last executing test programs:

1m37.829715462s ago: executing program 3 (id=643):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8b800000, 0x0, 0xfffffffffffffe97, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x4c)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x4, 0x6, 0xa0, 0x10008, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x3, 0xc}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getrlimit(0xa, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
syz_clone(0xa8140180, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
write(r2, &(0x7f0000000040)="cb", 0xfffffdef)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)

1m36.919560175s ago: executing program 3 (id=649):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x38}, 0x1, 0x300}, 0x20044041)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv6_newrule={0x44, 0x20, 0x1, 0x0, 0x0, {0xa, 0x80, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_SRC={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @FRA_DST={0x12, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x4c}}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="280000002100010002000000000000000a00000000000001016200000c00148008"], 0x28}], 0x1}, 0x0)
sendmmsg$alg(r1, &(0x7f0000000140), 0x4924b68, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)={0x2c, 0x0, 0x101, 0x70bd2a, 0xfffffff8, {{}, {@void, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_KEYS={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4044015}, 0x80d0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$nullb(0xffffff9c, &(0x7f00000002c0), 0x88500, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x50, r4, 0x1, 0x4, 0x1, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x48c1}, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x78, r4, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9c000000}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x9}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x39, 0x10}}]}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xd}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x7f}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x20040000}, 0x20000000)

1m36.829984797s ago: executing program 3 (id=650):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, 0x0, 0x40)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

1m36.815565909s ago: executing program 3 (id=652):
r0 = socket$alg(0x26, 0x5, 0x0)
munmap(&(0x7f0000003000/0x4000)=nil, 0x4000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r2, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r3 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000003c0)="a1831c39f47a3d946469b1", 0xb}, {&(0x7f0000000240)="e9d674a2ab", 0x5}], 0x2}], 0x1, 0x2004001)
io_submit(0x0, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r3, &(0x7f0000000340), 0x41}])

1m36.719143981s ago: executing program 3 (id=653):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=' '], 0x40}}], 0x1, 0x40000)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000100))
r1 = syz_create_resource$binfmt(&(0x7f0000000400)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SSUBSCRIP(r2, 0x89e1, &(0x7f00000020c0)={'virt_wifi0\x00', 0x3, 0x7ff})
openat$binfmt(0xffffffffffffff9c, r1, 0x41, 0x1ff)
renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2145c99, 0x0)
open(&(0x7f0000000d40)='./file0\x00', 0x42c3, 0x0)

1m36.629043157s ago: executing program 3 (id=654):
syz_open_dev$tty1(0xc, 0x4, 0x1)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
rseq(&(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x1, 0x7f, 0xff, 0x40}, 0x2}, 0x20, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xc, 0x3, 0x7ffc1ffb}]})
userfaultfd(0x80000)
rseq(0xfffffffffffffffe, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x6, 0x0, 0x2, "57d4915b52cdfd4e8ea56ed6c1ca719a"})
clock_adjtime(0x0, &(0x7f0000000680)={0x19b1, 0x0, 0x0, 0x40000, 0xd6ba, 0x10001, 0xffffffffffffffff, 0x0, 0x10000, 0xe5, 0x4, 0x202, 0x8, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x4f, 0x0, 0x4, 0xe1, 0x8})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
setresgid(0x0, 0x0, 0xee01)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, &(0x7f0000000300), 0x4)
getdents(0xffffffffffffffff, &(0x7f00000004c0)=""/184, 0xb8)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000140)={'#! ', './file2'}, 0xb)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000040)={@my=0x1})
socket$vsock_stream(0x28, 0x1, 0x0)

