ T7341]  ? sctp_bind_addr_match+0x193/0x300
[   98.753767][ T7341]  ? sctp_add_bind_addr+0xae/0x3f0
[   98.753780][ T7341]  sctp_add_bind_addr+0xae/0x3f0
[   98.753793][ T7341]  sctp_do_bind+0x2d6/0x700
[   98.753811][ T7341]  sctp_connect_new_asoc+0x5fd/0x790
[   98.753829][ T7341]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[   98.753848][ T7341]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[   98.753865][ T7341]  sctp_sendmsg+0x15f9/0x1ee0
[   98.753889][ T7341]  ? __pfx_sctp_sendmsg+0x10/0x10
[   98.753906][ T7341]  ? __pfx___might_resched+0x10/0x10
[   98.753925][ T7341]  ? __might_fault+0xe3/0x190
[   98.753938][ T7341]  ? __pfx_aa_sk_perm+0x10/0x10
[   98.753952][ T7341]  ? __pfx_sctp_sendmsg+0x10/0x10
[   98.753972][ T7341]  inet_sendmsg+0x11c/0x140
[   98.753985][ T7341]  __sys_sendto+0x43c/0x520
[   98.753997][ T7341]  ? __pfx___sys_sendto+0x10/0x10
[   98.754030][ T7341]  ? ksys_write+0x1ac/0x250
[   98.754043][ T7341]  ? __pfx_ksys_write+0x10/0x10
[   98.754055][ T7341]  __ia32_sys_sendto+0xdd/0x1b0
[   98.754066][ T7341]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.754078][ T7341]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   98.754090][ T7341]  __do_fast_syscall_32+0x7c/0x3a0
[   98.754104][ T7341]  do_fast_syscall_32+0x32/0x80
[   98.754117][ T7341]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   98.754130][ T7341] RIP: 0023:0xf70be579
[   98.754138][ T7341] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   98.754149][ T7341] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[   98.754159][ T7341] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080847fff
[   98.754165][ T7341] RDX: 00000000000034c8 RSI: 0000000000000000 RDI: 000000008005ffe4
[   98.754171][ T7341] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[   98.754176][ T7341] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   98.754182][ T7341] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   98.754195][ T7341]  </TASK>
[   99.157814][ T7346] netlink: 'syz.2.384': attribute type 10 has an invalid length.
[   99.679914][ T7353] netlink: 16 bytes leftover after parsing attributes in process `syz.2.386'.
[   99.685030][ T7353] netlink: 16 bytes leftover after parsing attributes in process `syz.2.386'.
[   99.788878][ T7362] netlink: 'syz.2.391': attribute type 7 has an invalid length.
[   99.823823][ T7366] ieee802154 phy0 wpan0: encryption failed: -22
[   99.835190][ T7370] ieee802154 phy0 wpan0: encryption failed: -22
[   99.872314][ T7368] netfs: Couldn't get user pages (rc=-14)
[  100.207489][ T7383] loop9: detected capacity change from 0 to 8
[  100.214249][ T5942]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  100.216176][ T5942] loop9: partition table partially beyond EOD, truncated
[  100.219809][ T5942] loop9: p1 size 81768186 extends beyond EOD, truncated
[  100.232159][ T7383]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  100.240274][ T7383] loop9: partition table partially beyond EOD, truncated
[  100.244451][ T7383] loop9: p1 size 81768186 extends beyond EOD, truncated
[  100.269611][ T7383] binder: 7382:7383 ioctl c0306201 80000540 returned -14
[  100.421136][ T7384] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  100.423867][ T7384] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  100.449819][ T7384] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  100.694186][   T10] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  100.845729][   T10] usb 8-1: Using ep0 maxpacket: 8
[  100.848838][   T10] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8
[  100.851958][   T10] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  100.866364][   T10] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  100.869427][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.872073][   T10] usb 8-1: Product: syz
[  100.873513][   T10] usb 8-1: Manufacturer: syz
[  100.888710][   T10] usb 8-1: SerialNumber: syz
[  100.933636][   T40] audit: type=1326 audit(1748571275.487:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  100.964129][   T40] audit: type=1326 audit(1748571275.487:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  100.971384][   T40] audit: type=1326 audit(1748571275.487:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  100.994583][   T40] audit: type=1326 audit(1748571275.487:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  101.002382][   T40] audit: type=1326 audit(1748571275.487:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  101.018990][   T40] audit: type=1326 audit(1748571275.487:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  101.027925][   T40] audit: type=1326 audit(1748571275.487:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  101.036839][   T40] audit: type=1326 audit(1748571275.487:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7ff25a7 code=0x7ffc0000
[  101.045822][   T40] audit: type=1326 audit(1748571275.487:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=301 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  101.054863][   T40] audit: type=1326 audit(1748571275.487:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  101.125074][   T10] cdc_ncm 8-1:1.0: bind() failure
[  101.130402][   T10] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  101.132611][   T10] cdc_ncm 8-1:1.1: bind() failure
[  101.163132][   T10] usb 8-1: USB disconnect, device number 5
[  102.326700][ T7431] 9pnet: Unknown protocol version 9p20\++}
[  102.435304][   T63] Bluetooth: hci3: command 0x0c1a tx timeout
[  102.777403][ T7437] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  102.780451][ T7437] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  102.841636][ T7437] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  103.416411][   T10] IPVS: starting estimator thread 0...
[  103.429356][ T7452] netlink: 48 bytes leftover after parsing attributes in process `syz.1.416'.
[  103.504112][ T7451] IPVS: using max 43 ests per chain, 103200 per kthread
[  103.708813][ T7458] input: syz1 as /devices/virtual/input/input10
[  103.787069][ T7462] netlink: 4 bytes leftover after parsing attributes in process `syz.2.421'.
[  103.789795][ T7462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.421'.
[  104.044510][ T7471] netlink: 'syz.3.423': attribute type 1 has an invalid length.
[  104.047107][ T7471] netlink: 224 bytes leftover after parsing attributes in process `syz.3.423'.
[  104.517595][   T63] Bluetooth: hci3: command 0x0c1a tx timeout
[  104.789209][ T7485] netlink: 'syz.0.428': attribute type 10 has an invalid length.
[  104.792150][ T7485] netlink: 40 bytes leftover after parsing attributes in process `syz.0.428'.
