last executing test programs:

59.806989082s ago: executing program 2 (id=701):
socket$can_bcm(0x1d, 0x2, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

58.991430335s ago: executing program 0 (id=702):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
getdents64(r1, 0x0, 0x0)

58.308664364s ago: executing program 0 (id=703):
socket$can_bcm(0x1d, 0x2, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

58.250906985s ago: executing program 2 (id=704):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800)
close_range(r0, r1, 0x2)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0x14)
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000080)={{{@in=@empty, @in=@private=0xa010102, 0x4e24, 0x401, 0x4e21, 0xfff0, 0x2, 0x0, 0x0, 0x0, r2, 0xee01}, {0x9, 0xe669, 0x10, 0x100, 0x7fffffffffffffff, 0x7fffffff, 0x4e41, 0x200}, {0x0, 0x99d6, 0x9}, 0xffffffff, 0x6e6bbc, 0x2, 0x1, 0x2, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x26}, 0x4d4, 0xff}, 0xa, @in=@private=0xa010100, 0x3507, 0x1, 0x30b4b1426e7b9c41, 0x6, 0xfffffff9, 0x4}}, 0xe4)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f00000003c0)={0x3, [0x0, 0x0, 0x0]}, &(0x7f0000000400)=0x10)
io_uring_enter(0xffffffffffffffff, 0x63e1, 0x1cca, 0x8e, &(0x7f0000000e80)={[0x62f, 0x2]}, 0x8)

58.250566433s ago: executing program 2 (id=705):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
sendto$packet(r3, &(0x7f00000000c0)="3f030e0033e6120306001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe94f, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

57.29067931s ago: executing program 0 (id=708):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000180)=0xffffffff, 0x4)
socket$nl_sock_diag(0x10, 0x3, 0x4)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0xd)
mount(0x0, &(0x7f0000000980)='./file0\x00', &(0x7f00000001c0)='ocfs2_dlmfs\x00', 0x0, 0x0)

57.279988134s ago: executing program 2 (id=709):
socket$can_bcm(0x1d, 0x2, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xffffffffffffff2f, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0x21}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

56.204662533s ago: executing program 0 (id=715):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, &(0x7f0000000080)=0x200009)
syz_open_dev$sndmidi(&(0x7f00000000c0), 0x2, 0x81)

56.202620581s ago: executing program 0 (id=716):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140))
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000000f5ff000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
connect(r2, &(0x7f00000003c0)=@nl=@unspec, 0x80)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80002, 0x0)
bind$unix(r3, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)

56.142596225s ago: executing program 0 (id=717):
timer_create(0x1, &(0x7f0000000140)={0x0, 0x30}, &(0x7f0000000200)=<r0=>0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r1=>0x0, <r2=>0x0})
timer_settime(r0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {r1, r2+60000000}}, &(0x7f00000002c0))
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xd, &(0x7f0000000b40)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2e}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=@newsa={0x150, 0x10, 0x1, 0x0, 0x0, {{@in6=@local, @in=@remote, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@broadcast, 0x0, 0x32}, @in6=@loopback, {0x0, 0x4, 0x0, 0x0, 0x0, 0x200}, {}, {0x3}, 0x0, 0x0, 0x2, 0x1, 0x1, 0xa6}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x0, 0x70bd26}}]}, 0x150}}, 0x400)
r6 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103383)
ioctl$LOOP_SET_CAPACITY(r6, 0x4c07)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="a81300004200280027bd7000fddbdf2519000000b23279762f1375de7d10d6fd91f050ecf58aad484077a13f387bf2ba3d12ca13aa98ecf610533d6d6c41ee7df3e4fa151de935470d8104665176a02701003fca3f56a7c917bb0f765989ba74962d5bf999287cdd3aab78686358154b95107aae62880c8ccd6deb6bffb377e1b8bee40b5476961c934042320d2fa1a7fd1107b440e8ed026c38fba44e8d4f6268f15349e8515909189e42c88307a2dbda16b1d9271a8a787387a889bd4ca494f5151ef013f11b1136f4343bdd99b92d4dd744e4b4bfdaedf3720c0063002f6465762f6e6264f594394c1a64300e906d2b886b88d4b9ca53ef3f915933ce05140fc8a99a7d16ebd87e5f6fd0687862099e708a646a8bbad5523bf8ad938677c0658549190b1afba1f0c0c0d0bd630c0c5cf13a9fb1032c2bbefbde7e2fc3f2fc1850063eb0f6c8262942ab15a4cca1ec074108e4c3a098596bdf6e5e0d890bd9ca9038c4ae613dba3998762c2f98e60748da51e2df88285e1fcf5e9eedf6051090f66f5792dd987410e934fcc6fd689e6ae364a88bff611821807877729144a53da254f96ffff0112cbb4f0e7fed5afc772d659742431858297238a4c17d0b28b6e9948d807df08f64dbc18afd744645625b56a4f802d6cd23e51da4346d360a76d0c959d812ea16649d1c5487ebeb45bf7c9777893514e6bd2e8f129ab071e4e1874f66df872b066d6d7677f482d03162b926c33a8e7bef6866813eed7576d4ee0f01a5bc328f7efc7a66a702e753f069395427fa2bbfbcae4d2a957bef409581eae61eaa6c6b58355ab610ed600a5d42ba455074659b6521c1f9ac45a26c87b09acdb3b79f5e7a50be0b440668d82340bbcb0f95081d7f85dc92f522925980c760da128a9cb1b70ab0a87cecdae576ddc4d4cc1568f4e4491ab032b0acebe7cbf902a0891922bf43b7c8380ebcf8b2ca52f8ba65a85a1648a8a869373622a5cefa9a5863ee39ede6486ce1308eeaf793b69c0c6f383cd59ab85258a690b488786f8bf84bf613de8263cd0ba6a0a631aec55d19bc41043d604cef765da0892e0e42833953644cc6c0e5491a8a0d381a6e9fd3f3fad59d4af7805e91892b76056c3f52e0f08766c0d31d265b2ce1e76f6f2326e81ccd82306f59383ae70a844985a2866e8c2b394f29dad6961d4fa80be9712a7877de3a706d452360ab6a77f636c019b420dddefe6ebf318410b02e275d03d6c5614a26d63bb543545d1282d3c5317c8be0536b2a8ce1cecc94d49585ac855bb891b95fa3b42300afbb9dd0ad9c07067fe1ba3496d0515cb916744d834136d970fe96a32e980d4801fdbd1e366d04eb6fe69441401e9082fa4b16be4a04edcaf9f751e53ffd773f367369fe418a714f111c586d399c9721f1c28af45d1478d1a319cb6f8b5013a8734848f59fa0aeb66f46779112bd4da6ebed8a062070515bdc62c59c32aa95890b979635ee03032c5371ea650125b80a5b06d070d861c2e34be2c75589a6f1c15ac962ec5e40397cfffa07e4e7ce8caebf25d34f43c61c1a0fa4a011f77eb9ed70478f348a9238d809ffa3e5a7dde3bd17e27c9bd9b05d8353439ccd4664effd1ff987841d365ea892f7f0c92250a15d463cb102ec0d195877b69f0f1a77b67749bbd56a176f93a40625fc1195fe6b34ed10c6fb1367e1577be57d1f5558cafda15c83fbfd1e0eea91105d11f3eca4514e69d5e05ff1381481770314c61db086a58ca59786aadf005495a808efefa5f42b1159dfdb055e3d6579103cb7534cc9d29dae72bf5717185abc3c8ab243194cb63040fbbff299681b17a08ed9bb66b6de220f30d41a0baabfcb9bb2837b1677b999818ec9a5a00f9b8cadc0ffba7711b1ebba59e948ecba2e42f6a5d7ed73fc67fb6f939a249e523940fe454434bd020c60ae025d864a556d74f066d1dcc8d3777e7fa9a22a652bd2df9ceddc283c75464259810719023d74daaa5da1638b4b2a01e1f6f3405c46c5607a20397c88dc4550c1fa878f9388e5a2f0ef39f44e4d959864e053889a0b1be45f6d7eda21cbdf5787bc31d381967859c37b8e15894e0e528aaa5801f4d44bdc36334da92ff8af61eca9a6916dc3f4d4e32da0a8eb7d1b79212b430c0698920ef54cbd13ef55afc9e2067ce30cde1f1fada60d08b005e046ea32b3f5318717f1606a23bf8b1a49734f7668c4dd094fb058e1ad6a3e6002f5e05a35c2e504a110b0dbb0fbba4deb2298c3183af4b12cf4fae65c97dc68d33ce0186d61198fd4fab181f6eb95e744b0f00e3449da0e98b1d1110292dba9f09766cf72afe227b7331122106766d36a0eb36dada656b99dbd449e139533977b16b332e2cafd4e203c3034039325e6148ced40372cbd5b40cc4462eec52a4701189f05c0a3aaa32c85b4e76df2e1be9424cdef738c60a30abfc9074b629738ae5bf3616c8e57d5d9152609e07e13a94895d6a8e0b7a987cc3ba55984ef0675356063d9b6c0e9e47a93e4fda5571f3439f0e3389ad7b00cbd8e1f8a4a2847dc6575c4f56e5e3a88c39c3f03fed80652616342e850c1e0c29875035457c711da841e54ae68a0d85f8052c41ffe5ef0e4eda88d660515c339994a199fca56efe55f440274c97778592a3c31b13aa861ae0681aea06f8579744c118563c50f374c1785abb001ceb2f6253940abcc6949b9cbffc73ae97d59a1f253e6949d27de1f6dec9c7c134db6f2464a7d44588aa6e58336709d7ace852c9016e20721778f8ce183208864d57ff69c3f118996acc736a8b01afd8c0bf917171dec86c435c6593c13ce7019d9b83382a7ada52f87d7de7b07ddfb7a6fcccbaf8472c86d6bc93dab2a8ccae83cfd6fe7465cded50ccb4bc6f75beb684948ce866a831ef1f3a5b4cd9ed037c135e2ccf01dfc9e656bf42634ec32f5c8eff4b2e18618cd19882714a4ec0d9be945962b9ecea850fe87c0c03b70c8fb3fd564cc34638065c7eadb0b5d0fd3d1720bad55478e96d6b2b9ab9eae414a7e57d6559779d8e33ebaeaae41f5f0b46196a00c9165ac7ba823502981c066fc1374dfd701a67e1aed150bca4bafab5afdfdce82fbb1a22e968f5874ca4205b0b5b707ffe2e64131d9db35f37a21644edefe945d59264198d8f2b65fd43cd19255d23ee318a86d50141b7155b7cd0e7f8dad6e32b14b283ffced2a093167f0817b16709255f0c745c03b631f52f52f39c0c577beec07e0b8765b9351ddc9996ac3f7a5983e3b2ca84ba40054cc6466fd1b8e13ec75543b52f011d3b239d99a8d43c322d8ed8bba254700fca4a282274d9f841fc4cec80790f84b2c3270a97a94ee5293cc626744282d4004fcf6219e4a7ebb29bade60196125bde71f15fc41476ea823176be46719e1fefa9610147337b9dc915e1834b8dce216c03c10a538d904237662a4066901d26f342aae9f151564b44c3e58546a9e194c06efb7f33c125f13c0081c46ca42f8ec7f3dd30e4579792c30612a1f17f26b823de3f9fbcf04bd637808aa6aaba55de72a03765ae882932384340951e8191d7e642a20b79548690b0610240431bddd24cc4a761d046d94c9cd62d99f6d0b9e4be148a28965ccb48f4aa34f03eae7d9eeea1f3361ea21ce99769c347e4db53ff76b37fc7c7f638927882a039240c11626d72cee4ca70aa61c7b555b94396055ced8db20a96022c80f51eb74523ad0fe641469dd9a35447d2a5002b3a9c422fe390b50c3ed7c89b3c704f84148e3375218629becb3cc7909a38aef0889e0067e4df220cafd4768ffa9d1443f9f4d85f56b3ed4e1fdb2d4c249b9a10173afbaff592ff5661e6710553a181973bbd4d0650328124dc6c60d856bc11550abdda1f4b2981eec1559c3d05081c8da030256ad56317fd9eab0319a5e700a6e56e653c8ad11abc3dd56fcf672fa86da886cd62e2848b0dacc129345388d02c1c633c74d3598968d7cceba259cc9af491ad147e7d33e5b6907d743cb48eca4ca919bc2da904dbf5c05f43ff40d7d8e44a2ce62d1b04d23050afc0c10f85939762cd23dae412f0894dfce232116afd04623daf99bb8ee2bd050e320e83fce3ef3540ab12b91b6f2337704f93b22c38f3de0510fc7fe8dd8b529ea9818c6b4794d7c9ad44926ca9b748740103d2c7b777bc2ae27077bf295a3f24be7ed1f6e9f0c472f46d1219eae7e5b92a02755161b09459bdcfa045625170569e6cc7ff5f7798c1cfa8d4d233d0e8f0e34b5a8822cf9b8c4bea0ef48a8325f4c12a062ae9afd92dfe56d6d93422412c3b45510c11410d758b9c3fcd8bf4bd8f3bbb043b152da452686223518ffa416df72a60640a9488c082cb4cc736ca5d2f647e655fdf3ce610d3cca25b73857390b95a64451970f7536f8aa0593c31944878862784286e02cbbece035db6edb9a53651717087d3da7eab0617a8ca626994d63ecee798970b42f79447c0091b4361d97af32e31d41dd3ce49f16b1ea541e98d392b2bff70e8b95910732368a55348d74bfa0f1b80c8d3db1fa2052b9e81c92e62db882d70cb42203f6df56123f031413f63f0be2f247172eabe68b7c48b4a00fcb7757c9c4cd68991606551913938e1caed078363f5dc46f12efe810f0db0818d83f988bb6d9be430c921013a67ac84cbc71a6ee394a18d451ab42743fd7e686fe0eb2c288c0925813f2f23edeb3e849f6c95c240eaf158c894a4865c66b2365dd671b9154252efdde4cea6082fe96c798681ed7f6d1b7ba93fba49123076aa5f4164ec0eef5c9fea6bcb056a16f407efb5dfe1d0f4d02ea1528e6b53aed2e999da51aca44716f37e5fa111922f45372ffb59dc2a441fb164c83d86a988c79e8e09cd6adaedd9f1775ecd50def495d8de11041039addee664155563b9451409d6d18da67e4decbebf32a29e799b73fb3fddd89c8fae7adbdbce50a27632223fc52c57dfe37fdf843bf61d8bff34daddc318f0795a916dd2f98a3de0a43fd2ca7e2624ac5b3da310d96dd8b5d9731ec454453b7134d6401c5bffe28b305f161b66c2a11b3366890e9f6ef59c0d0d1780ddc142abb07239c8c5c6a1709434799b4c8ebc0d6b12ba9a2d9ad8757f5d5a0d90e5f94144919e4ceec27f51dc0ce11362947021b6ad5b72528263dc9a3e7bcc0b6b52b5e9846af8cfb7e7cfc2e942bf1c2acb0d96235d325202d288acc1a5fd49fdd4f63574d9d23045966b6ec183c39c8fca96c23b17ec53b04bc30a3a322202d3133e523e5d54a1c08b0ef5176d1c0052396223055c9ce9c1cc331d6e8b758b57696170ecf8e2c667fd04f80e61a2ca17666f97c2960f23abc76bf5d80bad22f36e2bfdb74e19859704b2dde8c21408ff18716213fa7e462ce2d343ed072eb48d31a5653f08b2b2ee997747929171afec62bc4c86f68f8a5151167b7190458f6770d03fa4e963bcf826ba27571b52535e0448534deef896fbdb292b1842b9dd264478540220033769bbb92c2bd7833feed7819a6ea4aee085df161fc3a9b97891bcda8d0353b6582aa08d06a9b7da08a6ebace6977b41e2a9ec27feebd5baf17de21ba1ed1bf8878c25d706893eff5f07f3c3cba6fa489854a7c6feebae8b482dfd4a1e6d49f3edb6c11c1e095e0370e4916377bf121dbece47b06cd5f525f92f5cc1e0440a56f333fdef782d2fe1e048154fed040db897d0674267899f344d45919e23f380b3b7840ad7613270e4bd7699a6f06e3919c7b8b56842f7e3b763c190250d0f421f30fa6e939b809c2867f6edf04223aff351edc7f5657d0302bb9dd15f7878e26ab762d24ddaf3d748adb16571d73754400f291569da8425eef234d12d38dc98706669e555671bcc728c97a46aacf06d6da658331991e1f54a91f4331ccd0ba38aef0cd1cef89b03f8cf94087f7b9836ca4f66ba1f72a2b6b4e18984acef9257fd7bbb6fb2c96f700a249cca60d7bf583ea311b9b0af7c088c495c98d9cd1cfb8bd6d5337a4640c7ab7c6b9091ba3013e75f5019538ffa939c7f4ce00cb63da89678a79e0fa82c98ee78a83b779cfdda2db43585f0c200c9e187ed920324d33982827a10ace8d2e850b800e21168bac5cbcb93e7cb13243cab26df896cba2ec077772c5a75f351ed0b247fd1e25e7f22576bcde4206fde9dfaa3dd824559b3a49cec44b43fe26a6511746e67f8b5e810b4f0c6868e1546f9bf544ae468d003351b8e28aebc7e9d520ea1064dc035aa3ebc7ae4a002384a6fb979bb5c21ac52659c76691b11a3093997ec13942f7f79582a817e9733201f06759915236fe04bd7dba3b313b2462cca0dc2f5c1d7eace9aeee956e49acb0c194d3069051e7307b28f986edad5dc770f386b10de233871bbec01a5eb534de00a404d29361d951df67c120fed200d37c49c336ae9d6a4317f9b3064df8ceb7dd79a5d64a8e651a9da0c8c89f0f028e97ba16dba1f2bc1d73a311f98876e308eb55b007ea2beb3829cbff5c46137bd9fc832f12bdc3c7f45bedcc74be877e62a79f0173800400c880c3c7d53971bb9719eb267060c8bfc369bd8390b9de7b0863ba725fde1d4c7192cfcc44390f1a45244c5c0313b5adf87b96fa6d9784b92d462c7a057bbae554c55c78a3e5e708eb61bf535cd631ca861d41f8d53bc7236f767a4270e86faa7449bd704b91cfe366c1bcc42a4130ab4834ef148deac5ba0b005a00568e7cb786cc7d00b3edbfcaaf8e374e3ee51e8c9d44598b1b5dbd835d2dc1f5fc2b3ecb625b807d978fc2efb46a01798fc6b880c2726cbabacbce79973539abc08827d498572457e7ab59b02a71aa487605032da9c1f571540929a0e03abe03ff0680da6fa8fd4f92ec472b526d3be84f3e4c6f08e65f8deb000868a5b116a7f6d1761386bd4cc424272e9feb68e007ffea1d256b349176546b202677c20c6b11bfd315286af6aabf3878094192eb98453915d6935a22389ca01df253d9af9d82a30cf16a5329d155209e9420c3e7e40daf3c790539db61904c916d4d603d1d1b920400e98058b8b987abcc2807458a4e33fb9e5f8e0e4961640f86131067004747cebc1f2ed2b75f179adb4d0cdad1487067e19801694f2f4d781def000c000c000500000000000000"], 0x13a8}, 0x1, 0x0, 0x0, 0xc000}, 0x810)
mount(&(0x7f00000001c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)='vxfs\x00', 0x0, 0x0)

56.138549995s ago: executing program 2 (id=718):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80002, 0x0)

56.10589073s ago: executing program 2 (id=719):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80002, 0x0) (fail_nth: 1)