1m21.260961083s ago: executing program 32 (id=654):
syz_open_dev$tty1(0xc, 0x4, 0x1)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
rseq(&(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x1, 0x7f, 0xff, 0x40}, 0x2}, 0x20, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xc, 0x3, 0x7ffc1ffb}]})
userfaultfd(0x80000)
rseq(0xfffffffffffffffe, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x6, 0x0, 0x2, "57d4915b52cdfd4e8ea56ed6c1ca719a"})
clock_adjtime(0x0, &(0x7f0000000680)={0x19b1, 0x0, 0x0, 0x40000, 0xd6ba, 0x10001, 0xffffffffffffffff, 0x0, 0x10000, 0xe5, 0x4, 0x202, 0x8, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x4f, 0x0, 0x4, 0xe1, 0x8})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
setresgid(0x0, 0x0, 0xee01)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, &(0x7f0000000300), 0x4)
getdents(0xffffffffffffffff, &(0x7f00000004c0)=""/184, 0xb8)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000140)={'#! ', './file2'}, 0xb)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000040)={@my=0x1})
socket$vsock_stream(0x28, 0x1, 0x0)

6.228140465s ago: executing program 2 (id=1139):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1f, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r2, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, 0x0, 0x0, 0x700, 0x0)
sendfile(r3, r2, 0x0, 0x578410eb)
r5 = socket$kcm(0x29, 0x5, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xf3e, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r7 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000a00)=@ethtool_coalesce={0xf, 0x8, 0x8, 0x8, 0x8, 0x1000, 0x8, 0x100, 0x2, 0xb2, 0xffffd496, 0x5, 0x0, 0xa, 0x8, 0x9, 0x2, 0x9, 0x2, 0x5a5, 0xd, 0x893f6a6}})
r9 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f0000000140), 0xc4fffffd)
connect$rxrpc(r2, &(0x7f00000000c0)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e21, 0x2, @mcast2, 0x3}}, 0x24)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)

5.44803647s ago: executing program 0 (id=1142):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001380)=ANY=[@ANYRES32=0x0, @ANYBLOB="640000001900010000000000000000001d0109004d00108008002100", @ANYBLOB="426a84a477201ac90f24a90000000000000008554baf00000000e2a452c739471e1c7bd4aef903f973120a8762bd011900f269ce3068ee8401e019e89cf16ed3db000000"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x804)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000), 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000480), 0x0, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0xfffffffffffffffa)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="73adf23e301e1b5fd3154d6194b5ee7bc4fb6294c296fefa93b11d00d5a4f87493761cdd5eb55f36c800ac1cceea53dfd6ed7ed09e3b465b5486653bcfc60e37c0c01dbbe10afafe75339aaa2645d8053627103222777859d55b1aea2b32c1155bf3a8ac37b0bcc6f72faae6ed5f2a106bdab78b", @ANYRES64=r6], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x100, &(0x7f00000004c0)=0xffff7ff9, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd, 0x0, 0x0, 0x3, 0x8, 0x0, {0x0, 0x0, r1}})
io_setup(0x1, &(0x7f0000000000)=<r7=>0x0)
r8 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000000300)=0x1e)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r11=>0x0})
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x54, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x54}}, 0x20000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0000002071a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010071ec7c45f2fe0000000085000000a3000000b700000000000000950001000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050505f8e6fb0fd7ddcb12b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c20500000000000000cceaede3faedc51d29a47fc8136bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b001000000a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5b787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72323cc924e627f2f4b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fda4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b9243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b0600000000000000564a2b49b745f3bf2cf7908b6d7d748308eea09fb4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7e58ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1a5e1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9cdf99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eee46eb20c20bb82aa31771cd379ec83554cea5e6539d85b980e358d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f9166965a53beb05142e1b1550a8cb7852f6750b6ec962802c0320f8059195729d60c534ee8e8ff0010067fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b9617432e251d14b283f7d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b0000000032a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002157a3609b6fd9843ee19ec647249a9375de5858818f3c2432e6ced4380217ac51a84a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205111b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e800fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd809269f816fa748b20ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f9289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f05714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc30935455f6de5b64bcdfaf8ac04ce96c421e5dbc85e168d3559ab13df98163e39e4065e65a2f43412535d6f7c09830f3a086535bd07820e690d2755768612bb7330a8b285f2584892eaff1889a61ee0c2a6d1831d41805707bb43991d40feb5dd0700000000000011b64b378ee96af15cbbc65d72ae980b6df22b5ca3ea377f36beb44b45c6f84b3f4d2c62ca91b4df16fc8cc5d18b35213e5f67ec200e768ab28feaff2195724b2965ebca822af6c0a4e598d34f9b5f1eb43de209cd5541fe72d89d5f9819c1529c242b72ccdb9541e54fcccf12457df695126458ebffaaebe98748dea4f0a0b0a1683ff327ca05070000000000000088a571761be31e4fdd530604d32149c22f81adc983adc81b335d0579f47763a97af46500c91d5b2640242661beca1b4e695f7aac5ae46a72ac99ec395bdf16e3fc75e7acbb2d10060bef6a793082f8cfd4721588787c8a8c6257a8a11d49f7f7ed9de6efb7dd8058fb0c8125ee9c1691afa39b5a70d489efcd3e95a483c59f8fa7443e795eac454a68ab647e0d5381df6528858895d57274e97046659ac9488c85e5728987fa9d43660eb28b7befbb981f8fde8754d792146e49ee14bff102540e247a8780c80e3ff0688e8cb5c500446756d0b76244766deecc69c4c3435c125f0f06c772a051b690113e59485586e0ff"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r11, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffd}, 0x10}, 0x94)
io_submit(r7, 0x1, &(0x7f0000000a40)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xfff, 0xffffffffffffffff, &(0x7f0000000300)="e83924", 0x3}])