[  104.797170][ T7485] batadv0: entered promiscuous mode
[  104.799593][ T7485] batadv0: entered allmulticast mode
[  104.801730][ T7485] bridge0: port 3(batadv0) entered blocking state
[  104.803872][ T7485] bridge0: port 3(batadv0) entered disabled state
[  104.808131][ T7485] bridge0: port 3(batadv0) entered blocking state
[  104.810386][ T7485] bridge0: port 3(batadv0) entered forwarding state
[  104.815333][ T7485] batman_adv: batadv0: Adding interface: dummy0
[  104.817642][ T7485] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.827288][ T7485] batman_adv: batadv0: Interface activated: dummy0
[  104.840318][ T7485] batadv0: mtu less than device minimum
[  104.843934][ T7485] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  104.849533][ T7485] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  104.854924][ T7485] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  104.860366][ T7485] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  104.865707][ T7485] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  104.871083][ T7485] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  104.876551][ T7485] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  104.881519][ T7485] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  104.885407][ T7485] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.065210][   T13] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  105.069377][   T13] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  105.832593][ T7513] netlink: 'syz.1.435': attribute type 1 has an invalid length.
[  106.514239][ T5983] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  106.594151][   T63] Bluetooth: hci3: command 0x0c1a tx timeout
[  106.674999][ T5983] usb 6-1: Using ep0 maxpacket: 8
[  106.678709][ T5983] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  106.682178][ T5983] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  106.685293][ T5983] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.690282][ T5983] usb 6-1: config 0 descriptor??
[  106.909173][ T5983] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  106.916579][ T5983] usb 6-1: USB disconnect, device number 4
[  106.925968][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  106.925979][   T40] audit: type=1326 audit(1748571281.477:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.1.443" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  106.934907][   T40] audit: type=1326 audit(1748571281.477:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.1.443" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  106.941600][   T40] audit: type=1326 audit(1748571281.477:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.1.443" exe="/syz-executor" sig=0 arch=40000003 syscall=30 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  106.948923][   T40] audit: type=1326 audit(1748571281.477:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.1.443" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  106.955931][   T40] audit: type=1326 audit(1748571281.477:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.1.443" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  108.128191][ T7577] lo speed is unknown, defaulting to 1000
[  108.397364][ T5305] Bluetooth: hci3: unexpected event for opcode 0x0413
[  110.027778][ T7611] syz.2.466 (7611) used greatest stack depth: 19624 bytes left
[  110.139207][ T7635] warning: `syz.0.479' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  110.208590][ T7635] netlink: 'syz.0.479': attribute type 3 has an invalid length.
[  110.355776][ T7642] FAULT_INJECTION: forcing a failure.
[  110.355776][ T7642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.359981][ T7642] CPU: 3 UID: 0 PID: 7642 Comm: syz.0.474 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[  110.359996][ T7642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.360003][ T7642] Call Trace:
[  110.360007][ T7642]  <TASK>
[  110.360011][ T7642]  dump_stack_lvl+0x16c/0x1f0
[  110.360029][ T7642]  should_fail_ex+0x512/0x640
[  110.360046][ T7642]  _copy_to_user+0x32/0xd0
[  110.360063][ T7642]  simple_read_from_buffer+0xcb/0x170
[  110.360081][ T7642]  proc_fail_nth_read+0x197/0x270
[  110.360097][ T7642]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  110.360113][ T7642]  ? rw_verify_area+0xcf/0x680
[  110.360128][ T7642]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  110.360144][ T7642]  vfs_read+0x1e1/0xc60
[  110.360154][ T7642]  ? fdget_pos+0x2a2/0x370
[  110.360167][ T7642]  ? __pfx_vfs_read+0x10/0x10
[  110.360175][ T7642]  ? find_held_lock+0x2b/0x80
[  110.360193][ T7642]  ? __fget_files+0x20e/0x3c0
[  110.360206][ T7642]  ksys_read+0x12a/0x250
[  110.360216][ T7642]  ? __pfx_ksys_read+0x10/0x10
[  110.360227][ T7642]  ? rcu_is_watching+0x12/0xc0
[  110.360243][ T7642]  __do_fast_syscall_32+0x7c/0x3a0
[  110.360257][ T7642]  do_fast_syscall_32+0x32/0x80
[  110.360269][ T7642]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  110.360283][ T7642] RIP: 0023:0xf70be579
[  110.360291][ T7642] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  110.360301][ T7642] RSP: 002b:00000000f50ae590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  110.360311][ T7642] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50ae620
[  110.360317][ T7642] RDX: 000000000000000f RSI: 00000000f7422ff4 RDI: 0000000000000000
[  110.360323][ T7642] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  110.360329][ T7642] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  110.360334][ T7642] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  110.360347][ T7642]  </TASK>
[  110.443125][ T7644] usb 2-1: USB disconnect, device number 3
[  110.854700][ T7657] netlink: 'syz.3.477': attribute type 7 has an invalid length.
[  110.939327][ T7644] hub 2-0:1.0: USB hub found
[  110.941278][ T7644] hub 2-0:1.0: 6 ports detected
[  111.124147][ T1469] usb 2-1: new high-speed USB device number 4 using ehci-pci
[  111.318379][ T1469] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  111.321212][ T1469] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  111.324698][ T1469] usb 2-1: Product: QEMU USB Tablet
[  111.327324][ T1469] usb 2-1: Manufacturer: QEMU
[  111.328915][ T1469] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  111.347992][ T1469] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0004/input/input11
[  111.407067][ T1469] hid-generic 0003:0627:0001.0004: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  111.794712][    C3] net_ratelimit: 14 callbacks suppressed
[  111.794722][    C3] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1c
[  111.822611][ T7686] netfs: Couldn't get user pages (rc=-14)
[  112.053285][   T40] audit: type=1107 audit(1748571286.617:109): pid=7691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='�'
[  112.437539][ T5305] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  112.441234][ T5305] Bluetooth: hci3: Injecting HCI hardware error event
[  112.920361][ T7704] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  112.924497][ T7704] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  113.133543][ T7707] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  113.138070][   T40] audit: type=1804 audit(1748571287.697:110): pid=7707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.493" name="/newroot/148/file0" dev="tmpfs" ino=824 res=1 errno=0
[  113.150395][ T7707] ref_ctr increment failed for inode: 0x338 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804f378ac0
[  113.255970][ T7714] FAULT_INJECTION: forcing a failure.