41.143895903s ago: executing program 32 (id=717):
timer_create(0x1, &(0x7f0000000140)={0x0, 0x30}, &(0x7f0000000200)=<r0=>0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r1=>0x0, <r2=>0x0})
timer_settime(r0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {r1, r2+60000000}}, &(0x7f00000002c0))
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xd, &(0x7f0000000b40)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2e}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=@newsa={0x150, 0x10, 0x1, 0x0, 0x0, {{@in6=@local, @in=@remote, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@broadcast, 0x0, 0x32}, @in6=@loopback, {0x0, 0x4, 0x0, 0x0, 0x0, 0x200}, {}, {0x3}, 0x0, 0x0, 0x2, 0x1, 0x1, 0xa6}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x0, 0x70bd26}}]}, 0x150}}, 0x400)
r6 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103383)
ioctl$LOOP_SET_CAPACITY(r6, 0x4c07)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="a81300004200280027bd7000fddbdf2519000000b23279762f1375de7d10d6fd91f050ecf58aad484077a13f387bf2ba3d12ca13aa98ecf610533d6d6c41ee7df3e4fa151de935470d8104665176a02701003fca3f56a7c917bb0f765989ba74962d5bf999287cdd3aab78686358154b95107aae62880c8ccd6deb6bffb377e1b8bee40b5476961c934042320d2fa1a7fd1107b440e8ed026c38fba44e8d4f6268f15349e8515909189e42c88307a2dbda16b1d9271a8a787387a889bd4ca494f5151ef013f11b1136f4343bdd99b92d4dd744e4b4bfdaedf3720c0063002f6465762f6e6264f594394c1a64300e906d2b886b88d4b9ca53ef3f915933ce05140fc8a99a7d16ebd87e5f6fd0687862099e708a646a8bbad5523bf8ad938677c0658549190b1afba1f0c0c0d0bd630c0c5cf13a9fb1032c2bbefbde7e2fc3f2fc1850063eb0f6c8262942ab15a4cca1ec074108e4c3a098596bdf6e5e0d890bd9ca9038c4ae613dba3998762c2f98e60748da51e2df88285e1fcf5e9eedf6051090f66f5792dd987410e934fcc6fd689e6ae364a88bff611821807877729144a53da254f96ffff0112cbb4f0e7fed5afc772d659742431858297238a4c17d0b28b6e9948d807df08f64dbc18afd744645625b56a4f802d6cd23e51da4346d360a76d0c959d812ea16649d1c5487ebeb45bf7c9777893514e6bd2e8f129ab071e4e1874f66df872b066d6d7677f482d03162b926c33a8e7bef6866813eed7576d4ee0f01a5bc328f7efc7a66a702e753f069395427fa2bbfbcae4d2a957bef409581eae61eaa6c6b58355ab610ed600a5d42ba455074659b6521c1f9ac45a26c87b09acdb3b79f5e7a50be0b440668d82340bbcb0f95081d7f85dc92f522925980c760da128a9cb1b70ab0a87cecdae576ddc4d4cc1568f4e4491ab032b0acebe7cbf902a0891922bf43b7c8380ebcf8b2ca52f8ba65a85a1648a8a869373622a5cefa9a5863ee39ede6486ce1308eeaf793b69c0c6f383cd59ab85258a690b488786f8bf84bf613de8263cd0ba6a0a631aec55d19bc41043d604cef765da0892e0e42833953644cc6c0e5491a8a0d381a6e9fd3f3fad59d4af7805e91892b76056c3f52e0f08766c0d31d265b2ce1e76f6f2326e81ccd82306f59383ae70a844985a2866e8c2b394f29dad6961d4fa80be9712a7877de3a706d452360ab6a77f636c019b420dddefe6ebf318410b02e275d03d6c5614a26d63bb543545d1282d3c5317c8be0536b2a8ce1cecc94d49585ac855bb891b95fa3b42300afbb9dd0ad9c07067fe1ba3496d0515cb916744d834136d970fe96a32e980d4801fdbd1e366d04eb6fe69441401e9082fa4b16be4a04edcaf9f751e53ffd773f367369fe418a714f111c586d399c9721f1c28af45d1478d1a319cb6f8b5013a8734848f59fa0aeb66f46779112bd4da6ebed8a062070515bdc62c59c32aa95890b979635ee03032c5371ea650125b80a5b06d070d861c2e34be2c75589a6f1c15ac962ec5e40397cfffa07e4e7ce8caebf25d34f43c61c1a0fa4a011f77eb9ed70478f348a9238d809ffa3e5a7dde3bd17e27c9bd9b05d8353439ccd4664effd1ff987841d365ea892f7f0c92250a15d463cb102ec0d195877b69f0f1a77b67749bbd56a176f93a40625fc1195fe6b34ed10c6fb1367e1577be57d1f5558cafda15c83fbfd1e0eea91105d11f3eca4514e69d5e05ff1381481770314c61db086a58ca59786aadf005495a808efefa5f42b1159dfdb055e3d6579103cb7534cc9d29dae72bf5717185abc3c8ab243194cb63040fbbff299681b17a08ed9bb66b6de220f30d41a0baabfcb9bb2837b1677b999818ec9a5a00f9b8cadc0ffba7711b1ebba59e948ecba2e42f6a5d7ed73fc67fb6f939a249e523940fe454434bd020c60ae025d864a556d74f066d1dcc8d3777e7fa9a22a652bd2df9ceddc283c75464259810719023d74daaa5da1638b4b2a01e1f6f3405c46c5607a20397c88dc4550c1fa878f9388e5a2f0ef39f44e4d959864e053889a0b1be45f6d7eda21cbdf5787bc31d381967859c37b8e15894e0e528aaa5801f4d44bdc36334da92ff8af61eca9a6916dc3f4d4e32da0a8eb7d1b79212b430c0698920ef54cbd13ef55afc9e2067ce30cde1f1fada60d08b005e046ea32b3f5318717f1606a23bf8b1a49734f7668c4dd094fb058e1ad6a3e6002f5e05a35c2e504a110b0dbb0fbba4deb2298c3183af4b12cf4fae65c97dc68d33ce0186d61198fd4fab181f6eb95e744b0f00e3449da0e98b1d1110292dba9f09766cf72afe227b7331122106766d36a0eb36dada656b99dbd449e139533977b16b332e2cafd4e203c3034039325e6148ced40372cbd5b40cc4462eec52a4701189f05c0a3aaa32c85b4e76df2e1be9424cdef738c60a30abfc9074b629738ae5bf3616c8e57d5d9152609e07e13a94895d6a8e0b7a987cc3ba55984ef0675356063d9b6c0e9e47a93e4fda5571f3439f0e3389ad7b00cbd8e1f8a4a2847dc6575c4f56e5e3a88c39c3f03fed80652616342e850c1e0c29875035457c711da841e54ae68a0d85f8052c41ffe5ef0e4eda88d660515c339994a199fca56efe55f440274c97778592a3c31b13aa861ae0681aea06f8579744c118563c50f374c1785abb001ceb2f6253940abcc6949b9cbffc73ae97d59a1f253e6949d27de1f6dec9c7c134db6f2464a7d44588aa6e58336709d7ace852c9016e20721778f8ce183208864d57ff69c3f118996acc736a8b01afd8c0bf917171dec86c435c6593c13ce7019d9b83382a7ada52f87d7de7b07ddfb7a6fcccbaf8472c86d6bc93dab2a8ccae83cfd6fe7465cded50ccb4bc6f75beb684948ce866a831ef1f3a5b4cd9ed037c135e2ccf01dfc9e656bf42634ec32f5c8eff4b2e18618cd19882714a4ec0d9be945962b9ecea850fe87c0c03b70c8fb3fd564cc34638065c7eadb0b5d0fd3d1720bad55478e96d6b2b9ab9eae414a7e57d6559779d8e33ebaeaae41f5f0b46196a00c9165ac7ba823502981c066fc1374dfd701a67e1aed150bca4bafab5afdfdce82fbb1a22e968f5874ca4205b0b5b707ffe2e64131d9db35f37a21644edefe945d59264198d8f2b65fd43cd19255d23ee318a86d50141b7155b7cd0e7f8dad6e32b14b283ffced2a093167f0817b16709255f0c745c03b631f52f52f39c0c577beec07e0b8765b9351ddc9996ac3f7a5983e3b2ca84ba40054cc6466fd1b8e13ec75543b52f011d3b239d99a8d43c322d8ed8bba254700fca4a282274d9f841fc4cec80790f84b2c3270a97a94ee5293cc626744282d4004fcf6219e4a7ebb29bade60196125bde71f15fc41476ea823176be46719e1fefa9610147337b9dc915e1834b8dce216c03c10a538d904237662a4066901d26f342aae9f151564b44c3e58546a9e194c06efb7f33c125f13c0081c46ca42f8ec7f3dd30e4579792c30612a1f17f26b823de3f9fbcf04bd637808aa6aaba55de72a03765ae882932384340951e8191d7e642a20b79548690b0610240431bddd24cc4a761d046d94c9cd62d99f6d0b9e4be148a28965ccb48f4aa34f03eae7d9eeea1f3361ea21ce99769c347e4db53ff76b37fc7c7f638927882a039240c11626d72cee4ca70aa61c7b555b94396055ced8db20a96022c80f51eb74523ad0fe641469dd9a35447d2a5002b3a9c422fe390b50c3ed7c89b3c704f84148e3375218629becb3cc7909a38aef0889e0067e4df220cafd4768ffa9d1443f9f4d85f56b3ed4e1fdb2d4c249b9a10173afbaff592ff5661e6710553a181973bbd4d0650328124dc6c60d856bc11550abdda1f4b2981eec1559c3d05081c8da030256ad56317fd9eab0319a5e700a6e56e653c8ad11abc3dd56fcf672fa86da886cd62e2848b0dacc129345388d02c1c633c74d3598968d7cceba259cc9af491ad147e7d33e5b6907d743cb48eca4ca919bc2da904dbf5c05f43ff40d7d8e44a2ce62d1b04d23050afc0c10f85939762cd23dae412f0894dfce232116afd04623daf99bb8ee2bd050e320e83fce3ef3540ab12b91b6f2337704f93b22c38f3de0510fc7fe8dd8b529ea9818c6b4794d7c9ad44926ca9b748740103d2c7b777bc2ae27077bf295a3f24be7ed1f6e9f0c472f46d1219eae7e5b92a02755161b09459bdcfa045625170569e6cc7ff5f7798c1cfa8d4d233d0e8f0e34b5a8822cf9b8c4bea0ef48a8325f4c12a062ae9afd92dfe56d6d93422412c3b45510c11410d758b9c3fcd8bf4bd8f3bbb043b152da452686223518ffa416df72a60640a9488c082cb4cc736ca5d2f647e655fdf3ce610d3cca25b73857390b95a64451970f7536f8aa0593c31944878862784286e02cbbece035db6edb9a53651717087d3da7eab0617a8ca626994d63ecee798970b42f79447c0091b4361d97af32e31d41dd3ce49f16b1ea541e98d392b2bff70e8b95910732368a55348d74bfa0f1b80c8d3db1fa2052b9e81c92e62db882d70cb42203f6df56123f031413f63f0be2f247172eabe68b7c48b4a00fcb7757c9c4cd68991606551913938e1caed078363f5dc46f12efe810f0db0818d83f988bb6d9be430c921013a67ac84cbc71a6ee394a18d451ab42743fd7e686fe0eb2c288c0925813f2f23edeb3e849f6c95c240eaf158c894a4865c66b2365dd671b9154252efdde4cea6082fe96c798681ed7f6d1b7ba93fba49123076aa5f4164ec0eef5c9fea6bcb056a16f407efb5dfe1d0f4d02ea1528e6b53aed2e999da51aca44716f37e5fa111922f45372ffb59dc2a441fb164c83d86a988c79e8e09cd6adaedd9f1775ecd50def495d8de11041039addee664155563b9451409d6d18da67e4decbebf32a29e799b73fb3fddd89c8fae7adbdbce50a27632223fc52c57dfe37fdf843bf61d8bff34daddc318f0795a916dd2f98a3de0a43fd2ca7e2624ac5b3da310d96dd8b5d9731ec454453b7134d6401c5bffe28b305f161b66c2a11b3366890e9f6ef59c0d0d1780ddc142abb07239c8c5c6a1709434799b4c8ebc0d6b12ba9a2d9ad8757f5d5a0d90e5f94144919e4ceec27f51dc0ce11362947021b6ad5b72528263dc9a3e7bcc0b6b52b5e9846af8cfb7e7cfc2e942bf1c2acb0d96235d325202d288acc1a5fd49fdd4f63574d9d23045966b6ec183c39c8fca96c23b17ec53b04bc30a3a322202d3133e523e5d54a1c08b0ef5176d1c0052396223055c9ce9c1cc331d6e8b758b57696170ecf8e2c667fd04f80e61a2ca17666f97c2960f23abc76bf5d80bad22f36e2bfdb74e19859704b2dde8c21408ff18716213fa7e462ce2d343ed072eb48d31a5653f08b2b2ee997747929171afec62bc4c86f68f8a5151167b7190458f6770d03fa4e963bcf826ba27571b52535e0448534deef896fbdb292b1842b9dd264478540220033769bbb92c2bd7833feed7819a6ea4aee085df161fc3a9b97891bcda8d0353b6582aa08d06a9b7da08a6ebace6977b41e2a9ec27feebd5baf17de21ba1ed1bf8878c25d706893eff5f07f3c3cba6fa489854a7c6feebae8b482dfd4a1e6d49f3edb6c11c1e095e0370e4916377bf121dbece47b06cd5f525f92f5cc1e0440a56f333fdef782d2fe1e048154fed040db897d0674267899f344d45919e23f380b3b7840ad7613270e4bd7699a6f06e3919c7b8b56842f7e3b763c190250d0f421f30fa6e939b809c2867f6edf04223aff351edc7f5657d0302bb9dd15f7878e26ab762d24ddaf3d748adb16571d73754400f291569da8425eef234d12d38dc98706669e555671bcc728c97a46aacf06d6da658331991e1f54a91f4331ccd0ba38aef0cd1cef89b03f8cf94087f7b9836ca4f66ba1f72a2b6b4e18984acef9257fd7bbb6fb2c96f700a249cca60d7bf583ea311b9b0af7c088c495c98d9cd1cfb8bd6d5337a4640c7ab7c6b9091ba3013e75f5019538ffa939c7f4ce00cb63da89678a79e0fa82c98ee78a83b779cfdda2db43585f0c200c9e187ed920324d33982827a10ace8d2e850b800e21168bac5cbcb93e7cb13243cab26df896cba2ec077772c5a75f351ed0b247fd1e25e7f22576bcde4206fde9dfaa3dd824559b3a49cec44b43fe26a6511746e67f8b5e810b4f0c6868e1546f9bf544ae468d003351b8e28aebc7e9d520ea1064dc035aa3ebc7ae4a002384a6fb979bb5c21ac52659c76691b11a3093997ec13942f7f79582a817e9733201f06759915236fe04bd7dba3b313b2462cca0dc2f5c1d7eace9aeee956e49acb0c194d3069051e7307b28f986edad5dc770f386b10de233871bbec01a5eb534de00a404d29361d951df67c120fed200d37c49c336ae9d6a4317f9b3064df8ceb7dd79a5d64a8e651a9da0c8c89f0f028e97ba16dba1f2bc1d73a311f98876e308eb55b007ea2beb3829cbff5c46137bd9fc832f12bdc3c7f45bedcc74be877e62a79f0173800400c880c3c7d53971bb9719eb267060c8bfc369bd8390b9de7b0863ba725fde1d4c7192cfcc44390f1a45244c5c0313b5adf87b96fa6d9784b92d462c7a057bbae554c55c78a3e5e708eb61bf535cd631ca861d41f8d53bc7236f767a4270e86faa7449bd704b91cfe366c1bcc42a4130ab4834ef148deac5ba0b005a00568e7cb786cc7d00b3edbfcaaf8e374e3ee51e8c9d44598b1b5dbd835d2dc1f5fc2b3ecb625b807d978fc2efb46a01798fc6b880c2726cbabacbce79973539abc08827d498572457e7ab59b02a71aa487605032da9c1f571540929a0e03abe03ff0680da6fa8fd4f92ec472b526d3be84f3e4c6f08e65f8deb000868a5b116a7f6d1761386bd4cc424272e9feb68e007ffea1d256b349176546b202677c20c6b11bfd315286af6aabf3878094192eb98453915d6935a22389ca01df253d9af9d82a30cf16a5329d155209e9420c3e7e40daf3c790539db61904c916d4d603d1d1b920400e98058b8b987abcc2807458a4e33fb9e5f8e0e4961640f86131067004747cebc1f2ed2b75f179adb4d0cdad1487067e19801694f2f4d781def000c000c000500000000000000"], 0x13a8}, 0x1, 0x0, 0x0, 0xc000}, 0x810)
mount(&(0x7f00000001c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)='vxfs\x00', 0x0, 0x0)

40.778904905s ago: executing program 33 (id=719):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x80002, 0x0) (fail_nth: 1)

7.251865297s ago: executing program 4 (id=953):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x3)
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, &(0x7f0000000040)={0xf, 0x400, 0x2, 0x5, 0x2, 0x16, 0x20, "0ef003cdb500e5ae131674636cc82b0c5700", "ef0981ec4bda9676d71bc6d5808a2cff16d4b146"})
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10)
sendmmsg(r2, &(0x7f00000007c0)=[{{&(0x7f0000000380)=@in={0x2, 0x4e24, @local}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000800)='&', 0x1}], 0x1}}], 0x1, 0x2c000011)
sendto(r2, &(0x7f00000002c0)='q', 0x100000, 0x8000, 0x0, 0xfffffda7)
socket$kcm(0x29, 0x7, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f00000001c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='timerslack_ns\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x10, &(0x7f0000000040)=@ringbuf={{}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close_range(r0, 0xffffffffffffffff, 0x0)

6.305926071s ago: executing program 4 (id=957):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/fib_trie\x00')
read$FUSE(r1, &(0x7f0000012400)={0x2020, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
syz_open_dev$vcsu(0x0, 0x8001, 0x400)
r3 = socket$kcm(0x10, 0x2, 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000004c0)=ANY=[@ANYBLOB="ffffffffffff0000012200008848000000004a0500ac0067000080029078ac1e0001e0000002b90d35900ab0155356dfa5b5aeeebf7cfdcb9c320d6317cd2f6700034a0194040000000017059078e0000002534cc61a450fdca1f05450a0b42b79046bd86aa7ab56da60fa1109e25c303edf215ce3b0b49baf750ec8c27eac2be9b4e07f806f1ab8746e87eba34edb6daccb28b80c1c9c5ab16e69060e3b0cac639fe3dccbfa"], 0x0)
syz_io_uring_setup(0x39, &(0x7f0000001800)={0x0, 0xfffffffe, 0x1000}, &(0x7f0000000240), &(0x7f0000001880))
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1200000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000ff000000"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40032143, 0x0, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f00000002c0)=0x4000103d1)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
recvmsg(r3, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x2c, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x30, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_SET_ID={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x30, 0xc, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb4}}, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
ioctl$SNDCTL_SYNTH_MEMAVL(r5, 0xc004510e, 0x0)

4.730047806s ago: executing program 1 (id=964):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000080)={<r1=>0x0, @in={{0x2, 0x4e21, @multicast1}}}, &(0x7f0000000140)=0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000180)={<r2=>r1, 0x1, 0x3, 0x4}, &(0x7f00000001c0)=0x10)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000400)={{0x1, 0x1, 0x18, <r4=>r3, {0xd}}, './file0\x00'})
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000680)={0x53, 0x7ffffffffffffffe, 0x91, 0xf, @buffer={0x0, 0x5b, &(0x7f0000000440)=""/91}, &(0x7f00000004c0)="cdc84fd99d2fc47dab282126ab51cae5eaae9d84177ae2261b0028cc44a3fd3602403081f87615f497635dc72c587375e4249abdf36eb07011c25ca3392a8a9af5bd4dd72d0a625fa94e8afe69600ebb683081aa51cacdd020eb4c2d27b03055765e0a726b4542d3782a68792d5c06a9e402b3e9369a7404d0aca70cc0271cd2077033cd84ebe01641a321aefdbb961063", &(0x7f0000000580)=""/172, 0xaf90, 0x10002, 0x1, &(0x7f0000000640)})
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000006c0)={0xfff, 0x8, 0x200, 0x100, r2}, 0x10)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000700)={<r5=>r2, 0x7, 0x3, [0x3, 0xfe01, 0x29]}, &(0x7f0000000740)=0xe)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000780)={r5, @in6={{0xa, 0x4e22, 0x1000, @private0={0xfc, 0x0, '\x00', 0x1}}}, 0xbe4, 0x6}, 0x88)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000b40)={r2, 0xffff, 0x20, 0x1, 0xc1f2}, &(0x7f0000000b80)=0x18)

4.654033202s ago: executing program 1 (id=965):
r0 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000100)=0xffff, 0x4)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @mcast1, 0x3c}, 0x1c)
socket$kcm(0x21, 0x2, 0xa)
r2 = socket$inet6(0xa, 0x2, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = inotify_init1(0x0)
inotify_rm_watch(r3, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x0, "ee471a55b5e2c266422ef07bbfd7a61e37466e060403bbd8115bd48970e86a02"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7279, 0x0, 0x4, 0x316}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000000480)={0xa, 0x0, 0x0, @rand_addr, 0x147d}, 0x1c)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
write$UHID_INPUT(r9, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b32323b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdc69c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d9560ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f733b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
ioctl$VHOST_SET_OWNER(r9, 0xaf01, 0x0)
setsockopt$sock_int(r2, 0x1, 0x31, &(0x7f0000000000)=0xfffffffc, 0x4)
setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f0000000180)=0xc3, 0x2)

3.896206001s ago: executing program 5 (id=966):
r0 = fsopen(&(0x7f0000000200)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0186405, &(0x7f0000000040)={0x80000000, 0x1, {0xffffffffffffffff}, {<r2=>0x0}, 0x0, 0xfffffffd})
setreuid(r2, 0xee00)
openat$cgroup_ro(r1, &(0x7f0000000000)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)

3.894349455s ago: executing program 5 (id=967):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendto$packet(r2, &(0x7f0000000280)="0f30d9eec1935b7b88c7b9e794eed30b622f1045b921055c7647c4396d5163e532cee80669b376006dd76b9bd738da323548df98fc79d6f93ddeb57124416830e9e3307e1f0b265e1a5ebfd085281bc8169ec4976c84fb2f412c7610eb5773233ba2bc3190c6e71fc89ef6a2beb7856118b59e51e9d2f3f8128eda49531181e368413136b1b9d92068f049148c74afdcac45c8eb8c4365e0329b00d552a406c1d51262a2b2b015e10227fc7eeb03b26f23aeba362974ec2ec1202debd78dd5d388abd47708fde7941755f66aec1d", 0xce, 0x0, 0x0, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
r4 = fcntl$getown(r1, 0x9)
r5 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r6, r6, r6)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={<r7=>0x0}, &(0x7f00000001c0)=0xc)
r8 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r9=>0x0}, &(0x7f0000cab000)=0xc)
setuid(r9)
getresgid(&(0x7f0000000200), &(0x7f0000000380)=<r10=>0x0, &(0x7f00000003c0))
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000500)={{0x1, 0x1, 0x18, <r11=>r5}, './file0\x00'})
syz_io_uring_setup(0x6fb0, &(0x7f00000005c0)={0x0, 0x361e, 0x200, 0x0, 0x26e, 0x0, r11}, &(0x7f0000000540), &(0x7f0000000640))
r12 = fsopen(&(0x7f0000000400)='fuseblk\x00', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))
r13 = syz_socket_connect_nvme_tcp()
sendmmsg$unix(r2, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000980)="808c777c09042f08b03a76b653853764cfa44e4886a773cf4826fe59d9d70e20f6f55d66d97dd371d810627372edf47066ad13b6e7c652556b1bc8bd49fb34bd96ba27a03af9435fe1e4019625b5e86222c1cf5fa1eba989d953438c5605d76e52059ce837b4138cb18e95f26e736f9b261ea1972d2d6616dee305b1fd52bb2a52de77c69e49a267cbeaab09fa59c10cb4112d19b3d45cd814a1703c49715dd477a535e25a996b59b3a4e2e06b627d6724e69da8dc7d313c64c2b46314a9e283ff2fcda4dda410dab16dd088324c251cffb1f0f4e065f4852adcdbad576c31d9bb3cbafd0d9b774106535d7aada8c53933956b7f2f6e2245f58a12a4a89e3a4b9607b16b39d8320b2cef37394cc2c0b118c4b4aa73cc850728266e844b5fb3da7e0b97bb9975472d888b392db40cdede2537f8c0a2aebf2dc9d1703f74c8f3781ed309b8089dced9435d5d184f64e00c676265363de1eaae0f6702b6bf9563ec4bb7f5e30f299ee5853d9efe60279d2cad291c3d7c82d92602488b9b7cec0c4eb24691cc6c3424c2a34397b666b27481eb49d462ffd4af4a65716cd83365bf6be9752e9674b931b872b71158d97be324dec11358a42b0e34f16c036e7bc7439606bff8f5812d86bfa6e53fbe193f8af93bbbdb28e22c39c263e9dc2a482a82874c1cc716bbe4942ff6f564be0f14c8f2c69d57efcc97b03a8d27904e0410aeba779eb7aefd305498fb0a060a452c8ab5d5eaf15e1c09f0dc7f4626cbc814a1d900cf116c34bb409a62685d3b0f3ada8f070dfc69279b8351bf886e8657de308684bdb6100a8ab62097486559135de33ad323539659547db111f178da7ca7c66198dfdf6f3b6cea9ae8851d553cf6f9329099007c8b82f9e60b849678d56e4794220b90f5bb4ff4b23764bcfd89715c72fcc6fd7892bf8990dd6c01e0b29b6f0a3c12e90e5b4333902f6707918e1cc7e22cb9d4cf821e420a0bb644685eb1e936297aaa4a0cb7b7bfc3865f71e2eb6269b5a8572623e84464a3ab963c10d469ddd8b2817972859304ac0ff3d6830a3737997a367aea18bca8d06732ad306ce83f98fc80b28838f164de6f07fcb08278d2a01546932c2f6db85bb06e1bb428af89e4a38ecf022ce4a24a50cf5818ee30a18bf1c3f2d128406b763e16b4a7401396cbc20b09049fdc8aa51d021b2e1d18631cf03de57f2ccfacaaaaed0ef74da97942848e8c6f8b60aaa0482ac59d3d58df264d8a533bc17412c1560a68b4f0d0773e28549af1d2af817244b14b85b44c6dcb1bcb32a37a7dbd84a8a430c67cea7a45067e05156199cded3b84504593a8d76da24827f046f142f8321ec726f208129a219de3f92003c847a9b4a48ffbdd976045b726cce6deba074e22dc5eee3915af4674c45b48abe8a83b62fdee84565427ad14804d22d0f97619e8273b437621acc710aa331cd02f60e1bf0b291391c600ab5424de976ce2d0e2de83c4f4197f92990ac8c1b2ef139e9a6e875a3f21eb44c0cb71fb3bef488b267a17829a767dbe52077fd766573660dbfc25c87033d93423b1d7a1b5d969b1366b072cdcd79001d49f3b16d4c4cab6b0b5323a82037e6433e3ab965f67dff0c714f3da3e1658ae38babe0e7c5bd67b1e9119a28f7fd8853a917c3575246f0ae0ca0929b53bd12b812cd5bc599a1506ea01b88da9b7bd9d989dd7599312aabe661601f80bf540b74c118493dae1d9c815875abe202599ac9b9d2866f3070e4cde228a13d78f00a2f03b7376c198151fc34cab4eba6036dcadbf0784e5d88854a91b15995e8f936610bc70c381b3ff607eab77430226a2da809793c87526dbe5a4491ebc1349ba41aaf660dc96562f693054c06e275ece27e9c02eb0061792bf34d77e5cc31dfa9dc5393df68f409c587ffcfe22bad20ff7f4cdf297930f289d93882c92b1afccd6b4d53a0f9219b8d9b9321c8aa4ae78a54868cb6b838c207b25cb695aea0be721f202e6d87b01b22fbf1f2ce20ae0a24a722b8ce64ee7d21492d3395ab6264a9a9044961b1200c98d0dfbf926421958c16966ab028c0544c0f3f8f9053622f9422b250c63ba3db3f3e92bb33e51eb1c8d41a04d4507eca330d27e3c4b8f9863c100358ffb16747952fe29a73f5f445a1b6d23deedf37f1dbdc4f312283834a53c5bb2d5681db2c6c4d9fa61a84136fc35af38acb7b5c3ab317e46d2694c15c0c4786490b4cb3d6e849948d9199aaaa900f9d1c247ba505e7e8b0cb2aea83c0e159cae1b775beebfce2132c603b21844a7b2468760c689b7b640a6384198db7ed6089f010e67c36f095d9fb2402478b0782ad8b3d17c75ea9ab73cf611a3234111b0102a7e5a972abae9ac26a97cd550a8ed64fe22c7c38dd9aad7a2c758889ef552f102f23d8548ad11b89ca98e8f5a6e4c67e54bf57cb1fff81527d5fdd21a2c60a47d7fc757bcf57525327b08b5862d25d7bc6ccb9a2d7a07dd05f255aa9a5448ffaec9a1de68c2c2eb21ccca681d9d527d6b051f867f5a1d07535c7a3170db4743df3888098507bf7c81bbdff5d23ed9330c687bc8712cdadaf36c9e82ee494734cb87988f8bc0b9d904f28ee5c15b62a0cb83bbda8a4da7245bb0a99b4c9a3b6c4784dfd07021ca375a6c0fde19bbd4a332004fe44268ea36cc2592467e5563220a0813c6e93661b8ea3b673bb6ff6e9b68773542a813537b5cc58adfb95b6e8bb54927acde1aee77aa1d6f724a2ad1dfc13095ed565f926709e9c6767216e12b5a8e62641b0dd5a8f95c99687f93c2448896026623db363e4a4d595a650e4386777865ad556a32159fcc84757862952c0f000ce7d2e1c1df801d86f0d7792f0baf376d7dc9ed9a34bf10d2f7f40c7fd4e6fdb173f3fa95fc46d7f21503ade2e9987d05e9138c56162e9576d3f2d942f3456c3ecdc978ffb882b8ddd938fd64e696c6a52fbb5b588d184458ba102fe9957ad3733cbf5e3ff624948bf2a6c291f29be2f8342d88764e63bbf503b6babd1a5a3b03fc8e3515dc5f92a1b41b746da90b4fb315a91b634bdf0e5b8f7b2e8d10dabfccbef7687c3321365028002e64fe4f34b4a3c7425c2d95f66f34dfb22c31d2709a852a6a27a026535a7d87e6d8ed561d1e55bb7792586bbc010a1e245c698b21171a1a5cb30ee99238173f8833c453f0597170817ae87e6fc609d390e7f757f3ee4f470da7282742efc5872873bfaa6a9737a2bb8ee788fdf2d798c4dd2e2e77fafb5673c43cfb189870ec46fe82c62383f92004b231a6d4664d834f15c7358ef9b7e90ca17eec2b689000527ebf720cc3fbc23f9e32338b6e64065dd420526160d3aac3385d7f6deef20e582f985f1bb2dcfe824a60c2effca890f93ffdf8bb68788e4b90caabdeec66dffefd9d52e24488044db297973f8873f3f5a779128718254283f556b87d904ad9c3625997724e587fb1418026b01b128463cf2f820a0f3ff06e66b8dd3e91bbce1b1e74b5b2400ba7f4a2810d353173385c8a0beda50261bda6ae5e7dfe028060824767729fe701507c149d4951cdee17ad249b3b88320185c3fdd6ad094e7f65421c9d417ea0cd6a3685524596b53af0580734ef4057ed96342397d14f7464ed7af038bc91db16082c1cbe9994801804af8b8618c889a6d45743fd7fff2fcc5cc7d58d409a3b4f221b22414a70a1e0f3957e8dc07ef495dc841e1f50ba7b45dd36698458c0df2ac144f7f86e5165e2fe8e2c1595108ea5d6937e9037b505ff5672e2d77afda47c04e461be5f21b1df3f22f1430991b00e00040534507519c07158db3d3fb7b6d4809a110e9a1037a179c358dc2c0baf0eb6bea76614b1a3c2d415556a117b3f3cc867bdc974d34248758b3679afb8afce40bdd00214aeea4de7a606965ba1bbab7d21f18e6cd98e7dafed9321263e5ddf69cdb036d49a7ace1c7bab73d0f02cfa43e2f192cd1d3d2e319173ee0ddc04ca3791d6aca5a0143d21c9455d510e951365298c8e53d25a93894ae47b5ad4abf672bc3a0550d1acbfa03774de77713af9284f3fc26c4509025d43be2d812eea835dc943498339352909675429f758b596506b6ba71d4291140abb6497fb52bc359d8581f31106c25228fc11f3391809afaa89c525659e03884e6c3a186574b58d88a6624deac8b2b131bde26350cc8c734d9f3739bfbed91f1e46792e9fa08b6097b9f7907c890246f9a95bb7f8dee8ad90011e6a55115a33bb13124e267af3ce87583168a7603922467328895bf440b31bf25468419d21de438f1f181d73c7fd2e7278a90bfd23674011462b947596dd90ab4dd7e7efacfe31ecab2e7edf2f1d69a99aced15fd80b49500529a14de7abbeda13e4e1d7134d99abd43303537053b914880a8c5653ba15d1b1561a41d5fc73865a84571ebfc36cc4d3af67a972c0bd2525edcbbac46e4579e100ac21fb54b9e21b89e039742582119b44694f454ccb73033cf691a77e8efaf42129d669c462ba441a87911fc602b48329bcc3bfde06ed864424946a5f5024f97ab2a1c4d7a8abe7adbe8ca9a646b04ba2e2446169f76cbf87f33a04b75688cad1ee7eca4ca58fb266e2e16b00d526bef1c78684be400f9155205b10b0a59eeb8d4ccaf6f8b3e917918a5940794538b7321a0c0241b72127a4dd5b5e93361fcd5fd0d34747983f8112b9439e9c2b99ee733644834d9b381162888ab280148756bdaabe1cf88526730ea214a74e967fc9b5e1501b28688fdc2892cb24fbf3a0412fd5bffeed74aaa2f5e31ad302a8a9f3d89478213ec923bc2e1ed1ecdc3f1838a49f93a4b6a2afb8f20a08e8f600b868eedcb0eb33e6908ec129f47695eec86eed53fe62ab765802570f512531c972764ef5d4cddb819dc095ec3451c0fe7692fa9af7bde72d45aff3892e97c8a30f517aa99c2521a1ecf46be6f3b5b20d9bda42fa98dbb2d46313dcc9854f0e73ba20c524aab368d22682c36da53394fde619f80ad1352e480534f7f323e35f1ce0b6510201587f9e1537015a3d0a7237279c07fea67f4fe1ef5ae663b67a7dd9af4d6cff5c34de0190d0fd9cbb8a98468750e6521ef1134ebaa26774e2bd6e9326d57c379d8ca350b68f1b6fdb36eec2bf0825a92204371abdf71dc6b4aa688a13b85fa29cbc2d60ec54aef306821414eed4884d2b55b1ea17faa41ecbd01ec8ea47b784cfb10d603c7e8952e313324605e20a3bc35caa0df97470983d411041c2fc7240c3511cc0ff628fad630b3a027ac89190cad04061dc2117b3abf7be85d125f9a40db77b0d53337bae4e9cdc42840ffd9ba4f1de04bd76d4a45a1937c3a9e0439140e5a725d79f0a6e7004dd0967dc499c8d6f1622164109548c6c35488010d6bbc9b03b1ccf49598c5e823484165a69f2c6d9012a86c2f58d03e3512282ca7f4c600f77bba0764e21676dd105a3813beac9a8d96eb3f6b3de07bc60be0478186dd7dd3122e00fc2c28493630c7fb421472e963f8d67481974af547b2679f12331ab64bc584262d4782447e08757728932eae4546de1ff0df291a3adae03620accd079f1e9fb7a832ed14be4a51fa7f176a0c73633d34a209df932aab20fbbc45a57ebc539e922073cbd3835b082f1d1313fb0c6c763f445aa8165b3e3f6525d0ab1099a641e0b40e9a08836d6be75c48d48c4592ac5463d8396449c95aa72ebae86d7d76f937e9fc91bf007ff32963441f4ec5cff282eaf5b93a1cd507fb5d11e6968f0b3e2ac2d3ea64d6aabdb7babcd79b1de81ccc2d38724272543d590030617e87aee1ff1a9e943b5f1ed", 0x1000}], 0x1, &(0x7f0000000440)=[@cred={{0x18, 0x1, 0x2, {r4, r6, 0xee01}}}, @cred={{0x18, 0x1, 0x2, {r7, r9, r10}}}, @rights={{0x30, 0x1, 0x1, [r1, r0, r0, r2, r1, r2, r12, r13, r2]}}], 0x60, 0x840}}], 0x1, 0x4004000)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_PROTOCOL={0x6}]}}}]}, 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xe}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000800}, 0x88)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x24, 0x2a, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x6}, {0x0, 0xffff}}}, 0x24}}, 0x0)