5.058906142s ago: executing program 1 (id=1143):
r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
ioctl$EVIOCGBITSND(r0, 0x40004580, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x46, '\x00', 0x0, 0x2}, 0x94)
socket$inet_sctp(0x2, 0x1, 0x84)
openat$zero(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
r2 = gettid()
r3 = getpid()
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
move_pages(r3, 0x8, &(0x7f0000000040)=[&(0x7f0000934000/0x2000)=nil, &(0x7f0000163000/0x3000)=nil, &(0x7f000028a000/0x4000)=nil, &(0x7f000093b000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f000060a000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil], &(0x7f00000000c0)=[0x2, 0x10000], &(0x7f0000000100)=[0x0], 0x2)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x22081)
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r4, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r5, &(0x7f00000001c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x40)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
setsockopt$inet_mreq(r1, 0x0, 0x23, 0x0, 0x0)

4.508813408s ago: executing program 0 (id=1145):
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
inotify_init1(0x80000)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r7)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000200000014000180"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000100)="ab", 0x1, 0xe61e2840a154b0c0, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
socket$netlink(0x10, 0x3, 0x0)

4.219677675s ago: executing program 1 (id=1146):
r0 = socket(0x11, 0x2, 0x0)
setsockopt(r0, 0x107, 0x1, &(0x7f0000000080)="010000000000060000071a80000001cc", 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r2 = getpgid(0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x2, r2})
close_range(r1, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "014700", 0x8, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)

4.158508754s ago: executing program 1 (id=1147):
r0 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100000cb768405e0483020b990102030109021b000100000000090400000101290000090509"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x15031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000280)={{&(0x7f0000a84000/0x2000)=nil, 0x2000}, 0x1})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_LBT_MODE(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="04"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000cc0), r2)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000580), r2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0xad3394dc192dae8b, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
close(0x3)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/uevent_helper', 0x149a82, 0x0)
sendfile(r5, r5, 0x0, 0x1)
setsockopt$TIPC_IMPORTANCE(r5, 0x10f, 0x7f, &(0x7f0000000140)=0x7, 0x4)
sendmsg$NLBL_MGMT_C_VERSION(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000001c0)={0x30, r3, 0xf03, 0x70bd2d, 0xfffffffe, {}, [@NLBL_MGMT_A_DOMAIN={0x1a, 0x1, 'cpuset.effective_mems\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x2400c800}, 0x0)
r6 = syz_open_dev$audion(&(0x7f00000011c0), 0x3, 0x8c4201)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r6, 0x6612)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r6)
sendmsg$TIPC_NL_LINK_GET(r6, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x10c, r7, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x80}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xd}]}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xc8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}]}, @TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x692b}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xff}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1b1fa5de}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xc}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x401}]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000080)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), r5)
sendmsg$MPTCP_PM_CMD_REMOVE(r6, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x44, r8, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0xc, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @rand_addr=0x64010100}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x884}, 0x20000001)