[  113.255970][ T7714] name failslab, interval 1, probability 0, space 0, times 0
[  113.261162][ T7714] CPU: 3 UID: 0 PID: 7714 Comm: syz.3.495 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[  113.261177][ T7714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.261183][ T7714] Call Trace:
[  113.261187][ T7714]  <TASK>
[  113.261192][ T7714]  dump_stack_lvl+0x16c/0x1f0
[  113.261207][ T7714]  should_fail_ex+0x512/0x640
[  113.261222][ T7714]  ? fs_reclaim_acquire+0xae/0x150
[  113.261240][ T7714]  should_failslab+0xc2/0x120
[  113.261253][ T7714]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  113.261266][ T7714]  ? ima_inode_get+0x120/0x580
[  113.261284][ T7714]  ima_inode_get+0x120/0x580
[  113.261307][ T7714]  process_measurement+0x585/0x23e0
[  113.261329][ T7714]  ? _kstrtoull+0x145/0x200
[  113.261355][ T7714]  ? __pfx_process_measurement+0x10/0x10
[  113.261388][ T7714]  ? get_pid_task+0x106/0x250
[  113.261400][ T7714]  ? proc_fail_nth_write+0x9f/0x250
[  113.261415][ T7714]  ? find_held_lock+0x2b/0x80
[  113.261432][ T7714]  ima_file_mmap+0x1b1/0x1d0
[  113.261446][ T7714]  ? __pfx_ima_file_mmap+0x10/0x10
[  113.261459][ T7714]  ? __lock_acquire+0x622/0x1c90
[  113.261473][ T7714]  security_mmap_file+0x88c/0x990
[  113.261487][ T7714]  vm_mmap_pgoff+0xec/0x450
[  113.261503][ T7714]  ? find_held_lock+0x2b/0x80
[  113.261515][ T7714]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  113.261532][ T7714]  ? __fget_files+0x20e/0x3c0
[  113.261545][ T7714]  ksys_mmap_pgoff+0x32c/0x5c0
[  113.261560][ T7714]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  113.261576][ T7714]  __do_fast_syscall_32+0x7c/0x3a0
[  113.261602][ T7714]  do_fast_syscall_32+0x32/0x80
[  113.261615][ T7714]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  113.261628][ T7714] RIP: 0023:0xf712e579
[  113.261637][ T7714] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  113.261650][ T7714] RSP: 002b:00000000f511e55c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  113.261661][ T7714] RAX: ffffffffffffffda RBX: 0000000080ffc000 RCX: 0000000000004000
[  113.261667][ T7714] RDX: 000000000000001f RSI: 0000000000000012 RDI: 0000000000000004
[  113.261673][ T7714] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  113.261678][ T7714] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  113.261684][ T7714] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  113.261697][ T7714]  </TASK>
[  113.262041][ T7714] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  113.357189][ T7714] ref_ctr increment failed for inode: 0x295 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804f33b5c0
[  113.398471][ T7718] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  113.516630][ T7721] 9pnet_virtio: no channels available for device syz
[  113.550116][ T7724] netlink: 12 bytes leftover after parsing attributes in process `syz.2.500'.
[  113.778022][ T7729] netlink: 'syz.1.501': attribute type 7 has an invalid length.
[  114.097580][ T7736] smb3: Unknown parameter 'nocase��24I'
[  114.411193][ T7753] overlayfs: missing 'workdir'
[  115.675010][ T7806] 9pnet_virtio: no channels available for device syz
[  115.774807][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  115.927140][    T9] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  115.930170][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.932617][    T9] usb 5-1: Product: syz
[  115.934108][    T9] usb 5-1: Manufacturer: syz
[  115.935661][    T9] usb 5-1: SerialNumber: syz
[  115.942600][    T9] usb 5-1: config 0 descriptor??
[  116.151723][ T1469] usb 5-1: USB disconnect, device number 4
[  116.235864][ T7814] netlink: 'syz.3.526': attribute type 4 has an invalid length.
[  116.251046][ T7814] netlink: 'syz.3.526': attribute type 4 has an invalid length.
[  116.635978][ T7818] 9pnet_virtio: no channels available for device syz
[  117.884464][ T7854] netlink: 4 bytes leftover after parsing attributes in process `syz.1.537'.
[  117.945656][ T7854] bridge_slave_1: left allmulticast mode
[  117.947458][ T7854] bridge_slave_1: left promiscuous mode
[  117.950323][ T7854] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.958930][ T7854] bridge_slave_0: left allmulticast mode
[  117.961343][ T7854] bridge_slave_0: left promiscuous mode
[  117.963873][ T7854] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.225074][ T7856] ip6erspan0: entered promiscuous mode
[  118.333197][ T7859] netfs: Couldn't get user pages (rc=-14)
[  118.602406][ T7877] netlink: 32 bytes leftover after parsing attributes in process `syz.3.544'.
[  118.642086][ T7880] netlink: 'syz.1.542': attribute type 7 has an invalid length.
[  118.914452][ T7886] lo speed is unknown, defaulting to 1000
[  119.797112][ T7899] netlink: 12 bytes leftover after parsing attributes in process `syz.2.550'.
[  119.865210][ T7900] 9pnet_virtio: no channels available for device syz
[  120.767535][ T7918] cgroup: Bad value for 'name'
[  121.057523][ T7928] netlink: 12 bytes leftover after parsing attributes in process `syz.3.561'.
[  121.269731][ T7932] ip6t_rpfilter: unknown options
[  121.308208][ T7934] 9pnet_virtio: no channels available for device syz
[  121.571068][ T7940] netlink: 12 bytes leftover after parsing attributes in process `syz.1.566'.
[  121.573846][ T7940] netlink: 12 bytes leftover after parsing attributes in process `syz.1.566'.
[  121.699523][ T7945] blktrace: Concurrent blktraces are not allowed on sg0
[  121.749605][ T7951] netlink: 16 bytes leftover after parsing attributes in process `syz.0.565'.
[  121.761194][ T7952] 8021q: adding VLAN 0 to HW filter on device bond1
[  121.892191][ T7961] netlink: 'syz.0.571': attribute type 7 has an invalid length.
[  122.167550][   T40] audit: type=1326 audit(1748571296.737:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.176034][   T40] audit: type=1326 audit(1748571296.737:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.183985][   T40] audit: type=1326 audit(1748571296.737:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=30 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.191466][   T40] audit: type=1326 audit(1748571296.737:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.198380][   T40] audit: type=1326 audit(1748571296.737:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.206346][   T40] audit: type=1326 audit(1748571296.737:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.214624][   T40] audit: type=1326 audit(1748571296.737:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.221230][   T40] audit: type=1326 audit(1748571296.737:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.228924][   T40] audit: type=1326 audit(1748571296.737:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.235656][   T40] audit: type=1326 audit(1748571296.737:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.2.573" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  122.270375][ T5305] Bluetooth: hci3: unexpected event for opcode 0x0c20
[  123.049939][ T6980] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.052380][ T6980] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.328559][ T8016] netlink: 12 bytes leftover after parsing attributes in process `syz.1.585'.
[  124.477610][ T8042] batman_adv: batadv0: Interface deactivated: dummy0
[  124.479749][ T8042] batman_adv: batadv0: Removing interface: dummy0
[  124.482849][ T8042] bridge0: port 3(batadv0) entered disabled state
[  124.516489][ T8042] bridge_slave_0: left allmulticast mode
[  124.518314][ T8042] bridge_slave_0: left promiscuous mode
[  124.520664][ T8042] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.547267][ T8043] netlink: 'syz.0.594': attribute type 10 has an invalid length.