3.811037054s ago: executing program 5 (id=968):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000880), r0)
sendmsg$NFC_CMD_LLC_SDREQ(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000800", @ANYRESOCT=r0, @ANYBLOB="01092cbd7000ffdbdf251300000008000100", @ANYRES32=0x0, @ANYRESOCT=r0], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000000)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
getpid()
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x8, [{0x0, 0xfffffffd}, {0x10}, {0xfffffffc}, {0xfffffffc}, {}, {0x2000, 0x6}, {0xffffffff, 0xd6}], 0x3, 0x7, 0x8}})
prlimit64(0x0, 0x5, &(0x7f0000000000)={0x5, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
get_mempolicy(&(0x7f0000000100), &(0x7f0000000240), 0x10001, &(0x7f0000ffb000/0x3000)=nil, 0x2)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(0xffffffffffffffff, 0xc0bc5351, &(0x7f0000000040)={0x7fffffff, 0x2, 'client0\x00', 0xc, "97bb1c1b67dda3c1", "fb918b3c78e5e11c3586883b9d7aa028070de012a70c07003944ef5eedf58bdc", 0x31, 0x9c9e})
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89e0, 0x0)
getrlimit(0xc, &(0x7f0000000280))
socket$inet_udp(0x2, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x3, &(0x7f0000000040)=[{0x9, 0x0, 0x1}, {0x1}, {0x6, 0x0, 0x10, 0x8000}]})
r4 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0xfffffffc)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000f4000040"])
landlock_create_ruleset(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)

3.393573134s ago: executing program 1 (id=969):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYRES32=r0], 0x2c}}, 0x4045)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0x7000000)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8b35, &(0x7f0000000080)={'batadv0\x00', @remote})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1, 0x0, 0xfffffffffffffffc}, 0xffbf)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e", 0x19}, {&(0x7f00000000c0)="bc588bb49cff7d081d465efc09c57bbfb7b83fa636", 0x15}], 0x2}, 0x0)

3.389729619s ago: executing program 3 (id=970):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x2000, 0x0, 0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r1}, 0x10)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
fsopen(0x0, 0x0)
r2 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
recvmmsg$unix(r4, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)}], 0x1}}], 0x1, 0x9200000000000000)

3.111982218s ago: executing program 4 (id=971):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x3)
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, &(0x7f0000000040)={0xf, 0x400, 0x2, 0x5, 0x2, 0x16, 0x20, "0ef003cdb500e5ae131674636cc82b0c5700", "ef0981ec4bda9676d71bc6d5808a2cff16d4b146"})
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10)
sendmmsg(r2, &(0x7f00000007c0)=[{{&(0x7f0000000380)=@in={0x2, 0x4e24, @local}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000800)='&', 0x1}], 0x1}}], 0x1, 0x2c000011)
sendto(r2, &(0x7f00000002c0)='q', 0x100000, 0x8000, 0x0, 0xfffffda7)
socket$kcm(0x29, 0x7, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f00000001c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x10, &(0x7f0000000040)=@ringbuf={{}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close_range(r0, 0xffffffffffffffff, 0x0)

3.037634515s ago: executing program 1 (id=972):
socket$can_bcm(0x1d, 0x2, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xffffffffffffff2f, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0x21}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

2.443838325s ago: executing program 3 (id=973):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x3)
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, &(0x7f0000000040)={0xf, 0x400, 0x2, 0x5, 0x2, 0x16, 0x20, "0ef003cdb500e5ae131674636cc82b0c5700", "ef0981ec4bda9676d71bc6d5808a2cff16d4b146"})
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10)
sendmmsg(r2, &(0x7f00000007c0)=[{{&(0x7f0000000380)=@in={0x2, 0x4e24, @local}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000800)='&', 0x1}], 0x1}}], 0x1, 0x2c000011)
sendto(r2, &(0x7f00000002c0)='q', 0x100000, 0x8000, 0x0, 0xfffffda7)
socket$kcm(0x29, 0x7, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f00000001c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x10, &(0x7f0000000040)=@ringbuf={{}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close_range(r0, 0xffffffffffffffff, 0x0)

2.407218543s ago: executing program 4 (id=974):
r0 = socket$inet(0x2, 0x3, 0xb) (async)
openat$nullb(0xffffff9c, &(0x7f0000000000), 0xc002, 0x0) (async)
r1 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f0000000040))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x30, 0x4, 0x6, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040}, 0x8010)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0xa, &(0x7f0000000180)=[{0x2, 0x7, 0x6, 0x4}, {0x6, 0x4, 0xf8, 0xf3}, {0x9, 0x9, 0x5}, {0x79a, 0x9, 0x4, 0x401}, {0x5, 0x3, 0x3, 0x6}, {0x4, 0x0, 0x34, 0x9}, {0x2, 0x3a, 0xb, 0x2}, {0xd, 0x4, 0x2, 0x77}, {0x3d10, 0x6, 0x9, 0x7}, {0x6, 0x10, 0x9, 0x7}]}, 0x8)
r3 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280)=0x10, 0x0)
recvfrom$phonet(r3, &(0x7f00000002c0)=""/148, 0x94, 0x40, &(0x7f0000000380)={0x23, 0x8b, 0x7, 0xf5}, 0x10) (async)
getsockopt$PNPIPE_ENCAP(r3, 0x113, 0x1, &(0x7f00000003c0), &(0x7f0000000400)=0x4) (async)
r4 = dup(r3)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000440), r4) (async, rerun: 32)
setsockopt$PNPIPE_HANDLE(0xffffffffffffffff, 0x113, 0x3, &(0x7f0000000480)=0xc, 0x4) (async, rerun: 32)
r5 = openat$tun(0xffffff9c, &(0x7f00000004c0), 0x40, 0x0) (async, rerun: 32)
getsockopt$IP_VS_SO_GET_SERVICE(r3, 0x0, 0x483, &(0x7f0000000500), &(0x7f0000000580)=0x60) (async, rerun: 32)
connect$phonet_pipe(r3, &(0x7f00000005c0)={0x23, 0xe, 0x1, 0x7}, 0x10) (async)
setsockopt$bt_BT_POWER(r4, 0x112, 0x9, &(0x7f0000000600)=0x2, 0x1) (async, rerun: 64)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x9, 0x3, 0x218, 0x0, 0xffffffff, 0xffffffff, 0x90, 0xffffffff, 0x184, 0xffffffff, 0xffffffff, 0x184, 0xffffffff, 0x3, &(0x7f0000000640), {[{{@ip={@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff, 0xff, 'gre0\x00', 'nicvf0\x00', {}, {0xff}, 0x84, 0x1, 0x3f}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}, {{@ip={@private=0xa010100, @dev={0xac, 0x14, 0x14, 0x23}, 0xff000000, 0x0, 'syz_tun\x00', 'virt_wifi0\x00', {}, {0xff}, 0x32, 0x3, 0x1}, 0x0, 0x94, 0xf4, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x9}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x4, 0x4, 0x0, 0x0, 0x1], 0x6, 0x4}, {0x3, [0x3, 0x0, 0x4, 0x2, 0x0, 0x5], 0x1, 0x4}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x274) (rerun: 64)
ioctl$sock_inet_SIOCSIFNETMASK(r4, 0x891c, &(0x7f0000000900)={'ip6gre0\x00', {0x2, 0x4e20, @multicast1}}) (async, rerun: 32)
io_setup(0x1, &(0x7f0000000940)=<r6=>0x0) (async, rerun: 32)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000a80), 0x4) (async, rerun: 64)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000e00)={{0x1, 0x1, 0x18, <r8=>r5, {0x8}}, './file0\x00'}) (rerun: 64)
r9 = eventfd(0x401)
io_submit(r6, 0x8, &(0x7f0000001180)=[&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x7, 0x6, r4, &(0x7f0000000980)="e1bba18d98a666e01f45960824d98050e8e843ca1fc0526a72722d128aab3da4b6dd591c14f1f83a8fe9ed4a1109d2a710df50b89b4b99ed7c77d910a04217d4bc3b9e4208b94a24ebeb80862815764c7a43beead52aef9f7ea66ef1e507c72f92ffb0716022226799da46710ba4bb6910dd6843dfb94c83f420ed83d465867954", 0x81, 0x8, 0x0, 0x2, r4}, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x8, 0xe00, r7, &(0x7f0000000ac0)="5979f12c63f35b1d1f8ece19dd27684ce2dde38813f064eae44ca35f1db0ac7caf3e216e8ab111acf125ff29dc1e04aeab5380186a17f5b37aa15e5c25d2bc5142f842795d918c083811b9d679cedb7194da83fa", 0x54, 0x1, 0x0, 0x1, r4}, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x3, 0xb, r3, &(0x7f0000000b80)="9529bdd23c82ed8dbc4894099848b189261724ab678595d54b534edb85ab68576ee8633705c8c65af9b5729ca2a126b5a6bb8ea227afe3c1c01eb6cce6c0ea5119df45009a21f7a45c5e000658d95d5ff62b8b444ca412fadd5888ca8681010aea39ce4482ddb3df8d764e74d2872b5b76bc8ee09c0f7f8d6a7b1e53613a89713919a87406d2d046c3ea5f473abaa8c7742ec95664312639a9dd9925856a32b5feedf24034c4fe91eab69a73bf7c1862e23f6308acdea35233bf25f22a33df97049e3cd32fa53e2f20347c", 0xcb, 0xfffffffffffff000, 0x0, 0x1, r4}, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x3, 0x7fff, r4, &(0x7f0000000cc0)="fdd7a93b342681b758f70d55bd299daf962baa5cec98cc8f4b7439be8844d66aa0aca68c2327226df1ba2ffaca42707b4869b41fee0b917aba07dc0e14cf394051f832580408ffd5b216f15ccfae356223b1ed107972af3fa8f7ed82d0b26d0038425f008742540297a2adb572018732ffb01bbec69c9eb5b765eef279f61c417d84bd739bc0f0ee8d9d86ed3b80fa7dded41285e33a13257d37e23b5aa72c9bd9b442ab0ff649042e0f969d8c40382f3d8544e6a26c6e5bf277c321c65f", 0xbe, 0x1, 0x0, 0x3, r4}, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x7, 0x7, r1, &(0x7f0000000dc0)="dd982a9ebd72e85d3289bc5f4a61e738cfe29a4b01bd96d0db3ea9a45923247e993c7c3e3154dc0186558eb53eecce4eab87f61b85c281527ced552e112920", 0x3f, 0x7ff, 0x0, 0x1, r8}, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x6, 0x1000, r0, &(0x7f0000000e80)="ed6ffe072ef8d3b29035345ad98424e3aae5965c8da8517228581ec9706f9637b6e38520965327540790192f9dd7cf1fab6c565d810ea4598447d88c9ad9c2de6f347c879771258390bc98ba9e57271e00e7be09d4a28df996179e972a72fe8208229a82f9e4a9664a4b4c21d6d9bc56f48724e00524781ecdf3b5864f721f4238b173e1a500a57bcbe36392dd8358b080e2183a65692705c447cadf9daa642891f7884d4a01fb5bf74cfbfc2d41219f7dbae1fbd7184817a9cc1b1342d091b0312b93bed6726957a500045749181f19d9474d801bf5e99a734d1566020f36e05c9bfcb59ef527b583e3e657f9c764f86e99736e96", 0xf5, 0x3ff, 0x0, 0x1, r4}, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x1, 0x7fff, r2, &(0x7f0000000fc0)="57a4ee169a505a04631c5f526fefd00278af745633342596b554f50defbd8bb0efe9a62cc740691306606e06bad69a861e8829130c6b453aae081925ca2a221941cebe3837b14a9859c3", 0x4a, 0x3ff, 0x0, 0x0, r4}, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x5, 0x2, r5, &(0x7f0000001080)="2eb7389b5c90d9613e9379bea25188030fdb30a90e3463f6a93c78bf7cbdac1829a4999944d0568a55a2840144bee3748a0f027054cc0ea8040a049212706859e6a335cf0bda03da0efb34c6329debd3d9eb6c686919fa4716862df7981e2fe81590983f36173ecc91bb5c2f6e257b3c91ea6cd3e47fbcfcb3fb033f122057e8bbcb2d06b8a80819f5b751ea7e415a94", 0x90, 0x100000000, 0x0, 0x1, r9}]) (async)
prctl$PR_SET_MM(0x23, 0xdf36d9a2f7bf8e62, &(0x7f0000ffd000/0x2000)=nil) (async)
r10 = fsmount(r8, 0x1, 0x4)
getdents(r10, &(0x7f00000011c0)=""/109, 0x6d)
syz_open_dev$MSR(&(0x7f0000001240), 0x1ff, 0x0) (async)
connect$phonet_pipe(r4, &(0x7f0000001280)={0x23, 0x7, 0x3, 0x4}, 0x10) (async)
ioctl$BLKROTATIONAL(r10, 0x127e, &(0x7f00000012c0))

2.330701248s ago: executing program 4 (id=975):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_genetlink_get_family_id$nl80211(&(0x7f0000004880), r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
mlockall(0x7)
syz_usbip_server_init(0x1)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
recvmmsg(0xffffffffffffffff, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000002, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x286, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x1}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r2, 0xc04064aa, &(0x7f0000000040)={0x0, 0x0})
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x28, 0x5, 0x0)
syz_open_dev$vim2m(&(0x7f0000000140), 0x2, 0x2)
r6 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x4f5e, 0x10100}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r6, 0x567, 0x0, 0x0, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

2.164153363s ago: executing program 3 (id=976):
prctl$PR_SET_FPEMU(0xa, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(r3, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x1, 0x0, 0x6, @random="b6c1c02b5fbb"}, 0x14)
bind$packet(r2, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
close(r2)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x6c, 0x30, 0x17b, 0x0, 0x0, {}, [{0x58, 0x1, [@m_bpf={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c}, {0x4}, {0xc}, {0xfffffffffffffe4d}}}]}]}, 0x6c}}, 0x20011814)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000300)={0x0, {}, 0x0, {}, 0x0, 0x3, 0x17, 0x10, "7c0cb25e7e1aacb2b00e859f6fa90727bde75c8a40509a97e9d62e01147b7c84f70c7637b0b4d06a965903434af8a31a59dd9a544def490d286be411d78958a0", "b47592a7afec666992a0eeb7e64db8835c154d9d8e4d0d049d8b2b74a92dc58e", [0x3ff]})

2.161502743s ago: executing program 1 (id=977):
openat$mice(0xffffff9c, &(0x7f0000000140), 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5e1}}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
capget(&(0x7f0000000000)={0x19980330, 0xffffffffffffffff}, &(0x7f0000000180)={0xfa2c, 0x0, 0xffffffff, 0x3, 0x9, 0x5})
fgetxattr(0xffffffffffffffff, &(0x7f0000000300)=@random={'osx.', '/proc/bus/input/devices\x00'}, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="14090000000a1c000000000a0102000000000000000001000000080002400000000114000000160a0104000000000000000001000000480000001898b201000b000000000000010000000900020073797a2ff60000000900010073797a30000000001c0003800000000000000000140000001000010000000000000000000300000a00000000000000000000000000000000785e3e8b667625471df1a5b3ef041f975abc3bdc32cb4b89ee98a47b6d7168fca8212ed3f1de8b44e5253fe143df5976f58ff1c088d4a1050df355b89c259e46ea00"/225], 0xa0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902"], 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)

2.000086834s ago: executing program 3 (id=978):
r0 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000100)=0xffff, 0x4)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @mcast1, 0x3c}, 0x1c)
socket$kcm(0x21, 0x2, 0xa)
socket$inet6(0xa, 0x2, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
socket$packet(0x11, 0x2, 0x300)
r2 = inotify_init1(0x0)
inotify_rm_watch(r2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x0, "ee471a55b5e2c266422ef07bbfd7a61e37466e060403bbd8115bd48970e86a02"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7279, 0x0, 0x4, 0x316}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.165094185s ago: executing program 5 (id=979):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='l%\x86\xce6\xdb\f\xcf\x19|\xc9O\x7f\xce\x8f\x7f\x1c\xeay\x06\x00\x00\x00\a0\r\x13\xaa\x84r\xd7^\xe82\x0f\x1a\xf1\x02\x00\x1e&{\xee2\x95I\xca\xbevl\x12\xb6 \xd4')
syz_open_procfs(0x0, &(0x7f0000000280)='oom_score_adj\x00')
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x123f41, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000000000000000100000200000085000200280000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xd, 0x0, &(0x7f0000000100)="e0b9090000d66dddab676802d1", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x4c)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @sliced={0x9, [0xce, 0x7, 0xe7, 0xe, 0x3, 0x8, 0x1, 0x8, 0x9, 0x2, 0xfff5, 0x3, 0x1000, 0x8, 0xd, 0x0, 0x8186, 0x3, 0x403, 0xfff, 0x2, 0x9, 0x1, 0x4, 0x1, 0xffb, 0x8, 0x1, 0x8cc5, 0x7fff, 0x208, 0x6, 0x5, 0x51, 0x3, 0x4, 0x4, 0x9, 0x401, 0x5, 0x5, 0x3, 0x5, 0x2, 0xfff8, 0x9, 0x2, 0x1]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r4, &(0x7f0000000000)='./file1\x00', 0xc000, 0x0)
rmdir(&(0x7f0000000580)='./file1\x00')
chdir(&(0x7f00000003c0)='./bus\x00')
link(&(0x7f00000005c0)='./file1\x00', &(0x7f0000000600)='./file0\x00')
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(0xffffffffffffffff, 0xc0044dff, &(0x7f0000001480))

1.16436021s ago: executing program 3 (id=980):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r1, 0x0, 0xb0, 0x0, &(0x7f0000000380)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc984e36014b09ccc13e0460151feb99a1e82e9514fc5d4e488a7b9f6594ee771c4e42c0645247983ece805c651f624c3d41854947b70bed6ec300ef5ca37aedc76a075411d60e0cf512536c4c82dd5f4b92ff9b2a10ed84aca2e1cc9c134c17b9acacf6555d66177478e0d51d65686dbfcdc63e26b9a53007e5356524ffbc077494d73f53b6f6f92628441bbff7e0a064ab56e9cffce505cb118dc79c", 0x0, 0x0, 0x0, 0x10, 0x0, &(0x7f00000001c0)="49723b3aff082b4f3f38c4ce3a132138", 0x0, 0x0, 0x0, 0x5}, 0x4c)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
shmat(r5, &(0x7f00003e8000/0x1000)=nil, 0x4000)
r6 = socket$tipc(0x1e, 0x5, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a000000060001003b"], 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x0)
bind$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
ptrace$ARCH_FORCE_TAGGED_SVA(0x1e, r2, 0x0, 0x4004)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8b19, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})
write$apparmor_exec(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB='stac'], 0xb1)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_WANTLQI(r9, 0x0, 0x3, &(0x7f00000000c0)=0x1, 0x4)