3.318667605s ago: executing program 0 (id=1149):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=ANY=[@ANYBLOB="18000000680001002cbd7000fbdbdf250000010003000000a6dd3854bcc99cde1d24f545dc0bd721e55518fd8bdd9763acf6a76c5452e0d71cffaaa4dacb4a81e98d2131b8b2398fdd82154a33fca133056153ca1fb6ab926e361d84b481bebb871e8b95f85472bd9d4b46d2b096b76f0d519fb9720d791d52966fc03c535483157b0c8203d698d92e4c28d970bfb188b25a7addbe453dd8616c372e63e2373439b6ef08f3fa6ce343826a857e5a4b769638859f850b16f54f5497780bbf340a2ed47ac7983cb1167d341377"], 0x18}, 0x1, 0x0, 0x0, 0x4044}, 0x20010010)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r3, 0x2000) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r3, 0x2000)
r4 = syz_open_dev$dri(&(0x7f0000000040), 0x20000000, 0x40800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x18)
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000380)={r6, 0x0, 0x1ff, 0x0, 0x0, [], [0x9, 0x0, 0x0, 0x8], [0x3, 0x20000000, 0x100, 0xd], [0x1000010000000, 0x0, 0x7fffffffffffffff]})
ioctl$DRM_IOCTL_MODE_DIRTYFB(r3, 0xc01864b1, &(0x7f0000000380)={r6, 0x3, 0x3, 0x4, &(0x7f0000000340)=[{0x8, 0x6, 0x7, 0x8}, {0xc, 0x6, 0x3, 0x1c6}, {0x5, 0x6, 0x3, 0x1}, {0x3, 0x8, 0x0, 0x10}]})
r7 = syz_io_uring_setup(0x1c15, &(0x7f0000000240)={0x0, 0xfffffffd, 0x1, 0x0, 0x400}, &(0x7f00000001c0), &(0x7f0000000400))
io_uring_enter(r7, 0x0, 0x0, 0xd, &(0x7f0000000800), 0x18) (async)
io_uring_enter(r7, 0x0, 0x0, 0xd, &(0x7f0000000800), 0x18)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6, &(0x7f0000000040)=[0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x99, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x81, 0x8, 0x8, &(0x7f0000000200)}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x2, 0x6, &(0x7f0000000040)=[0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x99, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000180), &(0x7f00000001c0), 0x8, 0x81, 0x8, 0x8, &(0x7f0000000200)}}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="880000004a0008002d257f77b2dbdf250a000800b0573861abab21facf6f517debcb768ba3f682d222b720076e4a9fc37f1a96a0f24ee8e1f8edd400493633bcbd152c24dc8e23ec3669fc71c898880286e3f95cf978fd41bba7bb82aaa0b8e989b33dbb1180ad766612372c4a32513e4851380c8e51ee07c1caf6f0b945cf2331940c54ccfd06e1a6bc19556ef78e9d45fe3ff90a6af3a726ad4db1f5f6e0113b9a6d0781e54d066adbd57e650c796e6a7cab9268e3734c13233b0fd491b664a8f02bdcd399e5b386f6972c00"/214, @ANYRES32=r8, @ANYBLOB="00000000080002000100000014000100fc020000000000000000000000000000080002000c00000014000100ff020000000000000000000000000001080002000c0000000800020004000000080002000c00000014000100fe8000000000000000000000000000aa0800020001000000"], 0x88}}, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="880000004a0008002d257f77b2dbdf250a000800b0573861abab21facf6f517debcb768ba3f682d222b720076e4a9fc37f1a96a0f24ee8e1f8edd400493633bcbd152c24dc8e23ec3669fc71c898880286e3f95cf978fd41bba7bb82aaa0b8e989b33dbb1180ad766612372c4a32513e4851380c8e51ee07c1caf6f0b945cf2331940c54ccfd06e1a6bc19556ef78e9d45fe3ff90a6af3a726ad4db1f5f6e0113b9a6d0781e54d066adbd57e650c796e6a7cab9268e3734c13233b0fd491b664a8f02bdcd399e5b386f6972c00"/214, @ANYRES32=r8, @ANYBLOB="00000000080002000100000014000100fc020000000000000000000000000000080002000c00000014000100ff020000000000000000000000000001080002000c0000000800020004000000080002000c00000014000100fe8000000000000000000000000000aa0800020001000000"], 0x88}}, 0x0)