[  124.552865][ T8042] bridge_slave_1: left allmulticast mode
[  124.555006][ T8042] bridge_slave_1: left promiscuous mode
[  124.557168][ T8042] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.576596][ T8042] bond0: (slave bond_slave_0): Releasing backup interface
[  124.585052][ T8042] bond0: (slave bond_slave_1): Releasing backup interface
[  124.601525][ T8042] team0: Port device team_slave_0 removed
[  124.613725][ T8042] team0: Port device team_slave_1 removed
[  124.617049][ T8042] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.620041][ T8042] batman_adv: batadv0: Removing interface: batadv_slave_0
[  124.623813][ T8042] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.627142][ T8042] batman_adv: batadv0: Removing interface: batadv_slave_1
[  124.668888][ T8043] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  125.286509][ T8061] wg1: entered promiscuous mode
[  125.288105][ T8061] wg1: entered allmulticast mode
[  125.355038][ T8064] tracefs: Bad value for 'uid'
[  125.356574][ T8064] tracefs: Bad value for 'uid'
[  126.035328][ T8078] netlink: 'syz.3.605': attribute type 7 has an invalid length.
[  126.487338][ T8094] netlink: 'syz.1.610': attribute type 1 has an invalid length.
[  126.752894][ T8099] netlink: 12 bytes leftover after parsing attributes in process `syz.0.612'.
[  126.760499][ T8099] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  126.764465][ T8099] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  126.768075][ T8099] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  126.771673][ T8099] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  126.914267][ T8099] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  126.917787][ T8099] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  126.920847][ T8099] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  126.923745][ T8099] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  127.245591][ T8106] ip6erspan0: entered promiscuous mode
[  127.283435][ T8108] netlink: 'syz.3.615': attribute type 7 has an invalid length.
[  127.876114][ T8127] FAULT_INJECTION: forcing a failure.
[  127.876114][ T8127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.895843][ T8127] CPU: 3 UID: 0 PID: 8127 Comm: syz.0.621 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[  127.895871][ T8127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  127.895880][ T8127] Call Trace:
[  127.895887][ T8127]  <TASK>
[  127.895893][ T8127]  dump_stack_lvl+0x16c/0x1f0
[  127.895917][ T8127]  should_fail_ex+0x512/0x640
[  127.895944][ T8127]  _copy_from_user+0x2e/0xd0
[  127.895968][ T8127]  __sys_bpf+0x21d/0x4d80
[  127.895992][ T8127]  ? __pfx___sys_bpf+0x10/0x10
[  127.896013][ T8127]  ? ksys_write+0x190/0x250
[  127.896033][ T8127]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  127.896068][ T8127]  ? fput+0x70/0xf0
[  127.896086][ T8127]  ? ksys_write+0x1ac/0x250
[  127.896101][ T8127]  ? __pfx_ksys_write+0x10/0x10
[  127.896121][ T8127]  __ia32_sys_bpf+0x76/0xe0
[  127.896144][ T8127]  __do_fast_syscall_32+0x7c/0x3a0
[  127.896166][ T8127]  do_fast_syscall_32+0x32/0x80
[  127.896185][ T8127]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  127.896205][ T8127] RIP: 0023:0xf70be579
[  127.896217][ T8127] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  127.896233][ T8127] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  127.896249][ T8127] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000140
[  127.896278][ T8127] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000000
[  127.896287][ T8127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  127.896296][ T8127] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  127.896306][ T8127] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  127.896327][ T8127]  </TASK>
[  128.550580][ T8145] FAULT_INJECTION: forcing a failure.
[  128.550580][ T8145] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  128.556064][ T8145] CPU: 1 UID: 0 PID: 8145 Comm: syz.2.627 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[  128.556085][ T8145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  128.556095][ T8145] Call Trace:
[  128.556101][ T8145]  <TASK>
[  128.556108][ T8145]  dump_stack_lvl+0x16c/0x1f0
[  128.556131][ T8145]  should_fail_ex+0x512/0x640
[  128.556156][ T8145]  _copy_from_user+0x2e/0xd0
[  128.556179][ T8145]  compat_wext_handle_ioctl+0xc0/0x310
[  128.556199][ T8145]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  128.556218][ T8145]  ? __pfx_compat_wext_handle_ioctl+0x10/0x10
[  128.556237][ T8145]  ? unix_ioctl+0xf0/0x5e0
[  128.556291][ T8145]  compat_sock_ioctl+0x320/0x730
[  128.556317][ T8145]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  128.556338][ T8145]  ? hook_file_ioctl_common+0x145/0x410
[  128.556357][ T8145]  ? __fget_files+0x20e/0x3c0
[  128.556371][ T8145]  ? fput+0x60/0xf0
[  128.556394][ T8145]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  128.556429][ T8145]  __ia32_compat_sys_ioctl+0x23f/0x370
[  128.556462][ T8145]  __do_fast_syscall_32+0x7c/0x3a0
[  128.556483][ T8145]  do_fast_syscall_32+0x32/0x80
[  128.556501][ T8145]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  128.556521][ T8145] RIP: 0023:0xf7fc1579
[  128.556533][ T8145] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  128.556548][ T8145] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  128.556563][ T8145] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000008b14
[  128.556573][ T8145] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  128.556583][ T8145] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  128.556592][ T8145] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  128.556601][ T8145] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  128.556621][ T8145]  </TASK>
[  128.644092][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  128.644103][   T40] audit: type=1326 audit(1748571303.207:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.652633][   T40] audit: type=1326 audit(1748571303.207:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=232 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.660866][   T40] audit: type=1326 audit(1748571303.207:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.667896][   T40] audit: type=1326 audit(1748571303.207:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.674954][   T40] audit: type=1326 audit(1748571303.207:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.681938][   T40] audit: type=1326 audit(1748571303.207:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.688591][   T40] audit: type=1326 audit(1748571303.207:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.696531][   T40] audit: type=1326 audit(1748571303.217:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.703420][   T40] audit: type=1326 audit(1748571303.217:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.712889][   T40] audit: type=1326 audit(1748571303.217:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8148 comm="syz.0.628" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.743479][ T8156] netlink: 'syz.1.626': attribute type 7 has an invalid length.
[  129.433587][ T8165] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  129.510478][ T8170] netlink: 196 bytes leftover after parsing attributes in process `syz.3.634'.
[  129.519083][ T5305] Bluetooth: hci3: unexpected event for opcode 0x200f
[  129.558960][ T8174] overlayfs: missing 'workdir'
[  129.570697][ T8175] bond0: (slave bond_slave_0): Releasing backup interface
[  129.578098][ T8175] bond0: (slave bond_slave_1): Releasing backup interface
[  129.613990][ T8175] team0: Port device team_slave_0 removed
[  129.625612][ T8175] team0: Port device team_slave_1 removed
[  129.634812][ T8175] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  129.636836][ T8177] netlink: 'syz.1.632': attribute type 10 has an invalid length.