908.303505ms ago: executing program 4 (id=981):
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000015c0)={0x2c, 0x0, &(0x7f0000001480)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x40b}}, 0x0, 0x0, 0x0}, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x30313953, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
r1 = io_uring_setup(0x6b66, &(0x7f0000000040)={0x0, 0xffbffffc, 0x10000, 0x0, 0x3bd})
r2 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r2, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r2, 0x4)
close_range(r1, r2, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x40000)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000180)={<r4=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000480)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000340)=[{0x2b, 0x0, [0xfffffffb, 0x9, 0x5, 0xffffffff, 0x9, 0x580, 0x9, 0x2, 0x5, 0x3, 0x0, 0x6a, 0x10001, 0x7fffffff, 0xe730, 0x1000]}], r4, 0x1, 0x1, 0x48}}, 0x20)
openat(0xffffffffffffff9c, 0x0, 0x401c2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, 0x0)

701.557544ms ago: executing program 1 (id=982):
prctl$PR_SET_FPEMU(0xa, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(r4, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x1, 0x0, 0x6, @random="b6c1c02b5fbb"}, 0x14)
bind$packet(r3, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
close(r3)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x4800, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB="2c550c30714ce85f6bb62a1be57f60573b480209a056e4081473de6b2d924ee0e74a78edc213f568f966b3b3928d2408f325c5f99e7b42fc0387bda39de48b"])
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x6c, 0x30, 0x17b, 0x0, 0x0, {}, [{0x58, 0x1, [@m_bpf={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c}, {0x4}, {0xc}, {0xfffffffffffffe4d}}}]}]}, 0x6c}}, 0x20011814)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={r0, 0x0, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c18e8438ef2a565ef1e83323695c58d66500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000300)={0x0, {}, 0x0, {}, 0x0, 0x3, 0x17, 0x10, "7c0cb25e7e1aacb2b00e859f6fa90727bde75c8a40509a97e9d62e01147b7c84f70c7637b0b4d06a965903434af8a31a59dd9a544def490d286be411d78958a0", "b47592a7afec666992a0eeb7e64db8835c154d9d8e4d0d049d8b2b74a92dc58e", [0x3ff]})
ioctl$FS_IOC_GETFSMAP(r1, 0x4c09, 0x0)

239.629564ms ago: executing program 5 (id=983):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000580)={0x2, 0x0, @ioapic={0xf000, 0x2, 0x0, 0xeffffdff, 0x0, [{0x0, 0xfc}, {0x19, 0x5}, {0xfc, 0x4}, {0xfe, 0x0, 0x7f, '\x00', 0x2}, {0x8, 0x0, 0x5, '\x00', 0xb}, {}, {0x0, 0x81, 0xbe}, {0x0, 0x4, 0x9}, {0x0, 0x0, 0x0, '\x00', 0x7f}, {0x8, 0x6, 0xfe, '\x00', 0x2}, {}, {0x0, 0x50}, {0x0, 0x0, 0x4, '\x00', 0x3}, {0x1}, {0x2, 0x2, 0x4}, {}, {0x1, 0x0, 0x4, '\x00', 0x1}, {0x0, 0x0, 0x0, '\x00', 0xfd}, {0x1, 0x6, 0x7, '\x00', 0x3}, {0x80, 0x0, 0x0, '\x00', 0x40}, {0x0, 0x4}, {0x0, 0x0, 0x0, '\x00', 0xfe}, {0x1}, {0xfc, 0x83, 0xe}]}})

188.025699ms ago: executing program 3 (id=984):
socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xffffffffffffff2f, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0x21}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
socket$kcm(0x10, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

0s ago: executing program 5 (id=985):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x3)
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, &(0x7f0000000040)={0xf, 0x400, 0x2, 0x5, 0x2, 0x16, 0x20, "0ef003cdb500e5ae131674636cc82b0c5700", "ef0981ec4bda9676d71bc6d5808a2cff16d4b146"})
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10)
sendmmsg(r2, &(0x7f00000007c0)=[{{&(0x7f0000000380)=@in={0x2, 0x4e24, @local}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000800)='&', 0x1}], 0x1}}], 0x1, 0x2c000011)
sendto(r2, &(0x7f00000002c0)='q', 0x100000, 0x8000, 0x0, 0xfffffda7)
socket$kcm(0x29, 0x7, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f00000001c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x10, &(0x7f0000000040)=@ringbuf={{}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