3.318456527s ago: executing program 0 (id=1150):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x400000)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x6000, 0x0)
unlink(&(0x7f0000000040)='./file0\x00')
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x2c, 0x3f7, 0x210, 0x70bd27, 0x25dfdbfd, {0x7, 0xd, './file2', './file0/file0'}, ["", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x40001}, 0x4000080)
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x601f, 0x1)

3.228801994s ago: executing program 0 (id=1151):
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
inotify_init1(0x80000)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r7)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000200000014000180"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000100)="ab", 0x1, 0xe61e2840a154b0c0, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
socket$netlink(0x10, 0x3, 0x0)

3.218510564s ago: executing program 2 (id=1152):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x12160)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, 0x0, &(0x7f00000000c0))
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x5}, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7b}, @printk={@lld}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
sendmsg$inet_sctp(r2, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000280)={0x0, 0x6}, 0x8)

3.144875135s ago: executing program 2 (id=1153):
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1002, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0xfeff, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_FD1={0x8, 0x2, @udp6=r5}, @IFLA_GTP_FD0={0x8}]}}}]}, 0x40}, 0x1, 0xba01}, 0x0)

2.728278038s ago: executing program 1 (id=1155):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0x6}}, './file0\x00'})
ioctl$SIOCSIFHWADDR(r1, 0x8937, &(0x7f0000000000)={'vlan0\x00', @random="0100002010ff"})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) (async)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x6}}, './file0\x00'}) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8937, &(0x7f0000000000)={'vlan0\x00', @random="0100002010ff"}) (async)

2.728101543s ago: executing program 1 (id=1156):
socket(0x10, 0x3, 0xfffffffe)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(aes-fixed-time)\x00'}, 0x58)
r1 = epoll_create1(0x80000)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r2, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000240)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x7f, 0x80000001, 0x5, 0x340, 0x1, 0x80b3, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1, 0xa}, 0x50)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
sendmsg$key(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x40002000})

2.007036924s ago: executing program 2 (id=1159):
bpf$PROG_LOAD(0x4, 0x0, 0x0)
r0 = socket$kcm(0x21, 0x2, 0xa)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
setrlimit(0x6, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket(0x1d, 0x2, 0x6)
pselect6(0x40, &(0x7f00000001c0)={0xff00000000000000, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, &(0x7f0000000080))
close_range(r1, 0xffffffffffffffff, 0x0)
recvmsg(r0, 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000000, 0x12, r0, 0x41b69000)

1.7705091s ago: executing program 1 (id=1160):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1f, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@printk={@s, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r2, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000034c0), 0x0, 0x700, 0x0)
sendfile(r3, r2, 0x0, 0x578410eb)
r5 = socket$kcm(0x29, 0x5, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xf3e, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r7 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000a00)=@ethtool_coalesce={0xf, 0x8, 0x8, 0x8, 0x8, 0x1000, 0x8, 0x100, 0x2, 0xb2, 0xffffd496, 0x5, 0x0, 0xa, 0x8, 0x9, 0x2, 0x9, 0x2, 0x5a5, 0xd, 0x893f6a6}})
r9 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f0000000140), 0xc4fffffd)
connect$rxrpc(r2, &(0x7f00000000c0)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e21, 0x2, @mcast2, 0x3}}, 0x24)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)

1.682323972s ago: executing program 4 (id=1162):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = socket(0x25, 0xa, 0x0)
ioctl$SIOCSIFMTU(r2, 0x541b, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r5 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="400000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="a00001000000ebff200012800800010067747000140002800800030055000000080001"], 0x40}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
remap_file_pages(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000010, 0x5, 0x0)
setsockopt$MRT6_INIT(0xffffffffffffffff, 0x29, 0xc8, &(0x7f0000000340), 0x4)
getdents64(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x200002, 0x0)
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c0000002000010000000000000000000220000000000000000000000500150002000000080009000000000008000b0005000000080017004e214e22080001"], 0x5c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})