[  129.637239][ T8175] batman_adv: batadv0: Removing interface: batadv_slave_0
[  129.653766][ T8175] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  129.660073][ T8175] batman_adv: batadv0: Removing interface: batadv_slave_1
[  129.686648][    T9] lo speed is unknown, defaulting to 1000
[  129.691817][ T8177] mac80211_hwsim hwsim7 wlan1: left allmulticast mode
[  129.701611][ T8177] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  131.438643][ T8215] random: crng reseeded on system resumption
[  131.869449][ T8223] fuse: Bad value for 'group_id'
[  131.871551][ T8223] fuse: Bad value for 'group_id'
[  132.189223][ T8232] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  132.270219][ T8234] bridge_slave_0: left allmulticast mode
[  132.272628][ T8234] bridge_slave_0: left promiscuous mode
[  132.275555][ T8234] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.280635][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  132.282738][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  132.309845][ T8234] bridge_slave_1: left allmulticast mode
[  132.312281][ T8234] bridge_slave_1: left promiscuous mode
[  132.325503][ T8234] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.352282][ T8235] netlink: 'syz.3.652': attribute type 10 has an invalid length.
[  132.358403][ T8234] bond0: (slave bond_slave_0): Releasing backup interface
[  132.387860][ T8234] bond0: (slave bond_slave_1): Releasing backup interface
[  132.410972][ T8234] team0: Port device team_slave_0 removed
[  132.450986][ T8234] team0: Port device team_slave_1 removed
[  132.456670][ T8234] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.459893][ T8234] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.501649][ T8234] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.516855][ T8234] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.539521][ T8235] mac80211_hwsim hwsim5 wlan1: left allmulticast mode
[  132.557224][ T8235] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  132.764138][   T29] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  132.904196][   T29] usb 7-1: device descriptor read/64, error -71
[  132.907806][ T8247] netlink: 'syz.0.656': attribute type 7 has an invalid length.
[  133.144176][   T29] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  133.274117][   T29] usb 7-1: device descriptor read/64, error -71
[  133.294160][    T9] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  133.362685][ T8258] 9pnet_fd: Insufficient options for proto=fd
[  133.384367][   T29] usb usb7-port1: attempt power cycle
[  133.399983][ T8258] vlan2: entered allmulticast mode
[  133.402313][ T8258] bond0: entered allmulticast mode
[  133.404708][ T8258] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  133.458159][    T9] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  133.461804][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.465301][    T9] usb 8-1: Product: syz
[  133.467008][    T9] usb 8-1: Manufacturer: syz
[  133.468831][    T9] usb 8-1: SerialNumber: syz
[  133.474703][    T9] usb 8-1: config 0 descriptor??
[  133.564578][ T5305] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  133.567339][ T5305] Bluetooth: hci3: Injecting HCI hardware error event
[  133.645510][ T8270] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.664'.
[  133.683984][ T5983] usb 8-1: USB disconnect, device number 6
[  133.764479][   T29] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  133.794845][   T29] usb 7-1: device descriptor read/8, error -71
[  134.044232][   T29] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  134.064983][   T29] usb 7-1: device descriptor read/8, error -71
[  134.174593][   T29] usb usb7-port1: unable to enumerate USB device
[  134.418445][ T8284] input: syz1 as /devices/virtual/input/input12
[  134.431464][ T8284] netlink: 32 bytes leftover after parsing attributes in process `syz.3.668'.
[  134.435175][ T8284] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  134.437702][ T8284] IPv6: NLM_F_CREATE should be set when creating new route
[  134.439944][ T8284] IPv6: NLM_F_CREATE should be set when creating new route
[  134.445373][ T8284] netlink: 32 bytes leftover after parsing attributes in process `syz.3.668'.
[  134.448154][ T8284] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  134.591557][ T8288] FAULT_INJECTION: forcing a failure.
[  134.591557][ T8288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.596325][ T8288] CPU: 3 UID: 0 PID: 8288 Comm: syz.3.669 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[  134.596339][ T8288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.596346][ T8288] Call Trace:
[  134.596350][ T8288]  <TASK>
[  134.596354][ T8288]  dump_stack_lvl+0x16c/0x1f0
[  134.596370][ T8288]  should_fail_ex+0x512/0x640
[  134.596388][ T8288]  _copy_to_user+0x32/0xd0
[  134.596405][ T8288]  simple_read_from_buffer+0xcb/0x170
[  134.596424][ T8288]  proc_fail_nth_read+0x197/0x270
[  134.596440][ T8288]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  134.596456][ T8288]  ? rw_verify_area+0xcf/0x680
[  134.596472][ T8288]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  134.596487][ T8288]  vfs_read+0x1e1/0xc60
[  134.596498][ T8288]  ? fdget_pos+0x2a2/0x370
[  134.596510][ T8288]  ? __pfx_vfs_read+0x10/0x10
[  134.596518][ T8288]  ? find_held_lock+0x2b/0x80
[  134.596536][ T8288]  ? __fget_files+0x20e/0x3c0
[  134.596549][ T8288]  ksys_read+0x12a/0x250
[  134.596559][ T8288]  ? __pfx_ksys_read+0x10/0x10
[  134.596570][ T8288]  ? rcu_is_watching+0x12/0xc0
[  134.596586][ T8288]  __do_fast_syscall_32+0x7c/0x3a0
[  134.596600][ T8288]  do_fast_syscall_32+0x32/0x80
[  134.596613][ T8288]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.596626][ T8288] RIP: 0023:0xf712e579
[  134.596639][ T8288] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.596649][ T8288] RSP: 002b:00000000f511e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  134.596660][ T8288] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f511e620
[  134.596666][ T8288] RDX: 000000000000000f RSI: 00000000f7492ff4 RDI: 0000000000000000
[  134.596672][ T8288] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  134.596678][ T8288] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  134.596684][ T8288] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.596696][ T8288]  </TASK>
[  134.789988][ T8290] netlink: 32 bytes leftover after parsing attributes in process `syz.3.670'.
[  135.291783][ T8296] netlink: 24 bytes leftover after parsing attributes in process `syz.1.672'.
[  135.414601][ T8301] netlink: 'syz.1.674': attribute type 4 has an invalid length.
[  135.864662][ T8293] FAULT_INJECTION: forcing a failure.