ard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.905428][ T8056] Call Trace:
[  204.905432][ T8056]  <TASK>
[  204.905436][ T8056]  dump_stack_lvl+0x16c/0x1f0
[  204.905458][ T8056]  should_fail_ex+0x50a/0x650
[  204.905479][ T8056]  _copy_to_user+0x32/0xd0
[  204.905492][ T8056]  simple_read_from_buffer+0xd0/0x160
[  204.905509][ T8056]  proc_fail_nth_read+0x198/0x270
[  204.905523][ T8056]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  204.905537][ T8056]  ? rw_verify_area+0xcf/0x680
[  204.905550][ T8056]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  204.905565][ T8056]  vfs_read+0x1df/0xbf0
[  204.905580][ T8056]  ? __fget_files+0x1fc/0x3a0
[  204.905596][ T8056]  ? __pfx___mutex_lock+0x10/0x10
[  204.905610][ T8056]  ? __pfx_vfs_read+0x10/0x10
[  204.905628][ T8056]  ? __fget_files+0x206/0x3a0
[  204.905648][ T8056]  ksys_read+0x12b/0x250
[  204.905662][ T8056]  ? __pfx_ksys_read+0x10/0x10
[  204.905680][ T8056]  __do_fast_syscall_32+0x73/0x120
[  204.905695][ T8056]  do_fast_syscall_32+0x32/0x80
[  204.905708][ T8056]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.905727][ T8056] RIP: 0023:0xf7f14579
[  204.905736][ T8056] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.905746][ T8056] RSP: 002b:00000000f5036590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  204.905757][ T8056] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5036620
[  204.905764][ T8056] RDX: 000000000000000f RSI: 00000000f739cff4 RDI: 0000000000000000
[  204.905770][ T8056] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  204.905775][ T8056] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  204.905781][ T8056] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.905793][ T8056]  </TASK>
[  205.029126][ T8070] FAULT_INJECTION: forcing a failure.
[  205.029126][ T8070] name failslab, interval 1, probability 0, space 0, times 0
[  205.034240][ T8070] CPU: 2 UID: 0 PID: 8070 Comm: syz.0.552 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  205.034305][ T8070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  205.034316][ T8070] Call Trace:
[  205.034322][ T8070]  <TASK>
[  205.034329][ T8070]  dump_stack_lvl+0x16c/0x1f0
[  205.034357][ T8070]  should_fail_ex+0x50a/0x650
[  205.034385][ T8070]  ? fs_reclaim_acquire+0xae/0x150
[  205.034409][ T8070]  ? tomoyo_realpath_from_path+0xb9/0x720
[  205.034432][ T8070]  should_failslab+0xc2/0x120
[  205.034459][ T8070]  __kmalloc_noprof+0xcb/0x510
[  205.034495][ T8070]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  205.034527][ T8070]  tomoyo_realpath_from_path+0xb9/0x720
[  205.034547][ T8070]  ? tomoyo_path_number_perm+0x235/0x590
[  205.034568][ T8070]  ? tomoyo_path_number_perm+0x235/0x590
[  205.034590][ T8070]  tomoyo_path_number_perm+0x248/0x590
[  205.034606][ T8070]  ? tomoyo_path_number_perm+0x235/0x590
[  205.034626][ T8070]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  205.034670][ T8070]  ? __pfx_lock_release+0x10/0x10
[  205.034692][ T8070]  ? trace_lock_acquire+0x14e/0x1f0
[  205.034715][ T8070]  ? lock_acquire+0x2f/0xb0
[  205.034735][ T8070]  ? __fget_files+0x40/0x3a0
[  205.034762][ T8070]  ? __fget_files+0x206/0x3a0
[  205.034790][ T8070]  security_file_ioctl_compat+0x9b/0x240
[  205.034814][ T8070]  __do_compat_sys_ioctl+0x4e/0x2c0
[  205.034837][ T8070]  __do_fast_syscall_32+0x73/0x120
[  205.034860][ T8070]  do_fast_syscall_32+0x32/0x80
[  205.034880][ T8070]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  205.034908][ T8070] RIP: 0023:0xf743e579
[  205.034921][ T8070] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  205.034937][ T8070] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  205.034954][ T8070] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c02c564a
[  205.034964][ T8070] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  205.034974][ T8070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  205.034983][ T8070] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  205.034992][ T8070] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  205.035026][ T8070]  </TASK>
[  205.038782][ T8070] ERROR: Out of memory at tomoyo_realpath_from_path.
[  205.301948][ T8072] can0: slcan on ttyS3.
[  205.904899][ T8095] FAULT_INJECTION: forcing a failure.
[  205.904899][ T8095] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.911349][ T8095] CPU: 2 UID: 0 PID: 8095 Comm: syz.3.557 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  205.911367][ T8095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  205.911373][ T8095] Call Trace:
[  205.911378][ T8095]  <TASK>
[  205.911382][ T8095]  dump_stack_lvl+0x16c/0x1f0
[  205.911402][ T8095]  should_fail_ex+0x50a/0x650
[  205.911424][ T8095]  _copy_from_user+0x2e/0xd0
[  205.911437][ T8095]  move_addr_to_kernel+0x68/0x160
[  205.911452][ T8095]  __sys_connect+0xb0/0x170
[  205.911465][ T8095]  ? __pfx___sys_connect+0x10/0x10
[  205.911482][ T8095]  ? __pfx_ksys_write+0x10/0x10
[  205.911502][ T8095]  __ia32_sys_connect+0x71/0xb0
[  205.911514][ T8095]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  205.911529][ T8095]  __do_fast_syscall_32+0x73/0x120
[  205.911549][ T8095]  do_fast_syscall_32+0x32/0x80
[  205.911562][ T8095]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  205.911581][ T8095] RIP: 0023:0xf7ff3579
[  205.911590][ T8095] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  205.911600][ T8095] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  205.911611][ T8095] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  205.911617][ T8095] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  205.911623][ T8095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  205.911629][ T8095] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  205.911634][ T8095] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  205.911646][ T8095]  </TASK>
[  206.005361][ T8071] can0 (unregistered): slcan off ttyS3.
[  206.018329][ T8102] FAULT_INJECTION: forcing a failure.
[  206.018329][ T8102] name failslab, interval 1, probability 0, space 0, times 0
[  206.023137][ T8102] CPU: 3 UID: 0 PID: 8102 Comm: syz.0.559 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  206.023153][ T8102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  206.023160][ T8102] Call Trace:
[  206.023164][ T8102]  <TASK>
[  206.023168][ T8102]  dump_stack_lvl+0x16c/0x1f0
[  206.023188][ T8102]  should_fail_ex+0x50a/0x650
[  206.023207][ T8102]  ? fs_reclaim_acquire+0xae/0x150
[  206.023223][ T8102]  ? tomoyo_realpath_from_path+0xb9/0x720
[  206.023238][ T8102]  should_failslab+0xc2/0x120
[  206.023257][ T8102]  __kmalloc_noprof+0xcb/0x510
[  206.023274][ T8102]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  206.023293][ T8102]  tomoyo_realpath_from_path+0xb9/0x720
[  206.023308][ T8102]  ? tomoyo_path_number_perm+0x235/0x590
[  206.023321][ T8102]  ? tomoyo_path_number_perm+0x235/0x590
[  206.023334][ T8102]  tomoyo_path_number_perm+0x248/0x590
[  206.023346][ T8102]  ? tomoyo_path_number_perm+0x235/0x590
[  206.023359][ T8102]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  206.023383][ T8102]  ? __pfx_lock_release+0x10/0x10
[  206.023398][ T8102]  ? trace_lock_acquire+0x14e/0x1f0
[  206.023412][ T8102]  ? lock_acquire+0x2f/0xb0
[  206.023426][ T8102]  ? __fget_files+0x40/0x3a0
[  206.023443][ T8102]  ? __fget_files+0x206/0x3a0
[  206.023500][ T8102]  security_file_ioctl_compat+0x9b/0x240
[  206.023516][ T8102]  __do_compat_sys_ioctl+0x4e/0x2c0
[  206.023531][ T8102]  __do_fast_syscall_32+0x73/0x120
[  206.023546][ T8102]  do_fast_syscall_32+0x32/0x80
[  206.023559][ T8102]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  206.023579][ T8102] RIP: 0023:0xf743e579
[  206.023587][ T8102] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  206.023597][ T8102] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  206.023608][ T8102] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004004510f
[  206.023614][ T8102] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  206.023620][ T8102] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  206.023626][ T8102] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  206.023631][ T8102] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  206.023644][ T8102]  </TASK>
[  206.023648][ T8102] ERROR: Out of memory at tomoyo_realpath_from_path.
[  206.082393][ T8104] gtp0: entered promiscuous mode
[  206.093536][ T8104] gtp0: entered allmulticast mode
[  206.130050][ T8108] tun0: tun_chr_ioctl cmd 1074025675
[  206.133081][ T8108] tun0: persist enabled
[  206.134810][ T8107] tun0: tun_chr_ioctl cmd 1074025675
[  206.136383][ T8107] tun0: persist enabled
[  206.217643][ T8121] netlink: 20 bytes leftover after parsing attributes in process `syz.1.564'.
[  206.266450][ T8123] syz.0.565 uses obsolete (PF_INET,SOCK_PACKET)
[  206.275166][ T8123] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  206.312740][ T8121] =======================================================
[  206.312740][ T8121] WARNING: The mand mount option has been deprecated and
[  206.312740][ T8121]          and is ignored by this kernel. Remove the mand
[  206.312740][ T8121]          option from the mount to silence this warning.
[  206.312740][ T8121] =======================================================
[  206.471066][ T8128] overlay: Unknown parameter '/'
[  206.944319][ T8132] FAULT_INJECTION: forcing a failure.
[  206.944319][ T8132] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  206.954400][ T8132] CPU: 3 UID: 0 PID: 8132 Comm: syz.3.569 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  206.954418][ T8132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  206.954424][ T8132] Call Trace:
[  206.954429][ T8132]  <TASK>
[  206.954433][ T8132]  dump_stack_lvl+0x16c/0x1f0
[  206.954453][ T8132]  should_fail_ex+0x50a/0x650
[  206.954472][ T8132]  ? __pfx___might_resched+0x10/0x10
[  206.954493][ T8132]  should_fail_alloc_page+0xe7/0x130
[  206.954506][ T8132]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  206.954524][ T8132]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  206.954542][ T8132]  ? mark_lock+0xb5/0xc60
[  206.954556][ T8132]  ? lock_acquire.part.0+0x11b/0x380
[  206.954578][ T8132]  ? hlock_class+0x4e/0x130
[  206.954589][ T8132]  ? mark_lock+0xb5/0xc60
[  206.954602][ T8132]  ? __pfx_mark_lock+0x10/0x10
[  206.954618][ T8132]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  206.954637][ T8132]  ? __pfx_mark_lock+0x10/0x10
[  206.954654][ T8132]  ? hlock_class+0x4e/0x130
[  206.954665][ T8132]  ? __lock_acquire+0xcc5/0x3c40
[  206.954692][ T8132]  ? hlock_class+0x4e/0x130
[  206.954702][ T8132]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  206.954721][ T8132]  ? policy_nodemask+0xea/0x4e0
[  206.954740][ T8132]  alloc_pages_mpol+0x1fc/0x540
[  206.954758][ T8132]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  206.954779][ T8132]  alloc_pages_noprof+0x131/0x390
[  206.954797][ T8132]  __pmd_alloc+0x3f/0x870
[  206.954813][ T8132]  __handle_mm_fault+0x9fb/0x2c60
[  206.954831][ T8132]  ? lock_vma_under_rcu+0x6b9/0x980
[  206.954847][ T8132]  ? __pfx___handle_mm_fault+0x10/0x10
[  206.954881][ T8132]  ? __fget_files+0x206/0x3a0
[  206.954907][ T8132]  handle_mm_fault+0x3fa/0xaa0
[  206.954933][ T8132]  do_user_addr_fault+0x60d/0x13f0
[  206.954961][ T8132]  exc_page_fault+0x5c/0xc0
[  206.954980][ T8132]  asm_exc_page_fault+0x26/0x30
[  206.955001][ T8132] RIP: 0023:0xf7268356
[  206.955014][ T8132] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 <f3> a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1
[  206.955028][ T8132] RSP: 002b:00000000f5116448 EFLAGS: 00010246
[  206.955043][ T8132] RAX: 0000000000000000 RBX: 00000000f747cff4 RCX: 0000000000000016
[  206.955052][ T8132] RDX: 0000000000000058 RSI: 0000000080000480 RDI: 00000000f5116460
[  206.955060][ T8132] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  206.955068][ T8132] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  206.955077][ T8132] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  206.955097][ T8132]  </TASK>
[  207.075541][ T8132] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  207.508499][ T8153] netlink: 2048 bytes leftover after parsing attributes in process `syz.3.572'.
[  207.511237][ T8153] netlink: 4 bytes leftover after parsing attributes in process `syz.3.572'.
[  207.518055][ T8153] netlink: 12 bytes leftover after parsing attributes in process `syz.3.572'.
[  207.990502][ T8169] FAULT_INJECTION: forcing a failure.
[  207.990502][ T8169] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.994409][ T8169] CPU: 1 UID: 0 PID: 8169 Comm: syz.0.579 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  207.994424][ T8169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  207.994431][ T8169] Call Trace:
[  207.994436][ T8169]  <TASK>
[  207.994442][ T8169]  dump_stack_lvl+0x16c/0x1f0
[  207.994463][ T8169]  should_fail_ex+0x50a/0x650
[  207.994485][ T8169]  _copy_from_user+0x2e/0xd0
[  207.994498][ T8169]  __sys_bpf+0x21c/0x49c0
[  207.994518][ T8169]  ? __pfx___sys_bpf+0x10/0x10
[  207.994535][ T8169]  ? __pfx___lock_acquire+0x10/0x10
[  207.994551][ T8169]  ? __pfx_lock_release+0x10/0x10
[  207.994566][ T8169]  ? trace_lock_acquire+0x14e/0x1f0
[  207.994588][ T8169]  ? lock_acquire+0x2f/0xb0
[  207.994602][ T8169]  ? __might_fault+0xe3/0x190
[  207.994614][ T8169]  ? __might_fault+0xe3/0x190
[  207.994626][ T8169]  __ia32_sys_bpf+0x76/0xe0
[  207.994645][ T8169]  __do_fast_syscall_32+0x73/0x120
[  207.994661][ T8169]  do_fast_syscall_32+0x32/0x80
[  207.994674][ T8169]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  207.994693][ T8169] RIP: 0023:0xf743e579
[  207.994702][ T8169] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  207.994712][ T8169] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  207.994724][ T8169] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000080001740
[  207.994730][ T8169] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[  207.994736][ T8169] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  207.994741][ T8169] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  207.994747][ T8169] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  207.994760][ T8169]  </TASK>
[  208.130720][ T8173] 9pnet_fd: Insufficient options for proto=fd
[  208.149632][ T8176] FAULT_INJECTION: forcing a failure.
[  208.149632][ T8176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.153878][ T8176] CPU: 1 UID: 0 PID: 8176 Comm: syz.1.582 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  208.153899][ T8176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  208.153908][ T8176] Call Trace:
[  208.153914][ T8176]  <TASK>
[  208.153921][ T8176]  dump_stack_lvl+0x16c/0x1f0
[  208.153948][ T8176]  should_fail_ex+0x50a/0x650
[  208.153984][ T8176]  _copy_to_user+0x32/0xd0
[  208.154004][ T8176]  simple_read_from_buffer+0xd0/0x160
[  208.154033][ T8176]  proc_fail_nth_read+0x198/0x270
[  208.154058][ T8176]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  208.154080][ T8176]  ? rw_verify_area+0xcf/0x680
[  208.154100][ T8176]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  208.154139][ T8176]  vfs_read+0x1df/0xbf0
[  208.154167][ T8176]  ? __fget_files+0x1fc/0x3a0
[  208.154191][ T8176]  ? __pfx___mutex_lock+0x10/0x10
[  208.154211][ T8176]  ? __pfx_vfs_read+0x10/0x10
[  208.154266][ T8176]  ? __fget_files+0x206/0x3a0
[  208.154297][ T8176]  ksys_read+0x12b/0x250
[  208.154318][ T8176]  ? __pfx_ksys_read+0x10/0x10
[  208.154337][ T8176]  ? __might_fault+0xe3/0x190
[  208.154356][ T8176]  ? rcu_is_watching+0x12/0xc0
[  208.154378][ T8176]  __do_fast_syscall_32+0x73/0x120
[  208.154399][ T8176]  do_fast_syscall_32+0x32/0x80
[  208.154420][ T8176]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  208.154447][ T8176] RIP: 0023:0xf7f14579
[  208.154461][ T8176] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  208.154476][ T8176] RSP: 002b:00000000f5036590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  208.154493][ T8176] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5036620
[  208.154503][ T8176] RDX: 000000000000000f RSI: 00000000f739cff4 RDI: 0000000000000000
[  208.154512][ T8176] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  208.154522][ T8176] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  208.154531][ T8176] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  208.154554][ T8176]  </TASK>
[  208.490407][ T8189] netlink: 4 bytes leftover after parsing attributes in process `syz.0.586'.
[  208.554386][ T5846] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  208.734637][ T5846] usb 8-1: not running at top speed; connect to a high speed hub
[  208.751863][ T5846] usb 8-1: config 1 interface 0 altsetting 122 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  208.755304][ T5846] usb 8-1: config 1 interface 0 altsetting 122 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  208.758886][ T5846] usb 8-1: config 1 interface 0 has no altsetting 0
[  208.769110][ T5846] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  208.771874][ T5846] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.775628][ T5846] usb 8-1: Product: syz
[  208.780191][ T5846] usb 8-1: Manufacturer: 䇾᣼찗隵邳哉튠��醴ꑽ嫒䗸㡶﫭蠣�䅥ꂃ鴖쪩䨤鮻猉Ⴕ⠔ឞ昩웯砮ㅉ㕠暵��䒽蓂�㨳ꖻႢ褲㠇喻�帾㨔罓૤兵ሌ헔잚쑔๓Ḯ艢Ţꩮഠ립華粓�⨖릜ႄ䑮穂㗯㺸ˎ┨왪봱
[  208.790727][ T5846] usb 8-1: SerialNumber: syz
[  208.809914][ T8185] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  209.035955][ T8196] FAULT_INJECTION: forcing a failure.
[  209.035955][ T8196] name failslab, interval 1, probability 0, space 0, times 0
[  209.039767][ T8196] CPU: 1 UID: 0 PID: 8196 Comm: syz.1.588 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  209.039782][ T8196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.039799][ T8196] Call Trace:
[  209.039803][ T8196]  <TASK>
[  209.039808][ T8196]  dump_stack_lvl+0x16c/0x1f0
[  209.039828][ T8196]  should_fail_ex+0x50a/0x650
[  209.039848][ T8196]  ? fs_reclaim_acquire+0xae/0x150
[  209.039864][ T8196]  ? tomoyo_realpath_from_path+0xb9/0x720
[  209.039880][ T8196]  should_failslab+0xc2/0x120
[  209.039898][ T8196]  __kmalloc_noprof+0xcb/0x510
[  209.039915][ T8196]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  209.039935][ T8196]  tomoyo_realpath_from_path+0xb9/0x720
[  209.039950][ T8196]  ? tomoyo_path_number_perm+0x235/0x590
[  209.039963][ T8196]  ? tomoyo_path_number_perm+0x235/0x590
[  209.039976][ T8196]  tomoyo_path_number_perm+0x248/0x590
[  209.039988][ T8196]  ? tomoyo_path_number_perm+0x235/0x590
[  209.040009][ T8196]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  209.040036][ T8196]  ? __pfx_lock_release+0x10/0x10
[  209.040050][ T8196]  ? trace_lock_acquire+0x14e/0x1f0
[  209.040064][ T8196]  ? lock_acquire+0x2f/0xb0
[  209.040078][ T8196]  ? __fget_files+0x40/0x3a0
[  209.040095][ T8196]  ? __fget_files+0x206/0x3a0
[  209.040112][ T8196]  security_file_ioctl_compat+0x9b/0x240
[  209.040128][ T8196]  __do_compat_sys_ioctl+0x4e/0x2c0
[  209.040142][ T8196]  __do_fast_syscall_32+0x73/0x120
[  209.040157][ T8196]  do_fast_syscall_32+0x32/0x80
[  209.040170][ T8196]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.040189][ T8196] RIP: 0023:0xf7f14579
[  209.040197][ T8196] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.040207][ T8196] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  209.040218][ T8196] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c040565e
[  209.040224][ T8196] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  209.040230][ T8196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.040235][ T8196] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.040241][ T8196] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.040253][ T8196]  </TASK>
[  209.041292][ T8196] ERROR: Out of memory at tomoyo_realpath_from_path.
[  209.266702][ T8203] FAULT_INJECTION: forcing a failure.
[  209.266702][ T8203] name failslab, interval 1, probability 0, space 0, times 0
[  209.270355][ T8203] CPU: 2 UID: 0 PID: 8203 Comm: syz.1.589 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  209.270370][ T8203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.270376][ T8203] Call Trace:
[  209.270381][ T8203]  <TASK>
[  209.270385][ T8203]  dump_stack_lvl+0x16c/0x1f0
[  209.270406][ T8203]  should_fail_ex+0x50a/0x650
[  209.270425][ T8203]  ? fs_reclaim_acquire+0xae/0x150
[  209.270445][ T8203]  ? tomoyo_realpath_from_path+0xb9/0x720
[  209.270461][ T8203]  should_failslab+0xc2/0x120
[  209.270480][ T8203]  __kmalloc_noprof+0xcb/0x510
[  209.270496][ T8203]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  209.270517][ T8203]  tomoyo_realpath_from_path+0xb9/0x720
[  209.270531][ T8203]  ? tomoyo_path_number_perm+0x235/0x590
[  209.270544][ T8203]  ? tomoyo_path_number_perm+0x235/0x590
[  209.270557][ T8203]  tomoyo_path_number_perm+0x248/0x590
[  209.270569][ T8203]  ? tomoyo_path_number_perm+0x235/0x590
[  209.270582][ T8203]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  209.270607][ T8203]  ? __pfx_lock_release+0x10/0x10
[  209.270621][ T8203]  ? trace_lock_acquire+0x14e/0x1f0
[  209.270636][ T8203]  ? lock_acquire+0x2f/0xb0
[  209.270649][ T8203]  ? __fget_files+0x40/0x3a0
[  209.270666][ T8203]  ? __fget_files+0x206/0x3a0
[  209.270683][ T8203]  security_file_ioctl_compat+0x9b/0x240
[  209.270699][ T8203]  __do_compat_sys_ioctl+0x4e/0x2c0
[  209.270714][ T8203]  __do_fast_syscall_32+0x73/0x120
[  209.270729][ T8203]  do_fast_syscall_32+0x32/0x80
[  209.270742][ T8203]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.270762][ T8203] RIP: 0023:0xf7f14579
[  209.270771][ T8203] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.270782][ T8203] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  209.270792][ T8203] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0d05605
[  209.270799][ T8203] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  209.270805][ T8203] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.270810][ T8203] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.270816][ T8203] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.270828][ T8203]  </TASK>
[  209.270832][ T8203] ERROR: Out of memory at tomoyo_realpath_from_path.
[  209.282895][ T5846] usb 8-1: USB disconnect, device number 2
[  209.738858][ T5949] kernel write not supported for file /zero (pid: 5949 comm: kworker/3:3)
[  210.486133][ T5846] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  210.511044][ T8226] FAULT_INJECTION: forcing a failure.
[  210.511044][ T8226] name failslab, interval 1, probability 0, space 0, times 0
[  210.515255][ T8226] CPU: 3 UID: 0 PID: 8226 Comm: syz.3.597 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  210.515277][ T8226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.515287][ T8226] Call Trace:
[  210.515293][ T8226]  <TASK>
[  210.515300][ T8226]  dump_stack_lvl+0x16c/0x1f0
[  210.515326][ T8226]  should_fail_ex+0x50a/0x650
[  210.515351][ T8226]  ? fs_reclaim_acquire+0xae/0x150
[  210.515370][ T8226]  ? tomoyo_realpath_from_path+0xb9/0x720
[  210.515393][ T8226]  should_failslab+0xc2/0x120
[  210.515418][ T8226]  __kmalloc_noprof+0xcb/0x510
[  210.515441][ T8226]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  210.515469][ T8226]  tomoyo_realpath_from_path+0xb9/0x720
[  210.515489][ T8226]  ? tomoyo_path_number_perm+0x235/0x590
[  210.515508][ T8226]  ? tomoyo_path_number_perm+0x235/0x590
[  210.515528][ T8226]  tomoyo_path_number_perm+0x248/0x590
[  210.515543][ T8226]  ? tomoyo_path_number_perm+0x235/0x590
[  210.515562][ T8226]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  210.515601][ T8226]  ? __pfx_lock_release+0x10/0x10
[  210.515620][ T8226]  ? trace_lock_acquire+0x14e/0x1f0
[  210.515641][ T8226]  ? lock_acquire+0x2f/0xb0
[  210.515659][ T8226]  ? __fget_files+0x40/0x3a0
[  210.515684][ T8226]  ? __fget_files+0x206/0x3a0
[  210.515708][ T8226]  security_file_ioctl_compat+0x9b/0x240
[  210.515730][ T8226]  __do_compat_sys_ioctl+0x4e/0x2c0
[  210.515751][ T8226]  __do_fast_syscall_32+0x73/0x120
[  210.515772][ T8226]  do_fast_syscall_32+0x32/0x80
[  210.515791][ T8226]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  210.515817][ T8226] RIP: 0023:0xf7ff3579
[  210.515829][ T8226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  210.515843][ T8226] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  210.515858][ T8226] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000401c5820
[  210.515868][ T8226] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  210.515877][ T8226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  210.515886][ T8226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  210.515895][ T8226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  210.515916][ T8226]  </TASK>
[  210.515922][ T8226] ERROR: Out of memory at tomoyo_realpath_from_path.
[  210.644364][ T5846] usb 7-1: Using ep0 maxpacket: 8
[  210.648004][ T5846] usb 7-1: config 0 has no interfaces?
[  210.649664][ T5846] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  210.653089][ T5846] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.658003][ T5846] usb 7-1: config 0 descriptor??
[  210.787257][ T8234] FAULT_INJECTION: forcing a failure.
[  210.787257][ T8234] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.791118][ T8234] CPU: 3 UID: 0 PID: 8234 Comm: syz.1.600 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  210.791132][ T8234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  210.791140][ T8234] Call Trace:
[  210.791144][ T8234]  <TASK>
[  210.791150][ T8234]  dump_stack_lvl+0x16c/0x1f0
[  210.791170][ T8234]  should_fail_ex+0x50a/0x650
[  210.791191][ T8234]  _copy_from_user+0x2e/0xd0
[  210.791204][ T8234]  __sys_bpf+0x21c/0x49c0
[  210.791224][ T8234]  ? __pfx_lock_release+0x10/0x10
[  210.791241][ T8234]  ? __pfx___sys_bpf+0x10/0x10
[  210.791256][ T8234]  ? vfs_write+0x306/0x1150
[  210.791275][ T8234]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  210.791297][ T8234]  ? fput+0x67/0x440
[  210.791307][ T8234]  ? ksys_write+0x1ba/0x250
[  210.791322][ T8234]  ? __pfx_ksys_write+0x10/0x10
[  210.791339][ T8234]  __ia32_sys_bpf+0x76/0xe0
[  210.791357][ T8234]  __do_fast_syscall_32+0x73/0x120
[  210.791371][ T8234]  do_fast_syscall_32+0x32/0x80
[  210.791384][ T8234]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  210.791404][ T8234] RIP: 0023:0xf7f14579
[  210.791413][ T8234] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  210.791423][ T8234] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  210.791434][ T8234] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000080
[  210.791441][ T8234] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  210.791446][ T8234] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  210.791452][ T8234] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  210.791457][ T8234] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  210.791470][ T8234]  </TASK>
[  210.869009][ T5296] Bluetooth: hci2: Unknown advertising packet type: 0x5a
[  210.869362][ T5296] Bluetooth: hci2: Malformed LE Event: 0x0d
[  210.873425][ T8216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.593'.
[  210.885717][  T834] usb 7-1: USB disconnect, device number 4
[  211.333835][ T8247] batadv_slave_1: entered promiscuous mode
[  211.422331][ T8244] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  211.424857][ T8244] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  211.447737][ T8244] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  211.449742][ T8244] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  211.453134][ T8244] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  211.455135][ T8244] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  211.457401][ T8244] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  211.459099][ T8244] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  211.538946][ T8243] batadv_slave_1: left promiscuous mode
[  211.576989][ T8257] 9pnet: Could not find request transport: viú²‚°BT=ÐÄ'­ÉÈ(†io
[  211.670852][ T8264] warning: `syz.1.607' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  211.874284][   T56] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  212.160731][ T8272] netlink: 20 bytes leftover after parsing attributes in process `syz.1.609'.
[  212.295517][   T56] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  212.298789][   T56] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  212.303080][   T56] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  212.306048][   T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.340510][ T8255] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  212.363362][   T56] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  213.379455][ T5956] Bluetooth: hci0: command 0x0406 tx timeout
[  213.525692][ T5956] Bluetooth: hci3: command 0x0406 tx timeout
[  213.525723][ T5296] Bluetooth: hci2: command 0x0406 tx timeout
[  213.529118][ T5956] Bluetooth: hci1: command 0x0406 tx timeout
[  213.711629][   T40] audit: type=1804 audit(1739584571.946:2): pid=8306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.617" name="/newroot/157/file0/file0" dev="9p" ino=36185842 res=1 errno=0
[  213.855016][ T8309] netlink: 20 bytes leftover after parsing attributes in process `syz.0.618'.
[  213.939799][ T8313] netlink: 'syz.0.619': attribute type 21 has an invalid length.
[  214.204235][   T62] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  214.360604][   T62] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  214.364001][   T62] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  214.364031][   T62] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  214.364042][   T62] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.369369][ T8313] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  214.377255][   T62] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  214.587990][   T56] usb 7-1: USB disconnect, device number 5
[  214.606355][ T8325] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.622'.
[  214.615323][ T8323] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.622'.
[  214.620264][ T8327] xt_addrtype: ipv6 BLACKHOLE matching not supported
[  214.675382][ T8331] Invalid source name
[  214.679132][ T8331] UBIFS error (pid: 8331): cannot open "./file0", error -22
[  214.718991][ T8334] block nbd2: shutting down sockets
[  214.774651][ T5949] usb 5-1: USB disconnect, device number 2
[  214.893388][ T8339] FAULT_INJECTION: forcing a failure.
[  214.893388][ T8339] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.899635][ T8339] CPU: 3 UID: 0 PID: 8339 Comm: syz.2.625 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  214.899657][ T8339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  214.899667][ T8339] Call Trace:
[  214.899673][ T8339]  <TASK>
[  214.899680][ T8339]  dump_stack_lvl+0x16c/0x1f0
[  214.899708][ T8339]  should_fail_ex+0x50a/0x650
[  214.899738][ T8339]  _copy_to_user+0x32/0xd0
[  214.899757][ T8339]  simple_read_from_buffer+0xd0/0x160
[  214.899781][ T8339]  proc_fail_nth_read+0x198/0x270
[  214.899803][ T8339]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  214.899823][ T8339]  ? rw_verify_area+0xcf/0x680
[  214.899843][ T8339]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  214.899861][ T8339]  vfs_read+0x1df/0xbf0
[  214.899883][ T8339]  ? __fget_files+0x1fc/0x3a0
[  214.899906][ T8339]  ? __pfx___mutex_lock+0x10/0x10
[  214.899925][ T8339]  ? __pfx_vfs_read+0x10/0x10
[  214.899952][ T8339]  ? __fget_files+0x206/0x3a0
[  214.899981][ T8339]  ksys_read+0x12b/0x250
[  214.900002][ T8339]  ? __pfx_ksys_read+0x10/0x10
[  214.900069][ T8339]  __do_fast_syscall_32+0x73/0x120
[  214.900091][ T8339]  do_fast_syscall_32+0x32/0x80
[  214.900110][ T8339]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  214.900136][ T8339] RIP: 0023:0xf7f82579
[  214.900148][ T8339] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  214.900163][ T8339] RSP: 002b:00000000f50a6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  214.900180][ T8339] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50a6620
[  214.900190][ T8339] RDX: 000000000000000f RSI: 00000000f740cff4 RDI: 0000000000000000
[  214.900199][ T8339] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  214.900209][ T8339] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  214.900218][ T8339] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  214.900239][ T8339]  </TASK>
[  215.064616][ T8345] netlink: 20 bytes leftover after parsing attributes in process `syz.2.628'.
[  215.405492][ T8353] netlink: 'syz.2.631': attribute type 10 has an invalid length.
[  215.454356][   T65] Bluetooth: hci0: command 0x0406 tx timeout
[  215.604451][   T65] Bluetooth: hci1: command 0x0406 tx timeout
[  215.614398][ T5956] Bluetooth: hci3: command 0x0406 tx timeout
[  215.616279][   T65] Bluetooth: hci2: command 0x0406 tx timeout
[  215.795988][ T8364] infiniband syz1: set active
[  215.797806][ T8364] infiniband syz1: added team_slave_0
[  215.841987][ T8364] RDS/IB: syz1: added
[  215.843509][ T8364] smc: adding ib device syz1 with port count 1
[  215.847560][ T8364] smc:    ib device syz1 port 1 has pnetid 
[  216.171354][ T8368] netlink: 504 bytes leftover after parsing attributes in process `syz.0.636'.
[  216.199985][ T8371] FAULT_INJECTION: forcing a failure.
[  216.199985][ T8371] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.203683][ T8371] CPU: 0 UID: 0 PID: 8371 Comm: syz.1.637 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  216.203696][ T8371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.203703][ T8371] Call Trace:
[  216.203707][ T8371]  <TASK>
[  216.203711][ T8371]  dump_stack_lvl+0x16c/0x1f0
[  216.203732][ T8371]  should_fail_ex+0x50a/0x650
[  216.203753][ T8371]  _copy_from_user+0x2e/0xd0
[  216.203766][ T8371]  get_compat_msghdr+0xa8/0x170
[  216.203780][ T8371]  ? __pfx_get_compat_msghdr+0x10/0x10
[  216.203796][ T8371]  ___sys_sendmsg+0x1b0/0x1e0
[  216.203813][ T8371]  ? __pfx____sys_sendmsg+0x10/0x10
[  216.203832][ T8371]  ? __pfx_lock_release+0x10/0x10
[  216.203849][ T8371]  ? trace_lock_acquire+0x14e/0x1f0
[  216.203866][ T8371]  ? __fget_files+0x206/0x3a0
[  216.203886][ T8371]  __sys_sendmsg+0x16e/0x220
[  216.203901][ T8371]  ? __pfx___sys_sendmsg+0x10/0x10
[  216.203923][ T8371]  __do_fast_syscall_32+0x73/0x120
[  216.203938][ T8371]  do_fast_syscall_32+0x32/0x80
[  216.203951][ T8371]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.203971][ T8371] RIP: 0023:0xf7f14579
[  216.203979][ T8371] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.203989][ T8371] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  216.204000][ T8371] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  216.204007][ T8371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  216.204012][ T8371] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.204018][ T8371] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.204024][ T8371] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.204036][ T8371]  </TASK>
[  216.278055][ T8369] 8021q: adding VLAN 0 to HW filter on device bond1
[  216.280843][ T8369] bond1: entered promiscuous mode
[  216.282695][ T8369] bond0: (slave bond1): Enslaving as an active interface with an up link
[  216.362179][ T8377] netlink: 20 bytes leftover after parsing attributes in process `syz.3.639'.
[  216.676356][ T8382] netlink: 'syz.2.641': attribute type 13 has an invalid length.
[  216.806075][ T8382] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.810125][ T8382] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.876991][ T8382] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.882219][ T8382] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.948985][ T8382] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  216.952685][ T8382] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  216.957668][ T8382] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  216.961114][ T8382] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  217.006571][ T8390] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.643'.
[  217.010079][ T8389] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.643'.
[  217.191750][ T8399] FAULT_INJECTION: forcing a failure.
[  217.191750][ T8399] name failslab, interval 1, probability 0, space 0, times 0
[  217.195787][ T8399] CPU: 3 UID: 0 PID: 8399 Comm: syz.1.647 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  217.195802][ T8399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.195809][ T8399] Call Trace:
[  217.195812][ T8399]  <TASK>
[  217.195817][ T8399]  dump_stack_lvl+0x16c/0x1f0
[  217.195838][ T8399]  should_fail_ex+0x50a/0x650
[  217.195857][ T8399]  ? fs_reclaim_acquire+0xae/0x150
[  217.195873][ T8399]  ? tomoyo_realpath_from_path+0xb9/0x720
[  217.195889][ T8399]  should_failslab+0xc2/0x120
[  217.195907][ T8399]  __kmalloc_noprof+0xcb/0x510
[  217.195924][ T8399]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  217.195944][ T8399]  tomoyo_realpath_from_path+0xb9/0x720
[  217.195958][ T8399]  ? tomoyo_path_number_perm+0x235/0x590
[  217.195971][ T8399]  ? tomoyo_path_number_perm+0x235/0x590
[  217.195984][ T8399]  tomoyo_path_number_perm+0x248/0x590
[  217.195996][ T8399]  ? tomoyo_path_number_perm+0x235/0x590
[  217.196009][ T8399]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  217.196041][ T8399]  ? __pfx_lock_release+0x10/0x10
[  217.196061][ T8399]  ? trace_lock_acquire+0x14e/0x1f0
[  217.196081][ T8399]  ? lock_acquire+0x2f/0xb0
[  217.196100][ T8399]  ? __fget_files+0x40/0x3a0
[  217.196123][ T8399]  ? __fget_files+0x206/0x3a0
[  217.196148][ T8399]  security_file_ioctl_compat+0x9b/0x240
[  217.196171][ T8399]  __do_compat_sys_ioctl+0x4e/0x2c0
[  217.196187][ T8399]  __do_fast_syscall_32+0x73/0x120
[  217.196209][ T8399]  do_fast_syscall_32+0x32/0x80
[  217.196222][ T8399]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  217.196241][ T8399] RIP: 0023:0xf7f14579
[  217.196250][ T8399] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  217.196260][ T8399] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  217.196271][ T8399] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0405602
[  217.196278][ T8399] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  217.196313][ T8399] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  217.196318][ T8399] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  217.196324][ T8399] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  217.196337][ T8399]  </TASK>
[  217.196341][ T8399] ERROR: Out of memory at tomoyo_realpath_from_path.
[  217.384309][   T72] usb 7-1: new high-speed USB device number 6 using dummy_hcd
usb_generic_handle_packet: ctrl buffer too small (16384 > 4096)
[  217.408458][ T8406] netlink: 68 bytes leftover after parsing attributes in process `syz.1.649'.
[  217.534294][   T72] usb 7-1: Using ep0 maxpacket: 8
[  217.541756][   T72] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  217.548571][   T72] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  217.552195][   T72] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  217.560344][   T72] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  217.564031][   T72] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  217.567826][   T72] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  217.570273][   T72] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.782924][   T72] usb 7-1: GET_CAPABILITIES returned 0
[  217.784939][   T72] usbtmc 7-1:16.0: can't read capabilities
[  217.985945][ T8397] FAULT_INJECTION: forcing a failure.
[  217.985945][ T8397] name failslab, interval 1, probability 0, space 0, times 0
[  217.989768][ T8397] CPU: 2 UID: 0 PID: 8397 Comm: syz.2.646 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  217.989790][ T8397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.989800][ T8397] Call Trace:
[  217.989806][ T8397]  <TASK>
[  217.989814][ T8397]  dump_stack_lvl+0x16c/0x1f0
[  217.989842][ T8397]  should_fail_ex+0x50a/0x650
[  217.989869][ T8397]  ? fs_reclaim_acquire+0xae/0x150
[  217.989892][ T8397]  ? usb_alloc_urb+0x69/0xa0
[  217.989918][ T8397]  should_failslab+0xc2/0x120
[  217.989945][ T8397]  __kmalloc_noprof+0xcb/0x510
[  217.989970][ T8397]  ? mark_held_locks+0x9f/0xe0
[  217.989993][ T8397]  ? __pfx_usbtmc_write+0x10/0x10
[  217.990010][ T8397]  usb_alloc_urb+0x69/0xa0
[  217.990031][ T8397]  usbtmc_create_urb+0x13/0x140
[  217.990046][ T8397]  usbtmc_write+0x241/0xcc0
[  217.990069][ T8397]  ? __pfx_usbtmc_write+0x10/0x10
[  217.990085][ T8397]  ? bpf_lsm_file_permission+0x9/0x10
[  217.990109][ T8397]  ? security_file_permission+0x71/0x210
[  217.990129][ T8397]  ? rw_verify_area+0xcf/0x680
[  217.990174][ T8397]  ? __pfx_usbtmc_write+0x10/0x10
[  217.990190][ T8397]  vfs_write+0x24c/0x1150
[  217.990220][ T8397]  ? __fget_files+0x1fc/0x3a0