[  135.864662][ T8293] name fail_futex, interval 1, probability 0, space 0, times 1
[  135.869159][ T8293] CPU: 1 UID: 0 PID: 8293 Comm: syz.0.671 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[  135.869183][ T8293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.869193][ T8293] Call Trace:
[  135.869200][ T8293]  <TASK>
[  135.869207][ T8293]  dump_stack_lvl+0x16c/0x1f0
[  135.869227][ T8293]  should_fail_ex+0x512/0x640
[  135.869245][ T8293]  get_futex_key+0x293/0x1540
[  135.869263][ T8293]  ? __pfx_get_futex_key+0x10/0x10
[  135.869279][ T8293]  ? __mutex_trylock_common+0xe9/0x250
[  135.869294][ T8293]  futex_wake+0xea/0x530
[  135.869307][ T8293]  ? __pfx_futex_wake+0x10/0x10
[  135.869317][ T8293]  ? __lock_acquire+0xb8a/0x1c90
[  135.869333][ T8293]  do_futex+0x1e3/0x350
[  135.869350][ T8293]  ? __pfx_do_futex+0x10/0x10
[  135.869364][ T8293]  ? __might_fault+0xe3/0x190
[  135.869380][ T8293]  mm_release+0x24e/0x300
[  135.869396][ T8293]  do_exit+0x901/0x2c70
[  135.869410][ T8293]  ? __pfx_do_exit+0x10/0x10
[  135.869420][ T8293]  ? do_raw_spin_lock+0x12c/0x2b0
[  135.869432][ T8293]  ? find_held_lock+0x2b/0x80
[  135.869448][ T8293]  do_group_exit+0xd3/0x2a0
[  135.869465][ T8293]  get_signal+0x2673/0x26d0
[  135.869483][ T8293]  ? hrtimer_try_to_cancel+0x3a/0x2f0
[  135.869499][ T8293]  ? __pfx_get_signal+0x10/0x10
[  135.869513][ T8293]  ? futex_wait+0x120/0x380
[  135.869524][ T8293]  ? __pfx_futex_wait+0x10/0x10
[  135.869538][ T8293]  arch_do_signal_or_restart+0x8f/0x790
[  135.869554][ T8293]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  135.869574][ T8293]  ? __pfx_futex_wait_restart+0x10/0x10
[  135.869585][ T8293]  ? syscall_trace_enter+0x1cb/0x260
[  135.869601][ T8293]  exit_to_user_mode_loop+0x84/0x110
[  135.869614][ T8293]  do_int80_emulation+0x352/0x460
[  135.869628][ T8293]  asm_int80_emulation+0x1a/0x20
[  135.869639][ T8293] RIP: 0023:0xf70be579
[  135.869648][ T8293] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.869658][ T8293] RSP: 002b:00000000f50ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000000
[  135.869668][ T8293] RAX: fffffffffffffdfc RBX: 000000008000cffc RCX: 0000000000000000
[  135.869675][ T8293] RDX: 0000000000000004 RSI: 0000000080edfff0 RDI: 0000000000000000
[  135.869681][ T8293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.869686][ T8293] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  135.869692][ T8293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.869705][ T8293]  </TASK>
[  135.938183][ T8310] netlink: 'syz.3.677': attribute type 7 has an invalid length.
[  135.940096][   T29] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  136.121480][   T29] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  136.128104][   T29] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.131661][   T29] usb 7-1: Product: syz
[  136.133504][   T29] usb 7-1: Manufacturer: syz
[  136.138865][   T29] usb 7-1: SerialNumber: syz
[  136.143082][   T29] usb 7-1: config 0 descriptor??
[  136.351287][   T29] usb 7-1: USB disconnect, device number 11
[  137.220002][ T8326] blktrace: Concurrent blktraces are not allowed on sg0
[  138.946060][ T8354] netlink: 12 bytes leftover after parsing attributes in process `syz.1.689'.
[  139.361909][ T8359] xt_CT: No such helper "syz1"
[  139.432768][ T5305] Bluetooth: hci3: unexpected event for opcode 0x0413
[  139.495389][ T8361] /dev/sr0: Can't open blockdev
[  139.592272][ T8377] netfs: Couldn't get user pages (rc=-14)
[  139.685646][ T8387] netlink: 'syz.3.702': attribute type 1 has an invalid length.
[  139.704700][ T8387] bond2: entered promiscuous mode
[  139.707707][ T8387] 8021q: adding VLAN 0 to HW filter on device bond2
[  139.751200][ T8387] bond2: (slave veth3): making interface the new active one
[  139.754565][ T8387] veth3: entered promiscuous mode
[  139.757292][ T8387] bond2: (slave veth3): Enslaving as an active interface with an up link
[  139.984510][ T5983] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  140.016305][ T8403] sd 0:0:0:0: PR command failed: 1026
[  140.018832][ T8403] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[  140.021812][ T8403] sd 0:0:0:0: Add. Sense: Invalid command operation code
[  140.138310][ T5983] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  140.144691][ T5983] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.147576][ T5983] usb 5-1: Product: syz
[  140.148959][ T5983] usb 5-1: Manufacturer: syz
[  140.150482][ T5983] usb 5-1: SerialNumber: syz
[  140.159566][ T5983] usb 5-1: config 0 descriptor??
[  140.366156][ T5983] usb 5-1: USB disconnect, device number 5
[  141.102673][ T8420] netlink: 'syz.1.711': attribute type 7 has an invalid length.
[  141.839449][ T8434] netlink: 'syz.2.714': attribute type 10 has an invalid length.
[  141.842535][ T8434] netlink: 40 bytes leftover after parsing attributes in process `syz.2.714'.
[  141.920999][ T8434] team0: Port device geneve0 added
[  142.682550][ T8451] ip6erspan0: entered promiscuous mode
[  143.087121][ T8461] blktrace: Concurrent blktraces are not allowed on sg0
[  143.486013][ T5305] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  143.492434][ T5305] Bluetooth: hci3: Injecting HCI hardware error event
[  143.714237][   T10] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  143.887202][   T10] usb 5-1: not running at top speed; connect to a high speed hub
[  143.890962][   T10] usb 5-1: config 1 interface 0 altsetting 202 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  143.894624][   T10] usb 5-1: config 1 interface 0 altsetting 202 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  143.898703][   T10] usb 5-1: config 1 interface 0 has no altsetting 0
[  143.901472][   T10] usb 5-1: language id specifier not provided by device, defaulting to English
[  143.905745][   T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  143.909353][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.912787][   T10] usb 5-1: Product: 匟ꟽ鄌鳠撆ﻞ鵢䛕⅙斅釗੸穅붃埽栲ர䯠Ｅ꿽戣ᒅ瘨य㱽戄辈騂﾿铩儁启쀲㉁峈꼂ꅊ붆̇䫣뽢뒒ொആ
[  143.918383][   T10] usb 5-1: Manufacturer: 鿿뎫㪅⊛膪땬睕淈䙖㤉⭪ຈ渒箌䜈젞ᘌ邫㞗烟ត⬱輸ᱷ旃忂ͷ䮜掓御誒뭝⺰䍖赞藄垉譣岑䛃읖풚玜ꗐ鑺浪䗢唪鄺⊹镽蟧跬뾗ꉭ港ླ暼썢㙕쬖魙ฯ⇙
[  143.926631][   T10] usb 5-1: SerialNumber: ﹔蚊஧䖰鷛蚻抂鈰鑧켊䧀累ᵄի⾷ஏ꧆Ɉ䱥ꛊ뙅蓎᮹㒢㈊譐庋ܩ伀
[  143.933898][ T8469] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  144.178030][   T10] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 202 proto 1 vid 0x0525 pid 0xA4A8
[  144.182721][   T10] usb 5-1: USB disconnect, device number 6
[  144.186496][   T10] usblp0: removed
[  144.275275][ T8477] random: crng reseeded on system resumption
[  145.436621][ T8480] ceph: No mds server is up or the cluster is laggy
[  145.437864][ T8488] omfs: Unknown parameter 'discard'
[  146.018479][ T8496] 9pnet_virtio: no channels available for device syz
[  146.647319][ T8510] blktrace: Concurrent blktraces are not allowed on sg0
[  146.772386][ T8514] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.736'.
[  146.884731][ T8518] Trying to write to read-only block-device nullb0
[  147.303861][ T8527] fuse: Bad value for 'group_id'
[  147.306661][ T8527] fuse: Bad value for 'group_id'
[  147.758970][ T8536] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  147.762174][ T8536] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  148.072779][ T8546] netlink: 'syz.2.745': attribute type 7 has an invalid length.
[  148.274380][   T63] Bluetooth: hci3: hardware error 0x00
[  148.277851][ T5983] ------------[ cut here ]------------
[  148.280452][ T5983] workqueue: cannot queue hci_conn_timeout on wq hci3
[  148.283278][ T5983] WARNING: CPU: 3 PID: 5983 at kernel/workqueue.c:2257 __queue_work+0xc9c/0x10f0
[  148.287044][ T5983] Modules linked in:
[  148.289056][ T5983] CPU: 3 UID: 0 PID: 5983 Comm: kworker/3:3 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[  148.295392][ T5983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.299655][ T5983] Workqueue: events l2cap_chan_timeout
[  148.301674][ T5983] RIP: 0010:__queue_work+0xc9c/0x10f0
[  148.303941][ T5983] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 28 04 00 00 48 8b 75 18 4c 89 f2 48 c7 c7 80 f5 8b 8b e8 45 4e f7 ff 90 <0f> 0b 90 90 e9 96 f7 ff ff e8 46 cc 37 00 90 0f 0b 90 e9 1b f6 ff
[  148.310999][ T5983] RSP: 0018:ffffc9000410fa48 EFLAGS: 00010082
[  148.313040][ T5983] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817aa868
[  148.315601][ T5983] RDX: ffff888024cda440 RSI: ffffffff817aa875 RDI: 0000000000000001
[  148.318511][ T5983] RBP: ffff88806ba50948 R08: 0000000000000001 R09: 0000000000000000
[  148.321016][ T5983] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  148.323383][ T5983] R13: ffff888040a87800 R14: ffff888040a87978 R15: ffff88806ba50950
[  148.326419][ T5983] FS:  0000000000000000(0000) GS:ffff888097a7f000(0000) knlGS:0000000000000000
[  148.330084][ T5983] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  148.332829][ T5983] CR2: 0000000080201000 CR3: 000000006c286000 CR4: 0000000000352ef0
[  148.336102][ T5983] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  148.339318][ T5983] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  148.342536][ T5983] Call Trace:
[  148.343912][ T5983]  <TASK>
[  148.345180][ T5983]  ? __cancel_work+0x2c8/0x370
[  148.347110][ T5983]  ? clear_pending_if_disabled+0xa8/0x210
[  148.349293][ T5983]  ? __pfx_clear_pending_if_disabled+0x10/0x10
[  148.351256][ T5983]  __queue_delayed_work+0x35b/0x460
[  148.352928][ T5983]  queue_delayed_work_on+0x1b5/0x200
[  148.354668][ T5983]  l2cap_chan_del+0x5a0/0x8f0
[  148.356126][ T5983]  l2cap_chan_close+0xfe/0xa30
[  148.357850][ T5983]  ? __pfx_l2cap_chan_close+0x10/0x10
[  148.359811][ T5983]  ? lock_acquire+0x62/0x350
[  148.361776][ T5983]  l2cap_chan_timeout+0x196/0x310
[  148.363873][ T5983]  process_one_work+0x9cc/0x1b70
[  148.365927][ T5983]  ? __pfx_process_one_work+0x10/0x10
[  148.368167][ T5983]  ? assign_work+0x1a0/0x250
[  148.370134][ T5983]  worker_thread+0x6c8/0xf10
[  148.371978][ T5983]  ? __kthread_parkme+0x19e/0x250
[  148.373892][ T5983]  ? __pfx_worker_thread+0x10/0x10
[  148.375790][ T5983]  kthread+0x3c5/0x780
[  148.377483][ T5983]  ? __pfx_kthread+0x10/0x10
[  148.379432][ T5983]  ? rcu_is_watching+0x12/0xc0
[  148.381433][ T5983]  ? __pfx_kthread+0x10/0x10
[  148.383366][ T5983]  ret_from_fork+0x5d4/0x6f0
[  148.385298][ T5983]  ? __pfx_kthread+0x10/0x10
[  148.387053][ T5983]  ret_from_fork_asm+0x1a/0x30
[  148.388612][ T5983]  </TASK>
[  148.389600][ T5983] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  148.391943][ T5983] CPU: 3 UID: 0 PID: 5983 Comm: kworker/3:3 Not tainted 6.15.0-syzkaller-08175-g9d230d500b0e #0 PREEMPT(full) 
[  148.396135][ T5983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.400492][ T5983] Workqueue: events l2cap_chan_timeout
[  148.402779][ T5983] Call Trace:
[  148.404204][ T5983]  <TASK>
[  148.405313][ T5983]  dump_stack_lvl+0x3d/0x1f0
[  148.407086][ T5983]  panic+0x71c/0x800
[  148.408694][ T5983]  ? __pfx_panic+0x10/0x10
[  148.410220][ T5983]  ? show_trace_log_lvl+0x29b/0x3e0
[  148.411870][ T5983]  ? check_panic_on_warn+0x1f/0xb0
[  148.413821][ T5983]  ? __queue_work+0xc9c/0x10f0
[  148.415725][ T5983]  check_panic_on_warn+0xab/0xb0
[  148.417791][ T5983]  __warn+0xf6/0x3c0
[  148.419455][ T5983]  ? __queue_work+0xc9c/0x10f0
[  148.421463][ T5983]  report_bug+0x3c3/0x580
[  148.423242][ T5983]  ? __queue_work+0xc9c/0x10f0
[  148.425259][ T5983]  handle_bug+0x184/0x210
[  148.427001][ T5983]  exc_invalid_op+0x17/0x50
[  148.428854][ T5983]  asm_exc_invalid_op+0x1a/0x20
[  148.430882][ T5983] RIP: 0010:__queue_work+0xc9c/0x10f0
[  148.433115][ T5983] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 28 04 00 00 48 8b 75 18 4c 89 f2 48 c7 c7 80 f5 8b 8b e8 45 4e f7 ff 90 <0f> 0b 90 90 e9 96 f7 ff ff e8 46 cc 37 00 90 0f 0b 90 e9 1b f6 ff
[  148.440759][ T5983] RSP: 0018:ffffc9000410fa48 EFLAGS: 00010082
[  148.443183][ T5983] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817aa868
[  148.446662][ T5983] RDX: ffff888024cda440 RSI: ffffffff817aa875 RDI: 0000000000000001
[  148.450272][ T5983] RBP: ffff88806ba50948 R08: 0000000000000001 R09: 0000000000000000
[  148.453664][ T5983] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  148.456950][ T5983] R13: ffff888040a87800 R14: ffff888040a87978 R15: ffff88806ba50950
[  148.460161][ T5983]  ? __warn_printk+0x198/0x350
[  148.462170][ T5983]  ? __warn_printk+0x1a5/0x350