[  217.990244][ T8397]  ? __pfx_lock_release+0x10/0x10
[  217.990266][ T8397]  ? __pfx_vfs_write+0x10/0x10
[  217.990289][ T8397]  ? lock_acquire+0x2f/0xb0
[  217.990310][ T8397]  ? __fget_files+0x40/0x3a0
[  217.990336][ T8397]  ? __fget_files+0x206/0x3a0
[  217.990366][ T8397]  ksys_write+0x12b/0x250
[  217.990387][ T8397]  ? __pfx_ksys_write+0x10/0x10
[  217.990416][ T8397]  __do_fast_syscall_32+0x73/0x120
[  217.990439][ T8397]  do_fast_syscall_32+0x32/0x80
[  217.990458][ T8397]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  217.990484][ T8397] RIP: 0023:0xf7f82579
[  217.990498][ T8397] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  217.990513][ T8397] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  217.990530][ T8397] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000840
[  217.990539][ T8397] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  217.990548][ T8397] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  217.990556][ T8397] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  217.990565][ T8397] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  217.990588][ T8397]  </TASK>
[  217.991551][   T72] usb 7-1: USB disconnect, device number 6
[  218.084608][   T65] Bluetooth: hci1: command 0x0406 tx timeout
[  218.435626][ T8425] FAULT_INJECTION: forcing a failure.
[  218.435626][ T8425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.439893][ T8425] CPU: 0 UID: 0 PID: 8425 Comm: syz.3.657 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  218.439906][ T8425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  218.439913][ T8425] Call Trace:
[  218.439918][ T8425]  <TASK>
[  218.439923][ T8425]  dump_stack_lvl+0x16c/0x1f0
[  218.439943][ T8425]  should_fail_ex+0x50a/0x650
[  218.439964][ T8425]  _copy_from_user+0x2e/0xd0
[  218.439976][ T8425]  get_compat_msghdr+0xa8/0x170
[  218.439989][ T8425]  ? __pfx_get_compat_msghdr+0x10/0x10
[  218.440005][ T8425]  ___sys_sendmsg+0x1b0/0x1e0
[  218.440023][ T8425]  ? __pfx____sys_sendmsg+0x10/0x10
[  218.440042][ T8425]  ? __pfx_lock_release+0x10/0x10
[  218.440060][ T8425]  ? trace_lock_acquire+0x14e/0x1f0
[  218.440077][ T8425]  ? __fget_files+0x206/0x3a0
[  218.440097][ T8425]  __sys_sendmsg+0x16e/0x220
[  218.440112][ T8425]  ? __pfx___sys_sendmsg+0x10/0x10
[  218.440135][ T8425]  __do_fast_syscall_32+0x73/0x120
[  218.440150][ T8425]  do_fast_syscall_32+0x32/0x80
[  218.440165][ T8425]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  218.440184][ T8425] RIP: 0023:0xf7ff3579
[  218.440192][ T8425] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  218.440202][ T8425] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  218.440213][ T8425] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000540
[  218.440219][ T8425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  218.440225][ T8425] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  218.440231][ T8425] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  218.440236][ T8425] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  218.440248][ T8425]  </TASK>
[  219.040251][ T8440] syz.2.659: attempt to access beyond end of device
[  219.040251][ T8440] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0
[  219.044327][ T8440] MINIX-fs: unable to read superblock
[  219.510372][ T8456] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.663'.
[  219.516903][ T8452] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.663'.
[  219.610092][ T8459] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.662'.
[  219.615024][ T8457] ./file0: Can't lookup blockdev
[  219.649966][ T8454] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.662'.
[  220.823924][ T8464] FAULT_INJECTION: forcing a failure.
[  220.823924][ T8464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.827787][ T8464] CPU: 3 UID: 0 PID: 8464 Comm: syz.2.665 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  220.827805][ T8464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  220.827814][ T8464] Call Trace:
[  220.827820][ T8464]  <TASK>
[  220.827827][ T8464]  dump_stack_lvl+0x16c/0x1f0
[  220.827851][ T8464]  should_fail_ex+0x50a/0x650
[  220.827880][ T8464]  _copy_from_user+0x2e/0xd0
[  220.827898][ T8464]  move_addr_to_kernel+0x68/0x160
[  220.827920][ T8464]  __sys_sendto+0x1ba/0x4f0
[  220.827941][ T8464]  ? __pfx___sys_sendto+0x10/0x10
[  220.827979][ T8464]  ? ksys_write+0x1ba/0x250
[  220.828002][ T8464]  ? __pfx_ksys_write+0x10/0x10
[  220.828023][ T8464]  __ia32_sys_sendto+0xdd/0x1b0
[  220.828043][ T8464]  ? lockdep_hardirqs_on+0x7c/0x110
[  220.828063][ T8464]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  220.828081][ T8464]  __do_fast_syscall_32+0x73/0x120
[  220.828118][ T8464]  do_fast_syscall_32+0x32/0x80
[  220.828136][ T8464]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  220.828160][ T8464] RIP: 0023:0xf7f82579
[  220.828172][ T8464] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  220.828186][ T8464] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  220.828202][ T8464] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  220.828211][ T8464] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000080000000
[  220.828218][ T8464] RBP: 0000000000000014 R08: 0000000000000000 R09: 0000000000000000
[  220.828226][ T8464] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  220.828235][ T8464] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  220.828253][ T8464]  </TASK>
[  221.333491][ T8475] FAULT_INJECTION: forcing a failure.
[  221.333491][ T8475] name failslab, interval 1, probability 0, space 0, times 0
[  221.338358][ T8475] CPU: 2 UID: 0 PID: 8475 Comm: syz.1.669 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  221.338380][ T8475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.338390][ T8475] Call Trace:
[  221.338395][ T8475]  <TASK>
[  221.338402][ T8475]  dump_stack_lvl+0x16c/0x1f0
[  221.338428][ T8475]  should_fail_ex+0x50a/0x650
[  221.338452][ T8475]  ? fs_reclaim_acquire+0xae/0x150
[  221.338475][ T8475]  ? kernfs_fop_write_iter+0x223/0x500
[  221.338493][ T8475]  should_failslab+0xc2/0x120
[  221.338518][ T8475]  __kmalloc_noprof+0xcb/0x510
[  221.338540][ T8475]  ? rcu_is_watching+0x12/0xc0
[  221.338563][ T8475]  kernfs_fop_write_iter+0x223/0x500
[  221.338581][ T8475]  vfs_write+0x5ae/0x1150
[  221.338603][ T8475]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  221.338620][ T8475]  ? __pfx___mutex_lock+0x10/0x10
[  221.338640][ T8475]  ? __pfx_vfs_write+0x10/0x10
[  221.338678][ T8475]  ksys_write+0x12b/0x250
[  221.338698][ T8475]  ? __pfx_ksys_write+0x10/0x10
[  221.338725][ T8475]  __do_fast_syscall_32+0x73/0x120
[  221.338747][ T8475]  do_fast_syscall_32+0x32/0x80
[  221.338766][ T8475]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.338792][ T8475] RIP: 0023:0xf7f14579
[  221.338806][ T8475] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.338820][ T8475] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  221.338837][ T8475] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[  221.338847][ T8475] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000000
[  221.338856][ T8475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.338865][ T8475] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  221.338874][ T8475] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.338896][ T8475]  </TASK>
[  221.471156][ T8483] netlink: 20 bytes leftover after parsing attributes in process `syz.3.673'.
[  221.530672][ T8484] Illegal XDP return value 645964864 on prog  (id 150) dev N/A, expect packet loss!
[  221.537860][   T40] audit: type=1800 audit(1739584579.776:3): pid=8484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.672" name="bus" dev="tmpfs" ino=2 res=0 errno=0
[  221.538962][ T8486] FAULT_INJECTION: forcing a failure.
[  221.538962][ T8486] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.548708][ T8486] CPU: 3 UID: 0 PID: 8486 Comm: syz.3.674 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  221.548724][ T8486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.548731][ T8486] Call Trace:
[  221.548735][ T8486]  <TASK>
[  221.548740][ T8486]  dump_stack_lvl+0x16c/0x1f0
[  221.548760][ T8486]  should_fail_ex+0x50a/0x650
[  221.548782][ T8486]  _copy_from_user+0x2e/0xd0
[  221.548795][ T8486]  get_compat_msghdr+0xa8/0x170
[  221.548809][ T8486]  ? __pfx_get_compat_msghdr+0x10/0x10
[  221.548825][ T8486]  ___sys_sendmsg+0x1b0/0x1e0
[  221.548843][ T8486]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.548863][ T8486]  ? __pfx_lock_release+0x10/0x10
[  221.548880][ T8486]  ? trace_lock_acquire+0x14e/0x1f0
[  221.548897][ T8486]  ? __fget_files+0x206/0x3a0
[  221.548918][ T8486]  __sys_sendmsg+0x16e/0x220
[  221.548933][ T8486]  ? __pfx___sys_sendmsg+0x10/0x10
[  221.548956][ T8486]  __do_fast_syscall_32+0x73/0x120
[  221.548973][ T8486]  do_fast_syscall_32+0x32/0x80
[  221.548986][ T8486]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.549006][ T8486] RIP: 0023:0xf7ff3579
[  221.549015][ T8486] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.549026][ T8486] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  221.549037][ T8486] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  221.549043][ T8486] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  221.549049][ T8486] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.549055][ T8486] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  221.549061][ T8486] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.549073][ T8486]  </TASK>
[  221.758523][ T8490] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.675'.
[  221.763215][ T8489] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.675'.
[  222.095892][ T8495] netlink: 20 bytes leftover after parsing attributes in process `syz.0.677'.
[  222.337807][ T8500] netlink: 20 bytes leftover after parsing attributes in process `syz.1.679'.
[  223.221496][ T8522] FAULT_INJECTION: forcing a failure.
[  223.221496][ T8522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.224223][ T1210] Bluetooth: hci4: Frame reassembly failed (-84)
[  223.226561][ T8522] CPU: 1 UID: 0 PID: 8522 Comm: syz.0.685 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  223.226584][ T8522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  223.226595][ T8522] Call Trace:
[  223.226601][ T8522]  <TASK>
[  223.226608][ T8522]  dump_stack_lvl+0x16c/0x1f0
[  223.226637][ T8522]  should_fail_ex+0x50a/0x650
[  223.226667][ T8522]  _copy_from_user+0x2e/0xd0
[  223.226684][ T8522]  move_addr_to_kernel+0x68/0x160
[  223.226704][ T8522]  __sys_bind+0x11c/0x260
[  223.226721][ T8522]  ? __pfx___sys_bind+0x10/0x10
[  223.226737][ T8522]  ? __fget_files+0x206/0x3a0
[  223.226767][ T8522]  ? __pfx_ksys_write+0x10/0x10
[  223.226792][ T8522]  __ia32_sys_bind+0x71/0xb0
[  223.226809][ T8522]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  223.226830][ T8522]  __do_fast_syscall_32+0x73/0x120
[  223.226852][ T8522]  do_fast_syscall_32+0x32/0x80
[  223.226870][ T8522]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  223.226898][ T8522] RIP: 0023:0xf743e579
[  223.226910][ T8522] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  223.226926][ T8522] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000169
[  223.226943][ T8522] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000140
[  223.226953][ T8522] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000
[  223.226962][ T8522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  223.226971][ T8522] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  223.226979][ T8522] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.227000][ T8522]  </TASK>
[  223.987127][ T8532] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.687'.
[  223.990564][ T8531] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.687'.
[  224.199995][ T8541] hugetlbfs: Unknown parameter 'motLde'
[  224.203369][ T8541] netlink: 16 bytes leftover after parsing attributes in process `syz.3.689'.
[  224.282820][ T8542] fuse: Unknown parameter 'grou00000000000000000000'
[  225.196209][ T8550] netlink: 100 bytes leftover after parsing attributes in process `syz.2.692'.
[  225.284261][   T65] Bluetooth: hci4: command 0x1003 tx timeout
[  225.284323][ T5956] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  225.508016][ T8558] netlink: 8 bytes leftover after parsing attributes in process `syz.3.694'.
[  225.584010][ T8563] FAULT_INJECTION: forcing a failure.
[  225.584010][ T8563] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.589277][ T8563] CPU: 3 UID: 0 PID: 8563 Comm: syz.0.695 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  225.589292][ T8563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.589301][ T8563] Call Trace:
[  225.589304][ T8563]  <TASK>
[  225.589309][ T8563]  dump_stack_lvl+0x16c/0x1f0
[  225.589334][ T8563]  should_fail_ex+0x50a/0x650
[  225.589355][ T8563]  _copy_to_user+0x32/0xd0
[  225.589368][ T8563]  simple_read_from_buffer+0xd0/0x160
[  225.589385][ T8563]  proc_fail_nth_read+0x198/0x270
[  225.589399][ T8563]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  225.589413][ T8563]  ? rw_verify_area+0xcf/0x680
[  225.589426][ T8563]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  225.589439][ T8563]  vfs_read+0x1df/0xbf0
[  225.589454][ T8563]  ? __fget_files+0x1fc/0x3a0
[  225.589472][ T8563]  ? __pfx___mutex_lock+0x10/0x10
[  225.589491][ T8563]  ? __pfx_vfs_read+0x10/0x10
[  225.589516][ T8563]  ? __fget_files+0x206/0x3a0
[  225.589544][ T8563]  ksys_read+0x12b/0x250
[  225.589565][ T8563]  ? __pfx_ksys_read+0x10/0x10
[  225.589591][ T8563]  __do_fast_syscall_32+0x73/0x120
[  225.589609][ T8563]  do_fast_syscall_32+0x32/0x80
[  225.589623][ T8563]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  225.589642][ T8563] RIP: 0023:0xf743e579
[  225.589650][ T8563] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  225.589661][ T8563] RSP: 002b:00000000f50c6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  225.589672][ T8563] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50c6620
[  225.589679][ T8563] RDX: 000000000000000f RSI: 00000000f742cff4 RDI: 0000000000000000
[  225.589685][ T8563] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  225.589691][ T8563] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  225.589697][ T8563] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  225.589710][ T8563]  </TASK>
[  225.633193][ T8556] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.693'.
[  225.709962][ T8554] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.693'.
[  225.795042][ T8569] netlink: 'syz.0.698': attribute type 33 has an invalid length.
[  228.835161][ T8609] netlink: 20 bytes leftover after parsing attributes in process `syz.1.711'.
[  228.908011][ T8612] xt_CT: You must specify a L4 protocol and not use inversions on it
[  232.709159][ T8666] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  232.713064][ T8666] batman_adv: batadv0: Adding interface: gretap1
[  232.715044][ T8666] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.722321][ T8666] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  233.950146][ T8680] netlink: 'syz.1.734': attribute type 2 has an invalid length.
[  233.953126][ T8680] netlink: 'syz.1.734': attribute type 8 has an invalid length.
[  233.956288][ T8680] netlink: 132 bytes leftover after parsing attributes in process `syz.1.734'.
[  234.120715][ T8683] 8021q: adding VLAN 0 to HW filter on device bond1
[  234.123670][ T8683] bond0: (slave bond1): Enslaving as an active interface with an up link
[  234.209918][ T8688] FAULT_INJECTION: forcing a failure.
[  234.209918][ T8688] name failslab, interval 1, probability 0, space 0, times 0
[  234.217099][ T8688] CPU: 1 UID: 0 PID: 8688 Comm: syz.1.736 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  234.217115][ T8688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.217121][ T8688] Call Trace:
[  234.217125][ T8688]  <TASK>
[  234.217130][ T8688]  dump_stack_lvl+0x16c/0x1f0
[  234.217152][ T8688]  should_fail_ex+0x50a/0x650
[  234.217171][ T8688]  ? fs_reclaim_acquire+0xae/0x150
[  234.217188][ T8688]  ? tomoyo_realpath_from_path+0xb9/0x720
[  234.217205][ T8688]  should_failslab+0xc2/0x120
[  234.217223][ T8688]  __kmalloc_noprof+0xcb/0x510
[  234.217239][ T8688]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  234.217259][ T8688]  tomoyo_realpath_from_path+0xb9/0x720
[  234.217273][ T8688]  ? tomoyo_path_number_perm+0x235/0x590
[  234.217290][ T8688]  ? tomoyo_path_number_perm+0x235/0x590
[  234.217304][ T8688]  tomoyo_path_number_perm+0x248/0x590
[  234.217315][ T8688]  ? tomoyo_path_number_perm+0x235/0x590
[  234.217329][ T8688]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  234.217353][ T8688]  ? __pfx_lock_release+0x10/0x10
[  234.217367][ T8688]  ? trace_lock_acquire+0x14e/0x1f0
[  234.217382][ T8688]  ? lock_acquire+0x2f/0xb0
[  234.217395][ T8688]  ? __fget_files+0x40/0x3a0
[  234.217413][ T8688]  ? __fget_files+0x206/0x3a0
[  234.217430][ T8688]  security_file_ioctl_compat+0x9b/0x240
[  234.217446][ T8688]  __do_compat_sys_ioctl+0x4e/0x2c0
[  234.217461][ T8688]  __do_fast_syscall_32+0x73/0x120
[  234.217477][ T8688]  do_fast_syscall_32+0x32/0x80
[  234.217489][ T8688]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  234.217509][ T8688] RIP: 0023:0xf7f14579
[  234.217518][ T8688] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  234.217528][ T8688] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  234.217540][ T8688] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008b04
[  234.217546][ T8688] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  234.217552][ T8688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  234.217558][ T8688] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  234.217564][ T8688] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  234.217577][ T8688]  </TASK>
[  234.217582][ T8688] ERROR: Out of memory at tomoyo_realpath_from_path.
[  234.377559][ T8694] FAULT_INJECTION: forcing a failure.
[  234.377559][ T8694] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.382267][ T8694] CPU: 2 UID: 0 PID: 8694 Comm: syz.3.739 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  234.382283][ T8694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.382290][ T8694] Call Trace:
[  234.382294][ T8694]  <TASK>
[  234.382299][ T8694]  dump_stack_lvl+0x16c/0x1f0
[  234.382320][ T8694]  should_fail_ex+0x50a/0x650
[  234.382341][ T8694]  _copy_from_user+0x2e/0xd0
[  234.382354][ T8694]  get_compat_msghdr+0xa8/0x170
[  234.382368][ T8694]  ? __pfx_get_compat_msghdr+0x10/0x10
[  234.382383][ T8694]  ___sys_sendmsg+0x1b0/0x1e0
[  234.382400][ T8694]  ? __pfx____sys_sendmsg+0x10/0x10
[  234.382420][ T8694]  ? __pfx_lock_release+0x10/0x10
[  234.382436][ T8694]  ? trace_lock_acquire+0x14e/0x1f0
[  234.382453][ T8694]  ? __fget_files+0x206/0x3a0
[  234.382473][ T8694]  __sys_sendmsg+0x16e/0x220
[  234.382487][ T8694]  ? __pfx___sys_sendmsg+0x10/0x10
[  234.382510][ T8694]  __do_fast_syscall_32+0x73/0x120
[  234.382526][ T8694]  do_fast_syscall_32+0x32/0x80
[  234.382539][ T8694]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  234.382559][ T8694] RIP: 0023:0xf7ff3579
[  234.382568][ T8694] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  234.382578][ T8694] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  234.382590][ T8694] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  234.382596][ T8694] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  234.382602][ T8694] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  234.382608][ T8694] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  234.382614][ T8694] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  234.382626][ T8694]  </TASK>
[  236.744502][   T72] usb 8-1: new low-speed USB device number 3 using dummy_hcd
[  236.874279][   T72] usb 8-1: device descriptor read/64, error -71
[  237.124325][   T72] usb 8-1: new low-speed USB device number 4 using dummy_hcd
[  237.254347][   T72] usb 8-1: device descriptor read/64, error -71
[  237.279233][ T8728] FAULT_INJECTION: forcing a failure.
[  237.279233][ T8728] name failslab, interval 1, probability 0, space 0, times 0
[  237.283249][ T8728] CPU: 1 UID: 0 PID: 8728 Comm: syz.1.747 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  237.283269][ T8728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  237.283276][ T8728] Call Trace:
[  237.283280][ T8728]  <TASK>
[  237.283285][ T8728]  dump_stack_lvl+0x16c/0x1f0
[  237.283305][ T8728]  should_fail_ex+0x50a/0x650
[  237.283324][ T8728]  ? fs_reclaim_acquire+0xae/0x150
[  237.283341][ T8728]  should_failslab+0xc2/0x120
[  237.283360][ T8728]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  237.283377][ T8728]  ? alloc_vfsmnt+0x23/0x6f0
[  237.283391][ T8728]  alloc_vfsmnt+0x23/0x6f0
[  237.283403][ T8728]  vfs_create_mount+0x93/0x500
[  237.283418][ T8728]  __do_sys_fsmount+0x42b/0x8b0
[  237.283435][ T8728]  ? __pfx___do_sys_fsmount+0x10/0x10
[  237.283451][ T8728]  ? ksys_write+0x1ba/0x250
[  237.283471][ T8728]  __do_fast_syscall_32+0x73/0x120
[  237.283487][ T8728]  do_fast_syscall_32+0x32/0x80
[  237.283500][ T8728]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  237.283519][ T8728] RIP: 0023:0xf7f14579
[  237.283528][ T8728] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  237.283539][ T8728] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 00000000000001b0
[  237.283550][ T8728] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  237.283556][ T8728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  237.283562][ T8728] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  237.283568][ T8728] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  237.283574][ T8728] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  237.283586][ T8728]  </TASK>
[  237.364796][   T72] usb usb8-port1: attempt power cycle
[  237.571142][ T8738] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.751'.
[  237.574041][ T8737] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.751'.
[  237.704272][   T72] usb 8-1: new low-speed USB device number 5 using dummy_hcd
[  237.725893][   T72] usb 8-1: device descriptor read/8, error -71
[  237.974278][   T72] usb 8-1: new low-speed USB device number 6 using dummy_hcd
[  237.994881][   T72] usb 8-1: device descriptor read/8, error -71
[  238.121495][   T72] usb usb8-port1: unable to enumerate USB device
[  240.567243][ T8757] netlink: 4 bytes leftover after parsing attributes in process `syz.3.756'.
[  240.569869][ T8757] bridge_slave_1: left allmulticast mode
[  240.571533][ T8757] bridge_slave_1: left promiscuous mode
[  240.573321][ T8757] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.579529][ T8757] bridge_slave_0: left allmulticast mode
[  240.581748][ T8757] bridge_slave_0: left promiscuous mode
[  240.584005][ T8757] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.033655][ T8766] overlayfs: missing 'lowerdir'
[  242.175663][ T8775] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.761'.
[  242.178568][ T8774] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.761'.
[  243.673635][ T8786] netlink: 'syz.3.764': attribute type 1 has an invalid length.
[  243.804034][ T8794] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.765'.
[  243.807048][ T8790] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.765'.
[  244.947628][   T65] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  244.950995][   T65] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  244.953577][   T65] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  244.956729][   T65] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  244.959864][   T65] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  244.962151][   T65] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  245.091020][ T8805] chnl_net:caif_netlink_parms(): no params data found
[  245.172073][   T63] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.233515][ T8805] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.236708][ T8805] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.238930][ T8805] bridge_slave_0: entered allmulticast mode
[  245.241445][ T8805] bridge_slave_0: entered promiscuous mode
[  245.244695][ T8805] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.246775][ T8805] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.248873][ T8805] bridge_slave_1: entered allmulticast mode
[  245.251132][ T8805] bridge_slave_1: entered promiscuous mode
[  245.280715][   T63] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.303989][   T65] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  245.307362][   T65] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  245.310096][   T65] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  245.313025][   T65] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  245.315461][ T8805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  245.318277][   T65] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  245.322318][   T65] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  245.339167][ T8805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  245.351934][   T63] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.378639][ T8805] team0: Port device team_slave_0 added
[  245.382489][ T8805] team0: Port device team_slave_1 added
[  245.408424][ T8805] batman_adv: batadv0: Adding interface: batadv_slave_0
[  245.410526][ T8805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.418632][ T8805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  245.423808][ T8805] batman_adv: batadv0: Adding interface: batadv_slave_1
[  245.426172][ T8805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.433271][ T8805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  245.486777][   T63] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.499478][ T8805] hsr_slave_0: entered promiscuous mode
[  245.501539][ T8805] hsr_slave_1: entered promiscuous mode
[  245.503437][ T8805] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  245.505825][ T8805] Cannot create hsr debugfs directory
[  245.633098][ T8816] chnl_net:caif_netlink_parms(): no params data found
[  245.649447][   T63] bridge_slave_1: left allmulticast mode
[  245.651815][   T63] bridge_slave_1: left promiscuous mode
[  245.655262][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.660826][   T63] bridge_slave_0: left allmulticast mode
[  245.662482][   T63] bridge_slave_0: left promiscuous mode
[  245.664230][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.001026][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  246.004089][   T63] bond_slave_0: left promiscuous mode
[  246.009067][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  246.011828][   T63] bond_slave_1: left promiscuous mode
[  246.016742][   T63] bond0 (unregistering): (slave bond1): Releasing backup interface
[  246.024433][   T63] bond1 (unregistering): left promiscuous mode
[  246.026455][   T63] bond0 (unregistering): Released all slaves
[  246.115887][   T63] bond1 (unregistering): Released all slaves
[  246.278263][ T8816] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.281155][ T8816] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.283698][ T8816] bridge_slave_0: entered allmulticast mode
[  246.287752][ T8816] bridge_slave_0: entered promiscuous mode
[  246.290475][ T8805] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  246.294464][ T8816] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.296817][ T8816] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.299368][ T8816] bridge_slave_1: entered allmulticast mode
[  246.302610][ T8816] bridge_slave_1: entered promiscuous mode
[  246.340510][ T8805] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  246.360346][ T8816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  246.364462][ T8805] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  246.370133][ T8805] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  246.374657][ T8816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  246.432593][ T8816] team0: Port device team_slave_0 added
[  246.442643][ T8816] team0: Port device team_slave_1 added
[  246.465757][ T8816] batman_adv: batadv0: Adding interface: batadv_slave_0
[  246.468533][ T8816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.479144][ T8816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  246.483076][ T8816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  246.485694][ T8816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.493011][ T8816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  246.556292][ T8816] hsr_slave_0: entered promiscuous mode
[  246.558524][ T8816] hsr_slave_1: entered promiscuous mode
[  246.560568][ T8816] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  246.563722][ T8816] Cannot create hsr debugfs directory
[  246.742961][ T8805] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.780151][ T8848] netlink: 'syz.1.775': attribute type 1 has an invalid length.
[  246.784828][   T63] hsr_slave_0: left promiscuous mode
[  246.786810][   T63] hsr_slave_1: left promiscuous mode
[  246.789321][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  246.791411][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  246.794561][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  246.796634][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  246.814387][   T63] veth1_macvtap: left promiscuous mode
[  246.816283][   T63] veth0_macvtap: left promiscuous mode
[  246.819089][   T63] veth1_vlan: left promiscuous mode
[  246.820721][   T63] veth0_vlan: left promiscuous mode
[  247.046342][ T5956] Bluetooth: hci3: command tx timeout
[  247.368146][ T5956] Bluetooth: hci2: command tx timeout
[  247.396539][   T63] team0 (unregistering): Port device team_slave_1 removed
[  247.462730][   T63] team0 (unregistering): Port device team_slave_0 removed
[  247.471610][ T1210] smc: removing ib device syz1
[  247.669925][   T40] audit: type=1326 audit(1739584605.906:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.3.776" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  247.675851][   T40] audit: type=1326 audit(1739584605.906:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.3.776" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  247.681774][   T40] audit: type=1326 audit(1739584605.906:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.3.776" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  247.687867][   T40] audit: type=1326 audit(1739584605.906:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  247.694096][   T40] audit: type=1326 audit(1739584605.906:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  247.700277][   T40] audit: type=1326 audit(1739584605.906:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  247.706729][   T40] audit: type=1326 audit(1739584605.906:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  247.713659][   T40] audit: type=1326 audit(1739584605.906:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  247.723655][   T40] audit: type=1326 audit(1739584605.906:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  247.730303][   T40] audit: type=1326 audit(1739584605.916:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  248.071681][ T8848] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  248.126104][ T8816] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  248.133122][ T8816] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  248.138874][ T8816] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  248.146927][ T8816] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  248.194505][ T8805] 8021q: adding VLAN 0 to HW filter on device team0
[  248.242141][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.244404][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.279302][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.281328][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.549528][ T8805] 8021q: adding VLAN 0 to HW filter on device batadv0
[  248.562479][ T8816] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.571091][ T8816] 8021q: adding VLAN 0 to HW filter on device team0
[  248.577156][  T101] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.579103][  T101] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.589532][  T101] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.591584][  T101] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.717658][ T8805] veth0_vlan: entered promiscuous mode
[  248.723740][ T8805] veth1_vlan: entered promiscuous mode
[  248.791633][ T8805] veth0_macvtap: entered promiscuous mode
[  248.797058][ T8805] veth1_macvtap: entered promiscuous mode
[  248.819768][ T8805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.823572][ T8805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.828389][ T8805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.832151][ T8805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.841614][ T8805] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.864982][ T8805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.868665][ T8805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.872144][ T8805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.877305][ T8805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.881681][ T8805] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.885226][ T8805] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.887991][ T8805] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.890454][ T8805] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.912834][ T8805] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.960772][ T8816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  249.031477][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.036497][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.049357][ T8889] netlink: 'syz.3.778': attribute type 5 has an invalid length.
[  249.073897][  T101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.076791][  T101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.084544][   T63] bridge_slave_1: left allmulticast mode
[  249.086240][   T63] bridge_slave_1: left promiscuous mode
[  249.087984][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.097660][   T63] bridge_slave_0: left allmulticast mode
[  249.099861][   T63] bridge_slave_0: left promiscuous mode
[  249.102013][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.125019][ T5956] Bluetooth: hci3: command tx timeout
[  249.377914][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  249.381243][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  249.383987][   T63] bond0 (unregistering): Released all slaves
[  249.425635][ T8908] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.779'.
[  249.445558][ T5956] Bluetooth: hci2: command tx timeout
[  249.470911][ T8906] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.779'.
[  249.515512][ T8816] veth0_vlan: entered promiscuous mode
[  249.527146][ T8816] veth1_vlan: entered promiscuous mode
[  249.555643][ T8816] veth0_macvtap: entered promiscuous mode
[  249.567807][ T8816] veth1_macvtap: entered promiscuous mode
[  249.594789][ T8816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.597760][ T8816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.600450][ T8816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.603276][ T8816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.607170][ T8816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.610619][ T8816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.616450][ T8816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.641984][ T8816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.645792][ T8816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.649632][ T8816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.653631][ T8816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.657860][ T8816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.661771][ T8816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.670288][ T8816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.680499][ T8816] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  249.684051][ T8816] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.691732][ T8816] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  249.698490][ T8816] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.829579][  T101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.832115][  T101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.853446][  T101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.856146][  T101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.922842][   T63] hsr_slave_0: left promiscuous mode
[  249.931401][   T63] hsr_slave_1: left promiscuous mode
[  249.933447][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  249.937031][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.274863][ T8938] ttynull ttynull: ldisc open failed (-12), clearing slot 0
[  250.849238][   T63] team0 (unregistering): Port device team_slave_1 removed
[  250.920198][   T63] team0 (unregistering): Port device team_slave_0 removed
[  251.209327][ T5956] Bluetooth: hci3: command tx timeout
[  251.524422][ T5956] Bluetooth: hci2: command tx timeout
[  251.558100][ T8949] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  252.170319][ T8994] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.786'.
[  252.176123][ T8986] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.786'.
[  252.315184][ T8962] netlink: 168 bytes leftover after parsing attributes in process `syz.5.771'.
[  252.796113][ T9022] FAT-fs (sr0): bogus number of reserved sectors
[  252.798068][ T9022] FAT-fs (sr0): Can't find a valid FAT filesystem
[  253.284460][ T5956] Bluetooth: hci3: command tx timeout
[  253.604484][ T5956] Bluetooth: hci2: command tx timeout
[  254.046869][ T9075] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.792'.
[  254.050826][ T9068] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.792'.
[  255.286769][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[  255.289006][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[  255.734897][ T9115] netlink: 60 bytes leftover after parsing attributes in process `syz.1.797'.
[  255.742012][ T9115] netlink: 928 bytes leftover after parsing attributes in process `syz.1.797'.
[  256.745533][ T9150] netlink: 'syz.5.808': attribute type 1 has an invalid length.
[  256.828715][ T9150] veth3: entered promiscuous mode
[  256.955521][ T9159] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.810'.
[  256.960464][ T9155] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.810'.
[  257.627633][   T40] kauditd_printk_skb: 36 callbacks suppressed
[  257.627646][   T40] audit: type=1326 audit(1739584615.866:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.814" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  257.635829][   T40] audit: type=1326 audit(1739584615.876:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.814" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  257.642212][   T40] audit: type=1326 audit(1739584615.876:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.3.814" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  257.648767][   T40] audit: type=1326 audit(1739584615.876:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  257.655787][   T40] audit: type=1326 audit(1739584615.876:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  257.662132][   T40] audit: type=1326 audit(1739584615.876:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  257.670353][   T40] audit: type=1326 audit(1739584615.876:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  257.676691][   T40] audit: type=1326 audit(1739584615.876:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  257.682855][   T40] audit: type=1326 audit(1739584615.876:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  257.689481][   T40] audit: type=1326 audit(1739584615.886:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000
[  259.025652][ T9212] capability: warning: `syz.5.825' uses deprecated v2 capabilities in a way that may be insecure
[  259.663733][ T9234] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.830'.
[  259.671647][ T9231] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.830'.
[  259.699594][ T9235] netlink: 28 bytes leftover after parsing attributes in process `syz.5.831'.
[  259.703047][ T9235] netlink: 28 bytes leftover after parsing attributes in process `syz.5.831'.
[  259.715774][ T9237] FAULT_INJECTION: forcing a failure.
[  259.715774][ T9237] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.720704][ T9237] CPU: 2 UID: 0 PID: 9237 Comm: syz.4.832 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  259.720726][ T9237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  259.720736][ T9237] Call Trace:
[  259.720783][ T9237]  <TASK>
[  259.720791][ T9237]  dump_stack_lvl+0x16c/0x1f0
[  259.721224][ T9237]  should_fail_ex+0x50a/0x650
[  259.721506][ T9237]  _copy_to_user+0x32/0xd0
[  259.721571][ T9237]  simple_read_from_buffer+0xd0/0x160
[  259.721700][ T9237]  proc_fail_nth_read+0x198/0x270
[  259.721721][ T9237]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  259.721744][ T9237]  ? rw_verify_area+0xcf/0x680
[  259.721788][ T9237]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  259.721807][ T9237]  vfs_read+0x1df/0xbf0
[  259.721829][ T9237]  ? __fget_files+0x1fc/0x3a0
[  259.721858][ T9237]  ? __pfx___mutex_lock+0x10/0x10
[  259.721900][ T9237]  ? __pfx_vfs_read+0x10/0x10
[  259.721927][ T9237]  ? __fget_files+0x206/0x3a0
[  259.721956][ T9237]  ksys_read+0x12b/0x250
[  259.721978][ T9237]  ? __pfx_ksys_read+0x10/0x10
[  259.722008][ T9237]  __do_fast_syscall_32+0x73/0x120
[  259.722033][ T9237]  do_fast_syscall_32+0x32/0x80
[  259.722053][ T9237]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  259.722128][ T9237] RIP: 0023:0xf7fc7579
[  259.722143][ T9237] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  259.722160][ T9237] RSP: 002b:00000000f50e6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  259.722200][ T9237] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50e6620
[  259.722212][ T9237] RDX: 000000000000000f RSI: 00000000f744cff4 RDI: 0000000000000000
[  259.722222][ T9237] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  259.722232][ T9237] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  259.722242][ T9237] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  259.722265][ T9237]  </TASK>
[  260.072240][ T9244] netlink: 104 bytes leftover after parsing attributes in process `syz.4.833'.
[  262.342913][ T5986] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  262.494519][ T5986] usb 9-1: Using ep0 maxpacket: 8
[  262.513468][ T5986] usb 9-1: config 0 has no interfaces?
[  262.515863][ T5986] usb 9-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  262.518654][ T5986] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.597964][ T5986] usb 9-1: config 0 descriptor??
[  262.650561][ T9301] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.844'.
[  262.658808][ T9298] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.844'.
[  262.803597][ T5956] Bluetooth: hci3: Unknown advertising packet type: 0x5a
[  262.803694][ T5956] Bluetooth: hci3: Malformed LE Event: 0x0d
[  262.808679][ T9276] netlink: 8 bytes leftover after parsing attributes in process `syz.4.840'.
[  262.821323][    T9] usb 9-1: USB disconnect, device number 2
[  263.603898][ T9356] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.850'.
[  263.608538][ T9351] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.850'.
[  263.914240][ T5949] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  264.065326][ T5949] usb 10-1: Using ep0 maxpacket: 16
[  264.075220][ T5949] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  264.079108][ T5949] usb 10-1: config 0 interface 0 has no altsetting 0
[  264.090401][ T5949] usb 10-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=9d.3d
[  264.094004][ T5949] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.099329][ T5949] usb 10-1: Product: syz
[  264.100832][ T5949] usb 10-1: Manufacturer: syz
[  264.102446][ T5949] usb 10-1: SerialNumber: syz
[  264.107480][ T5949] usb 10-1: config 0 descriptor??
[  264.110695][ T5949] hub 10-1:0.0: bad descriptor, ignoring hub
[  264.112956][ T5949] hub 10-1:0.0: probe with driver hub failed with error -5
[  264.126766][ T5949] usb 10-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  264.158196][ T1210] usb 10-1: Failed to submit usb control message: -71
[  264.160280][ T1210] usb 10-1: unable to send the bmi data to the device: -71
[  264.162180][ T1210] usb 10-1: unable to get target info from device
[  264.163917][ T1210] usb 10-1: could not get target info (-71)
[  264.168249][ T1210] usb 10-1: could not probe fw (-71)
[  265.023412][ T9414] netlink: 16 bytes leftover after parsing attributes in process `syz.3.857'.
[  265.344539][   T56] usb 10-1: USB disconnect, device number 2
[  265.416060][ T9441] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.862'.
[  265.460211][ T9437] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.862'.
[  265.639402][   T40] kauditd_printk_skb: 40 callbacks suppressed
[  265.639415][   T40] audit: type=1326 audit(1739584623.876:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.4.865" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.647467][   T40] audit: type=1326 audit(1739584623.876:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.4.865" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.653186][   T40] audit: type=1326 audit(1739584623.876:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.4.865" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.660161][   T40] audit: type=1326 audit(1739584623.876:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.667187][   T40] audit: type=1326 audit(1739584623.876:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.673093][   T40] audit: type=1326 audit(1739584623.876:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.679317][   T40] audit: type=1326 audit(1739584623.876:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.685644][   T40] audit: type=1326 audit(1739584623.876:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.691801][   T40] audit: type=1326 audit(1739584623.876:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.697916][   T40] audit: type=1326 audit(1739584623.876:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7579 code=0x7ffc0000
[  265.894183][ T9462] netlink: 8 bytes leftover after parsing attributes in process `syz.5.866'.
[  266.085771][ T9468] loop2: detected capacity change from 0 to 7
[  266.090991][ T9468] Dev loop2: unable to read RDB block 7
[  266.093098][ T9468]  loop2: unable to read partition table
[  266.096264][ T9468] loop2: partition table beyond EOD, truncated
[  266.098701][ T9468] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  266.908737][ T9485] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  266.911767][ T9485] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  268.103321][ T9514] bpf: Bad value for 'gid'
[  268.561384][ T9524] process 'syz.4.883' launched './file0' with NULL argv: empty string added
[  269.033443][ T9535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.887'.
[  269.038922][ T9535] netlink: 8 bytes leftover after parsing attributes in process `syz.3.887'.
[  269.163239][ T9539] FAULT_INJECTION: forcing a failure.
[  269.163239][ T9539] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.167872][ T9539] CPU: 2 UID: 0 PID: 9539 Comm: syz.4.888 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  269.167896][ T9539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.167907][ T9539] Call Trace:
[  269.167915][ T9539]  <TASK>
[  269.167922][ T9539]  dump_stack_lvl+0x16c/0x1f0
[  269.167955][ T9539]  should_fail_ex+0x50a/0x650
[  269.167987][ T9539]  _copy_from_user+0x2e/0xd0
[  269.168006][ T9539]  get_compat_msghdr+0xa8/0x170
[  269.168215][ T9539]  ? __pfx_get_compat_msghdr+0x10/0x10
[  269.168235][ T9539]  ___sys_sendmsg+0x1b0/0x1e0
[  269.168286][ T9539]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.168311][ T9539]  ? __pfx_lock_release+0x10/0x10
[  269.168409][ T9539]  ? trace_lock_acquire+0x14e/0x1f0
[  269.168435][ T9539]  ? __fget_files+0x206/0x3a0
[  269.168462][ T9539]  __sys_sendmsg+0x16e/0x220
[  269.168483][ T9539]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.168521][ T9539]  __do_fast_syscall_32+0x73/0x120
[  269.168546][ T9539]  do_fast_syscall_32+0x32/0x80
[  269.168567][ T9539]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  269.168595][ T9539] RIP: 0023:0xf7fc7579
[  269.168607][ T9539] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  269.168624][ T9539] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  269.168640][ T9539] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001240
[  269.168651][ T9539] RDX: 0000000020044811 RSI: 0000000000000000 RDI: 0000000000000000
[  269.168659][ T9539] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  269.168670][ T9539] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  269.168686][ T9539] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  269.168709][ T9539]  </TASK>
[  269.534840][ T9551] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 9551 comm: syz.5.892)
[  269.850949][ T9560] FAULT_INJECTION: forcing a failure.
[  269.850949][ T9560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.854900][ T9560] CPU: 1 UID: 0 PID: 9560 Comm: syz.3.895 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  269.854916][ T9560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.854923][ T9560] Call Trace:
[  269.854927][ T9560]  <TASK>
[  269.854931][ T9560]  dump_stack_lvl+0x16c/0x1f0
[  269.854951][ T9560]  should_fail_ex+0x50a/0x650
[  269.854972][ T9560]  _copy_from_user+0x2e/0xd0
[  269.854985][ T9560]  get_compat_msghdr+0xa8/0x170
[  269.854998][ T9560]  ? __pfx_get_compat_msghdr+0x10/0x10
[  269.855014][ T9560]  ___sys_recvmsg+0x193/0x1a0
[  269.855031][ T9560]  ? __pfx____sys_recvmsg+0x10/0x10
[  269.855045][ T9560]  ? __fget_files+0x1fc/0x3a0
[  269.855063][ T9560]  ? trace_lock_acquire+0x14e/0x1f0
[  269.855081][ T9560]  ? __fget_files+0x206/0x3a0
[  269.855100][ T9560]  do_recvmmsg+0x55d/0x740
[  269.855116][ T9560]  ? __pfx_do_recvmmsg+0x10/0x10
[  269.855131][ T9560]  ? vfs_write+0x306/0x1150
[  269.855154][ T9560]  ? __fget_files+0x206/0x3a0
[  269.855171][ T9560]  __sys_recvmmsg+0x21e/0x280
[  269.855187][ T9560]  ? __pfx___sys_recvmmsg+0x10/0x10
[  269.855203][ T9560]  ? __pfx_ksys_write+0x10/0x10
[  269.855220][ T9560]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  269.855233][ T9560]  ? lockdep_hardirqs_on+0x7c/0x110
[  269.855246][ T9560]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  269.855259][ T9560]  __do_fast_syscall_32+0x73/0x120
[  269.855274][ T9560]  do_fast_syscall_32+0x32/0x80
[  269.855287][ T9560]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  269.855306][ T9560] RIP: 0023:0xf7ff3579
[  269.855315][ T9560] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  269.855325][ T9560] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  269.855336][ T9560] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[  269.855343][ T9560] RDX: 0000000000000001 RSI: 0000000000010102 RDI: 0000000000000000
[  269.855349][ T9560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  269.855354][ T9560] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  269.855360][ T9560] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  269.855373][ T9560]  </TASK>
[  270.407825][ T9576] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.900'.
[  270.410707][ T9575] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.900'.
[  270.926643][ T9586] netlink: 'syz.1.904': attribute type 1 has an invalid length.
[  270.936508][ T9586] 8021q: adding VLAN 0 to HW filter on device bond2
[  270.941715][ T9586] netlink: 8 bytes leftover after parsing attributes in process `syz.1.904'.
[  270.944376][ T9586] netlink: 16 bytes leftover after parsing attributes in process `syz.1.904'.
[  271.364415][  T834] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  271.514342][  T834] usb 8-1: Using ep0 maxpacket: 8
[  271.520621][  T834] usb 8-1: config 0 has no interfaces?
[  271.522408][  T834] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  271.526425][  T834] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.534218][  T834] usb 8-1: config 0 descriptor??
[  271.706823][ T5956] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  271.709480][ T5956] CPU: 2 UID: 0 PID: 5956 Comm: kworker/u33:8 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  271.709525][ T5956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  271.709536][ T5956] Workqueue: hci3 hci_rx_work
[  271.709687][ T5956] Call Trace:
[  271.709693][ T5956]  <TASK>
[  271.709699][ T5956]  dump_stack_lvl+0x16c/0x1f0
[  271.709719][ T5956]  sysfs_warn_dup+0x7f/0xa0
[  271.709782][ T5956]  sysfs_create_dir_ns+0x24d/0x2b0
[  271.709798][ T5956]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  271.709834][ T5956]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  271.709891][ T5956]  ? kobject_add_internal+0x12d/0x990
[  271.709910][ T5956]  ? do_raw_spin_unlock+0x172/0x230
[  271.709942][ T5956]  kobject_add_internal+0x2c8/0x990
[  271.709967][ T5956]  kobject_add+0x16f/0x240
[  271.710005][ T5956]  ? __pfx_kobject_add+0x10/0x10
[  271.710021][ T5956]  ? class_to_subsys+0x3e/0x160
[  271.710146][ T5956]  ? do_raw_spin_unlock+0x172/0x230
[  271.710158][ T5956]  ? kobject_put+0xab/0x5a0
[  271.710192][ T5956]  device_add+0x289/0x1a70
[  271.710210][ T5956]  ? __pfx_dev_set_name+0x10/0x10
[  271.710247][ T5956]  ? __pfx_device_add+0x10/0x10
[  271.710283][ T5956]  ? mgmt_send_event_skb+0x2f2/0x460
[  271.710307][ T5956]  hci_conn_add_sysfs+0x17e/0x230
[  271.710346][ T5956]  le_conn_complete_evt+0x107f/0x1da0
[  271.710384][ T5956]  ? __pfx_lock_release+0x10/0x10
[  271.710402][ T5956]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  271.710436][ T5956]  ? __mutex_lock+0x1cc/0xb10
[  271.710458][ T5956]  hci_le_conn_complete_evt+0x23c/0x370
[  271.710512][ T5956]  hci_le_meta_evt+0x2e2/0x5d0
[  271.710547][ T5956]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  271.710567][ T5956]  hci_event_packet+0x666/0x1180
[  271.710601][ T5956]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  271.710638][ T5956]  ? __pfx_hci_event_packet+0x10/0x10
[  271.710654][ T5956]  ? mark_held_locks+0x9f/0xe0
[  271.710688][ T5956]  ? kcov_remote_start+0x3cf/0x6e0
[  271.710709][ T5956]  ? lockdep_hardirqs_on+0x7c/0x110
[  271.710746][ T5956]  hci_rx_work+0x2c5/0x16b0
[  271.710783][ T5956]  ? process_one_work+0x921/0x1ba0
[  271.710804][ T5956]  process_one_work+0x9c5/0x1ba0
[  271.710854][ T5956]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  271.710872][ T5956]  ? __pfx_process_one_work+0x10/0x10
[  271.710906][ T5956]  ? assign_work+0x1a0/0x250
[  271.710939][ T5956]  worker_thread+0x6c8/0xf00
[  271.710966][ T5956]  ? __kthread_parkme+0x148/0x220
[  271.710995][ T5956]  ? __pfx_worker_thread+0x10/0x10
[  271.711013][ T5956]  kthread+0x3af/0x750
[  271.711048][ T5956]  ? __pfx_kthread+0x10/0x10
[  271.711064][ T5956]  ? lock_acquire+0x2f/0xb0
[  271.711098][ T5956]  ? __pfx_kthread+0x10/0x10
[  271.711114][ T5956]  ret_from_fork+0x45/0x80
[  271.711148][ T5956]  ? __pfx_kthread+0x10/0x10
[  271.711163][ T5956]  ret_from_fork_asm+0x1a/0x30
[  271.711201][ T5956]  </TASK>
[  271.711217][ T5956] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  271.746682][   T65] Bluetooth: hci0: Unknown advertising packet type: 0x5a
[  271.748047][ T5949] usb 8-1: USB disconnect, device number 7
[  271.748340][ T5956] Bluetooth: hci3: failed to register connection device
[  271.750203][   T65] Bluetooth: hci0: Malformed LE Event: 0x0d
[  271.897914][  T834] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  272.294226][  T834] usb 10-1: Using ep0 maxpacket: 8
[  272.296934][  T834] usb 10-1: config 0 has no interfaces?
[  272.298489][  T834] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  272.301138][  T834] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.304761][  T834] usb 10-1: config 0 descriptor??
[  272.559432][   T65] Bluetooth: hci2: Unknown advertising packet type: 0x5a
[  272.559505][   T65] Bluetooth: hci2: Malformed LE Event: 0x0d
[  272.567131][ T9599] netlink: 8 bytes leftover after parsing attributes in process `syz.5.907'.
[  272.570716][ T5986] usb 10-1: USB disconnect, device number 3
[  273.326421][   T65] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  274.038406][ T9641] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.919'.
[  274.041566][ T9639] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.919'.
[  274.170630][    C3] vxcan1: j1939_tp_rxtimer: 0xffff8880232f0c00: rx timeout, send abort
[  274.177589][    C3] vxcan1: j1939_xtp_rx_abort_one: 0xffff8880232f0c00: 0x1f000: (3) A timeout occurred and this is the connection abort to close the session.
[  274.989213][ T9658] program syz.5.924 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  274.991924][ T9658] ata1.00: invalid service action 31
[  274.996008][ T9658] fuse: Bad value for 'group_id'
[  274.998020][ T9658] fuse: Bad value for 'group_id'
[  276.446362][ T9686] netlink: 4 bytes leftover after parsing attributes in process `syz.4.933'.
[  276.644707][  T834] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  276.795876][  T834] usb 6-1: Using ep0 maxpacket: 8
[  276.800368][  T834] usb 6-1: config 0 has no interfaces?
[  276.802435][  T834] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  276.811417][  T834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.824528][  T834] usb 6-1: config 0 descriptor??
[  277.092531][  T834] usb 6-1: USB disconnect, device number 2
[  277.234377][ T5296] Bluetooth: hci1: Unknown advertising packet type: 0x5a
[  277.234524][ T5296] Bluetooth: hci1: Malformed LE Event: 0x0d
[  277.983712][   T40] kauditd_printk_skb: 160 callbacks suppressed
[  277.983725][   T40] audit: type=1326 audit(1739584636.216:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  277.994283][   T40] audit: type=1326 audit(1739584636.216:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  278.001046][   T40] audit: type=1326 audit(1739584636.216:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=96 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  278.009166][   T40] audit: type=1326 audit(1739584636.216:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  278.018016][   T40] audit: type=1326 audit(1739584636.216:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  278.024529][   T40] audit: type=1326 audit(1739584636.216:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  278.032236][   T40] audit: type=1326 audit(1739584636.226:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  278.040552][   T40] audit: type=1326 audit(1739584636.226:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  278.048437][   T40] audit: type=1326 audit(1739584636.226:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  278.056501][   T40] audit: type=1326 audit(1739584636.226:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.5.944" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  278.164255][ T5296] Bluetooth: hci3: command 0x0406 tx timeout
[  278.687424][ T9742] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  278.691585][ T9742] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  278.694899][ T9742] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  278.698252][ T9742] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  278.704852][ T9742] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  278.708310][ T9742] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  278.711664][ T9742] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  278.715632][ T9742] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  278.719390][ T5296] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  278.720304][ T9742] geneve2: entered promiscuous mode
[  278.724388][ T9742] geneve2: entered allmulticast mode
[  279.158040][ T9753] FAULT_INJECTION: forcing a failure.
[  279.158040][ T9753] name failslab, interval 1, probability 0, space 0, times 0
[  279.161984][ T9753] CPU: 3 UID: 0 PID: 9753 Comm: syz.1.954 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  279.161999][ T9753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  279.162006][ T9753] Call Trace:
[  279.162012][ T9753]  <TASK>
[  279.162016][ T9753]  dump_stack_lvl+0x16c/0x1f0
[  279.162035][ T9753]  should_fail_ex+0x50a/0x650
[  279.162056][ T9753]  ? fs_reclaim_acquire+0xae/0x150
[  279.162073][ T9753]  ? alloc_pipe_info+0x10e/0x590
[  279.162090][ T9753]  should_failslab+0xc2/0x120
[  279.162108][ T9753]  __kmalloc_cache_noprof+0x68/0x410
[  279.162123][ T9753]  ? trace_lock_acquire+0x14e/0x1f0
[  279.162140][ T9753]  alloc_pipe_info+0x10e/0x590
[  279.162158][ T9753]  splice_direct_to_actor+0x793/0xa40
[  279.162174][ T9753]  ? get_pid_task+0xfc/0x250
[  279.162186][ T9753]  ? __pfx_direct_splice_actor+0x10/0x10
[  279.162202][ T9753]  ? __pfx_aa_file_perm+0x10/0x10
[  279.162278][ T9753]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  279.162300][ T9753]  ? __fget_files+0x1fc/0x3a0
[  279.162323][ T9753]  do_splice_direct+0x178/0x250
[  279.162344][ T9753]  ? __pfx_do_splice_direct+0x10/0x10
[  279.162363][ T9753]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  279.162383][ T9753]  ? rw_verify_area+0xcf/0x680
[  279.162397][ T9753]  do_sendfile+0xafb/0xe40
[  279.162414][ T9753]  ? __pfx_do_sendfile+0x10/0x10
[  279.162428][ T9753]  ? __fget_files+0x206/0x3a0
[  279.162447][ T9753]  __ia32_compat_sys_sendfile+0x1e7/0x230
[  279.162457][ T9753]  ? ksys_write+0x1ba/0x250
[  279.162471][ T9753]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  279.162493][ T9753]  __do_fast_syscall_32+0x73/0x120
[  279.162509][ T9753]  do_fast_syscall_32+0x32/0x80
[  279.162522][ T9753]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  279.162541][ T9753] RIP: 0023:0xf7f14579
[  279.162550][ T9753] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  279.162561][ T9753] RSP: 002b:00000000f501555c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  279.162574][ T9753] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000003
[  279.162580][ T9753] RDX: 0000000000000000 RSI: 0000000010000084 RDI: 0000000000000000
[  279.162586][ T9753] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  279.162591][ T9753] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  279.162597][ T9753] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  279.162609][ T9753]  </TASK>
[  279.379136][ T9758] netlink: 12 bytes leftover after parsing attributes in process `syz.5.956'.
[  279.488381][ T9758] 8021q: adding VLAN 0 to HW filter on device bond1
[  279.505374][ T9761] 8021q: adding VLAN 0 to HW filter on device bond1
[  279.508236][ T9761] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  279.512852][ T9761] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  280.058367][ T9769] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.957'.
[  280.062082][ T9768] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.957'.
[  280.148795][ T9773] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 9773 comm: syz.3.959)
[  282.484405][ T5296] Bluetooth: hci0: command 0x0406 tx timeout
[  282.672277][ T9805] netlink: 14 bytes leftover after parsing attributes in process `syz.1.969'.
[  282.865058][   T65] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  283.651197][ T9823] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  283.653272][ T9823] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  283.660134][ T9823] vhci_hcd vhci_hcd.0: Device attached
[  283.780639][ T9829] netlink: 28 bytes leftover after parsing attributes in process `syz.3.976'.
[  283.783521][ T9829] netlink: 28 bytes leftover after parsing attributes in process `syz.3.976'.
[  283.894287][ T5983] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  284.134306][ T5949] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  284.294353][ T5949] usb 6-1: Using ep0 maxpacket: 8
[  284.297401][ T5949] usb 6-1: config 0 has no interfaces?
[  284.299015][ T5949] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  284.302293][ T5949] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.306247][ T5949] usb 6-1: config 0 descriptor??
[  284.478260][ T9825] vhci_hcd: connection reset by peer
[  284.481804][   T11] vhci_hcd: stop threads
[  284.483771][   T11] vhci_hcd: release socket
[  284.487966][   T11] vhci_hcd: disconnect device
[  284.515361][ T5296] Bluetooth: hci1: Unknown advertising packet type: 0x5a
[  284.515388][ T5296] Bluetooth: hci1: Malformed LE Event: 0x0d
[  284.516870][ T5949] usb 6-1: USB disconnect, device number 3
[  284.762249][   T40] kauditd_printk_skb: 111 callbacks suppressed
[  284.762262][   T40] audit: type=1326 audit(1739584642.996:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm="syz.5.979" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  284.770289][   T40] audit: type=1326 audit(1739584642.996:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm="syz.5.979" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  284.776368][   T40] audit: type=1326 audit(1739584643.006:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm="syz.5.979" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  284.782730][   T40] audit: type=1326 audit(1739584643.006:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  284.791206][   T40] audit: type=1326 audit(1739584643.006:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  284.800869][   T40] audit: type=1326 audit(1739584643.006:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  284.808050][   T40] audit: type=1326 audit(1739584643.006:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  284.817914][   T40] audit: type=1326 audit(1739584643.006:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  284.826673][   T40] audit: type=1326 audit(1739584643.006:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  284.833188][   T40] audit: type=1326 audit(1739584643.006:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9836 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000
[  285.965218][ T5296] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  285.968015][ T5296] CPU: 0 UID: 0 PID: 5296 Comm: kworker/u33:1 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  285.968033][ T5296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.968042][ T5296] Workqueue: hci2 hci_rx_work
[  285.968066][ T5296] Call Trace:
[  285.968072][ T5296]  <TASK>
[  285.968076][ T5296]  dump_stack_lvl+0x16c/0x1f0
[  285.968095][ T5296]  sysfs_warn_dup+0x7f/0xa0
[  285.968113][ T5296]  sysfs_create_dir_ns+0x24d/0x2b0
[  285.968129][ T5296]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  285.968143][ T5296]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  285.968166][ T5296]  ? kobject_add_internal+0x12d/0x990
[  285.968185][ T5296]  ? do_raw_spin_unlock+0x172/0x230
[  285.968197][ T5296]  kobject_add_internal+0x2c8/0x990
[  285.968216][ T5296]  kobject_add+0x16f/0x240
[  285.968231][ T5296]  ? __pfx_kobject_add+0x10/0x10
[  285.968277][ T5296]  ? class_to_subsys+0x3e/0x160
[  285.968297][ T5296]  ? do_raw_spin_unlock+0x172/0x230
[  285.968310][ T5296]  ? kobject_put+0xab/0x5a0
[  285.968328][ T5296]  device_add+0x289/0x1a70
[  285.968346][ T5296]  ? __pfx_dev_set_name+0x10/0x10
[  285.968364][ T5296]  ? __pfx_device_add+0x10/0x10
[  285.968380][ T5296]  ? mgmt_send_event_skb+0x2f2/0x460
[  285.968400][ T5296]  hci_conn_add_sysfs+0x17e/0x230
[  285.968418][ T5296]  le_conn_complete_evt+0x107f/0x1da0
[  285.968438][ T5296]  ? __pfx_lock_release+0x10/0x10
[  285.968453][ T5296]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  285.968468][ T5296]  ? __mutex_lock+0x1cc/0xb10
[  285.968486][ T5296]  hci_le_conn_complete_evt+0x23c/0x370
[  285.968509][ T5296]  hci_le_meta_evt+0x2e2/0x5d0
[  285.968525][ T5296]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  285.968541][ T5296]  hci_event_packet+0x666/0x1180
[  285.968556][ T5296]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  285.968573][ T5296]  ? __pfx_hci_event_packet+0x10/0x10
[  285.968589][ T5296]  ? mark_held_locks+0x9f/0xe0
[  285.968606][ T5296]  ? kcov_remote_start+0x3cf/0x6e0
[  285.968626][ T5296]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.968644][ T5296]  hci_rx_work+0x2c5/0x16b0
[  285.968661][ T5296]  ? process_one_work+0x921/0x1ba0
[  285.968678][ T5296]  process_one_work+0x9c5/0x1ba0
[  285.968696][ T5296]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  285.968711][ T5296]  ? __pfx_process_one_work+0x10/0x10
[  285.968730][ T5296]  ? assign_work+0x1a0/0x250
[  285.968744][ T5296]  worker_thread+0x6c8/0xf00
[  285.968763][ T5296]  ? __kthread_parkme+0x148/0x220
[  285.968774][ T5296]  ? __pfx_worker_thread+0x10/0x10
[  285.968789][ T5296]  kthread+0x3af/0x750
[  285.968802][ T5296]  ? __pfx_kthread+0x10/0x10
[  285.968814][ T5296]  ? lock_acquire+0x2f/0xb0
[  285.968830][ T5296]  ? __pfx_kthread+0x10/0x10
[  285.968843][ T5296]  ret_from_fork+0x45/0x80
[  285.968858][ T5296]  ? __pfx_kthread+0x10/0x10
[  285.968871][ T5296]  ret_from_fork_asm+0x1a/0x30
[  285.968890][ T5296]  </TASK>
[  285.968902][ T5296] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  286.051489][ T5296] Bluetooth: hci2: failed to register connection device
[  286.120911][ T5296] ==================================================================
[  286.123231][ T5296] BUG: KASAN: slab-use-after-free in l2cap_sock_new_connection_cb+0x22a/0x240
[  286.125736][ T5296] Read of size 8 at addr ffff8880243a5580 by task kworker/u33:1/5296
[  286.129151][ T5296] 
[  286.130624][ T5296] CPU: 0 UID: 0 PID: 5296 Comm: kworker/u33:1 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  286.130698][ T5296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.130709][ T5296] Workqueue: hci2 hci_rx_work
[  286.130732][ T5296] Call Trace:
[  286.130759][ T5296]  <TASK>
[  286.130764][ T5296]  dump_stack_lvl+0x116/0x1f0
[  286.130783][ T5296]  print_report+0xc3/0x620
[  286.130834][ T5296]  ? __virt_addr_valid+0x5e/0x590
[  286.130849][ T5296]  ? __phys_addr+0xc6/0x150
[  286.130885][ T5296]  kasan_report+0xd9/0x110
[  286.130904][ T5296]  ? l2cap_sock_new_connection_cb+0x22a/0x240
[  286.130950][ T5296]  ? l2cap_sock_new_connection_cb+0x22a/0x240
[  286.130992][ T5296]  l2cap_sock_new_connection_cb+0x22a/0x240
[  286.131035][ T5296]  l2cap_connect_cfm+0x85f/0xf10
[  286.131053][ T5296]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  286.131090][ T5296]  ? hci_cb_lookup+0x319/0x4e0
[  286.131109][ T5296]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  286.131147][ T5296]  le_conn_complete_evt+0x168d/0x1da0
[  286.131185][ T5296]  ? __pfx_lock_release+0x10/0x10
[  286.131205][ T5296]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  286.131244][ T5296]  hci_le_conn_complete_evt+0x23c/0x370
[  286.131280][ T5296]  hci_le_meta_evt+0x2e2/0x5d0
[  286.131298][ T5296]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  286.131335][ T5296]  hci_event_packet+0x666/0x1180
[  286.131352][ T5296]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  286.131389][ T5296]  ? __pfx_hci_event_packet+0x10/0x10
[  286.131427][ T5296]  ? mark_held_locks+0x9f/0xe0
[  286.131445][ T5296]  ? kcov_remote_start+0x3cf/0x6e0
[  286.131485][ T5296]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.131501][ T5296]  hci_rx_work+0x2c5/0x16b0
[  286.131535][ T5296]  ? process_one_work+0x921/0x1ba0
[  286.131571][ T5296]  process_one_work+0x9c5/0x1ba0
[  286.131590][ T5296]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  286.131624][ T5296]  ? __pfx_process_one_work+0x10/0x10
[  286.131661][ T5296]  ? assign_work+0x1a0/0x250
[  286.131678][ T5296]  worker_thread+0x6c8/0xf00
[  286.131711][ T5296]  ? __kthread_parkme+0x148/0x220
[  286.131725][ T5296]  ? __pfx_worker_thread+0x10/0x10
[  286.131758][ T5296]  kthread+0x3af/0x750
[  286.131774][ T5296]  ? __pfx_kthread+0x10/0x10
[  286.131811][ T5296]  ? lock_acquire+0x2f/0xb0
[  286.131830][ T5296]  ? __pfx_kthread+0x10/0x10
[  286.131863][ T5296]  ret_from_fork+0x45/0x80
[  286.131881][ T5296]  ? __pfx_kthread+0x10/0x10
[  286.131916][ T5296]  ret_from_fork_asm+0x1a/0x30
[  286.131953][ T5296]  </TASK>
[  286.131958][ T5296] 
[  286.201281][ T5296] Allocated by task 5296:
[  286.202619][ T5296]  kasan_save_stack+0x33/0x60
[  286.204013][ T5296]  kasan_save_track+0x14/0x30
[  286.205367][ T5296]  __kasan_kmalloc+0xaa/0xb0
[  286.206781][ T5296]  __kmalloc_noprof+0x21c/0x510
[  286.208245][ T5296]  sk_prot_alloc+0x1a8/0x2a0
[  286.209624][ T5296]  sk_alloc+0x36/0xb90
[  286.210803][ T5296]  bt_sock_alloc+0x3b/0x3a0
[  286.212149][ T5296]  l2cap_sock_alloc.constprop.0+0x33/0x1d0
[  286.213881][ T5296]  l2cap_sock_new_connection_cb+0x101/0x240
[  286.215546][ T5296]  l2cap_connect_cfm+0x85f/0xf10
[  286.217057][ T5296]  le_conn_complete_evt+0x168d/0x1da0
[  286.218637][ T5296]  hci_le_conn_complete_evt+0x23c/0x370
[  286.220211][ T5296]  hci_le_meta_evt+0x2e2/0x5d0
[  286.221590][ T5296]  hci_event_packet+0x666/0x1180
[  286.223082][ T5296]  hci_rx_work+0x2c5/0x16b0
[  286.224413][ T5296]  process_one_work+0x9c5/0x1ba0
[  286.225847][ T5296]  worker_thread+0x6c8/0xf00
[  286.227162][ T5296]  kthread+0x3af/0x750
[  286.228347][ T5296]  ret_from_fork+0x45/0x80
[  286.229667][ T5296]  ret_from_fork_asm+0x1a/0x30
[  286.231044][ T5296] 
[  286.231750][ T5296] Freed by task 9862:
[  286.232890][ T5296]  kasan_save_stack+0x33/0x60
[  286.234328][ T5296]  kasan_save_track+0x14/0x30
[  286.235709][ T5296]  kasan_save_free_info+0x3b/0x60
[  286.237154][ T5296]  __kasan_slab_free+0x51/0x70
[  286.238570][ T5296]  kfree+0x2c4/0x4d0
[  286.238612][ T5296]  __sk_destruct+0x5eb/0x720
[  286.241236][ T5296]  sk_destruct+0xc2/0xf0
[  286.242556][ T5296]  __sk_free+0xf4/0x3e0
[  286.243881][ T5296]  sk_free+0x6a/0x90
[  286.245107][ T5296]  l2cap_sock_kill+0x171/0x2d0
[  286.246506][ T5296]  l2cap_sock_cleanup_listen+0x3d/0x2a0
[  286.248092][ T5296]  l2cap_sock_release+0x5c/0x210
[  286.249555][ T5296]  __sock_release+0xb0/0x270
[  286.250976][ T5296]  sock_close+0x1c/0x30
[  286.252191][ T5296]  __fput+0x3ff/0xb70
[  286.253352][ T5296]  task_work_run+0x14e/0x250
[  286.254720][ T5296]  syscall_exit_to_user_mode+0x27b/0x2a0
[  286.256401][ T5296]  __do_fast_syscall_32+0x80/0x120
[  286.257891][ T5296]  do_fast_syscall_32+0x32/0x80
[  286.259312][ T5296]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.261275][ T5296] 
[  286.261996][ T5296] The buggy address belongs to the object at ffff8880243a5000
[  286.261996][ T5296]  which belongs to the cache kmalloc-2k of size 2048
[  286.265973][ T5296] The buggy address is located 1408 bytes inside of
[  286.265973][ T5296]  freed 2048-byte region [ffff8880243a5000, ffff8880243a5800)
[  286.269828][ T5296] 
[  286.270511][ T5296] The buggy address belongs to the physical page:
[  286.272323][ T5296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x243a0
[  286.274774][ T5296] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  286.277102][ T5296] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  286.279328][ T5296] page_type: f5(slab)
[  286.280425][ T5296] raw: 00fff00000000040 ffff88801b042f00 dead000000000100 dead000000000122
[  286.282849][ T5296] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  286.285269][ T5296] head: 00fff00000000040 ffff88801b042f00 dead000000000100 dead000000000122
[  286.287697][ T5296] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  286.290208][ T5296] head: 00fff00000000003 ffffea000090e801 ffffffffffffffff 0000000000000000
[  286.292596][ T5296] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  286.294987][ T5296] page dumped because: kasan: bad access detected
[  286.296759][ T5296] page_owner tracks the page as allocated
[  286.298355][ T5296] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 15615680851, free_ts 15607786655
[  286.303992][ T5296]  post_alloc_hook+0x181/0x1b0
[  286.305369][ T5296]  get_page_from_freelist+0xfce/0x2f80
[  286.306976][ T5296]  __alloc_frozen_pages_noprof+0x221/0x2470
[  286.308696][ T5296]  alloc_pages_mpol+0x1fc/0x540
[  286.310370][ T5296]  new_slab+0x23d/0x330
[  286.311572][ T5296]  ___slab_alloc+0xc5d/0x1720
[  286.312914][ T5296]  __slab_alloc.constprop.0+0x56/0xb0
[  286.314459][ T5296]  __kmalloc_noprof+0x2ec/0x510
[  286.315860][ T5296]  ops_init+0x77/0x5f0
[  286.317005][ T5296]  register_pernet_operations+0x3a1/0x6f0
[  286.318629][ T5296]  register_pernet_device+0x29/0x80
[  286.320143][ T5296]  ipgre_init+0x46/0x1a0
[  286.321547][ T5296]  do_one_initcall+0x128/0x700
[  286.322905][ T5296]  kernel_init_freeable+0x5c7/0x900
[  286.324552][ T5296]  kernel_init+0x1c/0x2b0
[  286.325887][ T5296]  ret_from_fork+0x45/0x80
[  286.327185][ T5296] page last free pid 1 tgid 1 stack trace:
[  286.328852][ T5296]  free_frozen_pages+0x6db/0xfb0
[  286.330423][ T5296]  qlist_free_all+0x4e/0x120
[  286.331777][ T5296]  kasan_quarantine_reduce+0x195/0x1e0
[  286.333412][ T5296]  __kasan_slab_alloc+0x69/0x90
[  286.334816][ T5296]  __kmalloc_cache_noprof+0x243/0x410
[  286.336348][ T5296]  kobject_uevent_env+0x265/0x1870
[  286.337783][ T5296]  netdev_queue_update_kobjects+0x151/0x5b0
[  286.339448][ T5296]  netdev_register_kobject+0x28c/0x3a0
[  286.341042][ T5296]  register_netdevice+0x147b/0x1eb0
[  286.342507][ T5296]  __ip_tunnel_create+0x4aa/0x690
[  286.343957][ T5296]  ip_tunnel_init_net+0x22a/0x790
[  286.345303][ T5296]  ops_init+0x1df/0x5f0
[  286.346465][ T5296]  register_pernet_operations+0x3a1/0x6f0
[  286.348027][ T5296]  register_pernet_device+0x29/0x80
[  286.349550][ T5296]  ipip_init+0x22/0x130
[  286.350692][ T5296]  do_one_initcall+0x128/0x700
[  286.351994][ T5296] 
[  286.352656][ T5296] Memory state around the buggy address:
[  286.354302][ T5296]  ffff8880243a5480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.356433][ T5296]  ffff8880243a5500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.358594][ T5296] >ffff8880243a5580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.360775][ T5296]                    ^
[  286.361930][ T5296]  ffff8880243a5600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.364220][ T5296]  ffff8880243a5680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  286.366391][ T5296] ==================================================================
[  286.369317][ T5296] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  286.371364][ T5296] CPU: 0 UID: 0 PID: 5296 Comm: kworker/u33:1 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  286.374253][ T5296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.377097][ T5296] Workqueue: hci2 hci_rx_work
[  286.378413][ T5296] Call Trace:
[  286.379418][ T5296]  <TASK>
[  286.380334][ T5296]  dump_stack_lvl+0x3d/0x1f0
[  286.381702][ T5296]  panic+0x71d/0x800
[  286.382761][ T5296]  ? __pfx_panic+0x10/0x10
[  286.384021][ T5296]  ? preempt_schedule_thunk+0x1a/0x30
[  286.385442][ T5296]  ? preempt_schedule_common+0x44/0xc0
[  286.386902][ T5296]  check_panic_on_warn+0xab/0xb0
[  286.388260][ T5296]  end_report+0x117/0x180
[  286.389542][ T5296]  kasan_report+0xe9/0x110
[  286.390868][ T5296]  ? l2cap_sock_new_connection_cb+0x22a/0x240
[  286.392487][ T5296]  ? l2cap_sock_new_connection_cb+0x22a/0x240
[  286.394159][ T5296]  l2cap_sock_new_connection_cb+0x22a/0x240
[  286.395776][ T5296]  l2cap_connect_cfm+0x85f/0xf10
[  286.397150][ T5296]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  286.398640][ T5296]  ? hci_cb_lookup+0x319/0x4e0
[  286.400000][ T5296]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  286.401536][ T5296]  le_conn_complete_evt+0x168d/0x1da0
[  286.403013][ T5296]  ? __pfx_lock_release+0x10/0x10
[  286.404382][ T5296]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  286.405866][ T5296]  hci_le_conn_complete_evt+0x23c/0x370
[  286.407385][ T5296]  hci_le_meta_evt+0x2e2/0x5d0
[  286.408709][ T5296]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  286.410510][ T5296]  hci_event_packet+0x666/0x1180
[  286.411941][ T5296]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  286.413498][ T5296]  ? __pfx_hci_event_packet+0x10/0x10
[  286.415047][ T5296]  ? mark_held_locks+0x9f/0xe0
[  286.416431][ T5296]  ? kcov_remote_start+0x3cf/0x6e0
[  286.417951][ T5296]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.419633][ T5296]  hci_rx_work+0x2c5/0x16b0
[  286.420979][ T5296]  ? process_one_work+0x921/0x1ba0
[  286.422454][ T5296]  process_one_work+0x9c5/0x1ba0
[  286.423954][ T5296]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  286.425653][ T5296]  ? __pfx_process_one_work+0x10/0x10
[  286.427191][ T5296]  ? assign_work+0x1a0/0x250
[  286.428528][ T5296]  worker_thread+0x6c8/0xf00
[  286.429948][ T5296]  ? __kthread_parkme+0x148/0x220
[  286.431423][ T5296]  ? __pfx_worker_thread+0x10/0x10
[  286.432883][ T5296]  kthread+0x3af/0x750
[  286.434089][ T5296]  ? __pfx_kthread+0x10/0x10
[  286.435513][ T5296]  ? lock_acquire+0x2f/0xb0
[  286.436845][ T5296]  ? __pfx_kthread+0x10/0x10
[  286.438202][ T5296]  ret_from_fork+0x45/0x80
[  286.439469][ T5296]  ? __pfx_kthread+0x10/0x10
[  286.440799][ T5296]  ret_from_fork_asm+0x1a/0x30
[  286.442233][ T5296]  </TASK>
[  286.443653][ T5296] Kernel Offset: disabled
[  286.444897][ T5296] Rebooting in 86400 seconds..

VM DIAGNOSIS:
01:57:24  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000002f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff853e3d85 RDI=ffffffff9ab6be20 RBP=ffffffff9ab6bde0 RSP=ffffc90002ca7228
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3334323038386552
R12=0000000000000000 R13=000000000000002f R14=ffffffff9ab6bde0 R15=0000000000000000
RIP=ffffffff853e3daf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5045da4 CR3=000000006d190000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000088d28c RBX=ffff88802b537c28 RCX=ffffffff8b54f469 RDX=ffffed10056a6f86
RSI=ffffffff8bd34300 RDI=ffffffff8bd34340 RBP=0000000000000005 RSP=ffffc9000047fdf0
R8 =0000000000000001 R9 =ffffed10056a6f85 R10=ffff88802b537c2b R11=0000000000000000
R12=0000000000000001 R13=ffff88801d2dc880 R14=ffffffff90626510 R15=0000000000000000
RIP=ffffffff8b54f118 RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f41aff8 CR3=000000004a06c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=00000000000001c5 RCX=ffffffff8195b4ae RDX=fffffbfff2dd77a0
RSI=0000000000000008 RDI=ffffffff96ebbcf8 RBP=ffffc90025a877d8 RSP=ffffc90025a87690
R8 =0000000000000000 R9 =fffffbfff2dd779f R10=ffffffff96ebbcff R11=0000000000000000
R12=ffff8880233e2440 R13=0000000000000080 R14=0000000000000007 R15=1ffff92004b50eda
RIP=ffffffff8195b4ae RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000032405ffc CR3=000000004a06c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000002c72a1 RBX=0000000000000003 RCX=ffffffff8b54f469 RDX=0000000000000000
RSI=ffffffff8b6ced20 RDI=ffffffff8bd34380 RBP=ffffed1003ad5488 RSP=ffffc9000049fe08
R8 =0000000000000001 R9 =ffffed10056e6f85 R10=ffff88802b737c2b R11=0000000000000000
R12=0000000000000003 R13=ffff88801d6aa440 R14=ffffffff90626510 R15=0000000000000000
RIP=ffffffff8b55084f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055835fa52000 CR3=000000004aad0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73bcff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000