[  148.464272][ T5983]  ? __queue_work+0xc9b/0x10f0
[  148.466273][ T5983]  ? __cancel_work+0x2c8/0x370
[  148.468277][ T5983]  ? clear_pending_if_disabled+0xa8/0x210
[  148.470358][ T5983]  ? __pfx_clear_pending_if_disabled+0x10/0x10
[  148.472297][ T5983]  __queue_delayed_work+0x35b/0x460
[  148.473933][ T5983]  queue_delayed_work_on+0x1b5/0x200
[  148.475596][ T5983]  l2cap_chan_del+0x5a0/0x8f0
[  148.477399][ T5983]  l2cap_chan_close+0xfe/0xa30
[  148.479370][ T5983]  ? __pfx_l2cap_chan_close+0x10/0x10
[  148.481412][ T5983]  ? lock_acquire+0x62/0x350
[  148.482867][ T5983]  l2cap_chan_timeout+0x196/0x310
[  148.484477][ T5983]  process_one_work+0x9cc/0x1b70
[  148.486081][ T5983]  ? __pfx_process_one_work+0x10/0x10
[  148.488439][ T5983]  ? assign_work+0x1a0/0x250
[  148.490368][ T5983]  worker_thread+0x6c8/0xf10
[  148.492283][ T5983]  ? __kthread_parkme+0x19e/0x250
[  148.494383][ T5983]  ? __pfx_worker_thread+0x10/0x10
[  148.496552][ T5983]  kthread+0x3c5/0x780
[  148.498010][ T5983]  ? __pfx_kthread+0x10/0x10
[  148.499499][ T5983]  ? rcu_is_watching+0x12/0xc0
[  148.501039][ T5983]  ? __pfx_kthread+0x10/0x10
[  148.502539][ T5983]  ret_from_fork+0x5d4/0x6f0
[  148.504007][ T5983]  ? __pfx_kthread+0x10/0x10
[  148.505507][ T5983]  ret_from_fork_asm+0x1a/0x30
[  148.507147][ T5983]  </TASK>
[  148.508799][ T5983] Kernel Offset: disabled
[  148.510164][ T5983] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:15:23  Registers:
info registers vcpu 0

CPU#0
RAX=0000005af56c38d4 RBX=ffff88802b2239c0 RCX=00000000000006e0 RDX=000000000000005a
RSI=ffff88802b2239c0 RDI=000000000017b2ab RBP=000000000017b2ab RSP=ffffc90000007ec8
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000019 R15=ffff88802b227c40
RIP=ffffffff8167d485 RFL=00000007 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809777f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080102000 CR3=0000000066279000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffc90026e30001 RBX=ffffc90026e2f8b8 RCX=ffffc90026e30001 RDX=ffffc90026e2f8c0
RSI=ffffc90026e2f888 RDI=ffffc90026e2f078 RBP=ffffc90026e28000 RSP=ffffc90026e2eff8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000011111
R12=ffffc90026e2f0b8 R13=ffffc90026e2f068 R14=ffffc90026e2f8b8 R15=ffffc90026e2f09c
RIP=ffffffff816a7200 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809787f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f20b89a9440 CR3=00000000721e5000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 766c6f7365726269 6c2f343662696c2f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000c10 000000000000d3f0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffffffffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001da0 0000000000033260
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000270e81 RBX=0000000000000002 RCX=ffffffff8b77e419 RDX=0000000000000000
RSI=ffffffff8dbfed55 RDI=ffffffff8bf51880 RBP=ffffed1003b5d910 RSP=ffffc9000047fdf8
R8 =0000000000000001 R9 =ffffed100568663d R10=ffff88802b4331eb R11=0000000000000001
R12=0000000000000002 R13=ffff88801daec880 R14=ffffffff90877c50 R15=0000000000000000
RIP=ffffffff8b77cf7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809797f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f00dff8 CR3=000000004e9e8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004c00000000 0000000100000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001c400000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8554b905 RDI=ffffffff9ae4fd80 RBP=ffffffff9ae4fd40 RSP=ffffc9000410f3b0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ae4fd40 R15=ffffffff8554b8a0
RIP=ffffffff8554b92f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097a7f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080201000 CR3=000000006c286000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b27db20 ffffffff8486d2b1 0000000c00000004 0000000600040008
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b56e274 ffffffff832e3ca3 ffffffff84cac02a ffffffff8ab993ed
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8236798e ffffffff8ab3ba40 ffffffff848507d9 ffffffff851d76f5
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8ab3aa0c ffffffff8486810f ffffffff8236798e ffffffff8ab3ba40
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff848507d9 ffffffff851d76f5 ffffffff8b56e274 ffffffff832e3ca3
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff84cac02a ffffffff8ab993ed ffffffff8b27db20 ffffffff8486d2b1
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000c00000004 0000000600040008 000602000000000c 0000000800040009
ZMM24=599244b9599244b9 599244b9599244b9 599244b9599244b9 599244b9599244b9 599244b9599244b9 599244b9599244b9 599244b9599244b9 599244b9599244b9
ZMM25=7c81a0247c81a024 7c81a0247c81a024 7c81a0247c81a024 7c81a0247c81a024 7c81a0247c81a024 7c81a0247c81a024 7c81a0247c81a024 7c81a0247c81a024
ZMM26=e078a416e078a416 e078a416e078a416 e078a416e078a416 e078a416e078a416 e078a416e078a416 e078a416e078a416 e078a416e078a416 e078a416e078a416
ZMM27=73304f6e73304f6e 73304f6e73304f6e 73304f6e73304f6e 73304f6e73304f6e 73304f6e73304f6e 73304f6e73304f6e 73304f6e73304f6e 73304f6e73304f6e
ZMM28=000000700000006f 0000006e0000006d 0000006c0000006b 0000006a00000069 0000006800000067 0000006600000065 0000006400000063 0000006200000061
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=bb070000bb070000 bb070000bb070000 bb070000bb070000 bb070000bb070000 bb070000bb070000 bb070000bb070000 bb070000bb070000 bb070000bb070000