1.035743319s ago: executing program 2 (id=1163):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x4000010, 0xffffffffffffffff, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000480)=[{0x11, 0x0, [0xec, 0x3ff, 0x4, 0x6, 0x3, 0x2, 0x7, 0x7, 0x80, 0x101, 0x72d, 0x0, 0x3, 0x2c, 0x4, 0x3]}, {0x20, 0x0, [0x56, 0x80000001, 0x7, 0xfffffff3, 0x7ff, 0x8, 0xffffffff, 0x80000001, 0xe86c, 0x10, 0xcf2f, 0x10001, 0x4010, 0x1000, 0x80000001, 0x8]}, {0xf, 0x0, [0x5, 0x1, 0xd, 0x10001, 0xfc, 0x2, 0x4, 0x5, 0x2, 0x4, 0x2c53, 0x400, 0x5, 0xa915, 0x0, 0x3]}, {0xa, 0x0, [0x5, 0x5, 0x6, 0x8, 0x2, 0x200, 0x5, 0x9, 0x3, 0x0, 0x5, 0xe, 0x77a, 0x200, 0x3, 0x81]}, {0x2a, 0x0, [0x80000000, 0x71, 0x7, 0x2, 0xf0b, 0x80000001, 0x6574, 0x7fff, 0x0, 0x1000, 0xebb7, 0xaf, 0x1, 0x6, 0x7, 0x7]}, {0x4, 0x0, [0xfffffffa, 0xd6b, 0x6, 0x6, 0x9, 0x9, 0x5, 0x7f, 0x800, 0x3, 0x998c, 0x8, 0x8, 0x42f, 0x5, 0x72b]}, {0x9, 0x0, [0x7f, 0x80, 0x3, 0x4, 0x1, 0x716c, 0x9, 0x0, 0x2636, 0xcb8, 0x3, 0xcf5, 0x54, 0x24, 0x0, 0x3]}, {0xa, 0x0, [0x2, 0x4000000, 0x0, 0x6, 0x1, 0x80000001, 0x8, 0x0, 0x1, 0x9, 0x7fffffff, 0xbcdc, 0x7, 0xd, 0x47, 0x7a]}, {0x10, 0x0, [0x5, 0x8, 0x5, 0x4, 0x4, 0x1000, 0x9, 0x2, 0x9, 0x4, 0x8f4c, 0x4, 0x2, 0x2843129f, 0xfffffffb, 0x5]}], r3, 0x1, 0x1, 0x288}}, 0x20)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)

774.579814ms ago: executing program 0 (id=1164):
eventfd(0x7)
socket$inet6_tcp(0xa, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f000000000000000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0xffff, 0xb, 0x1, 0x1}, 0x50)
setxattr$trusted_overlay_upper(&(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040), 0x0, 0x0, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x6}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x3}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x27000000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001c000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0), 0x10}, 0x94)

751.777802ms ago: executing program 4 (id=1165):
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
ioctl$EVIOCGBITSND(r0, 0x40004580, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x46, '\x00', 0x0, 0x2}, 0x94)
socket$inet_sctp(0x2, 0x1, 0x84)
openat$zero(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
r2 = gettid()
r3 = getpid()
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
move_pages(r3, 0x8, &(0x7f0000000040)=[&(0x7f0000934000/0x2000)=nil, &(0x7f0000163000/0x3000)=nil, &(0x7f000028a000/0x4000)=nil, &(0x7f000093b000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f000060a000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil], &(0x7f00000000c0)=[0x2, 0x10000], &(0x7f0000000100)=[0x0], 0x2)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x22081)
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_ifreq(r4, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r5, &(0x7f00000001c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x40)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
setsockopt$inet_mreq(r1, 0x0, 0x23, 0x0, 0x0)

605.104954ms ago: executing program 4 (id=1166):
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
inotify_init1(0x80000)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r7)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000200000014000180"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000100)="ab", 0x1, 0xe61e2840a154b0c0, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
socket$netlink(0x10, 0x3, 0x0)

215.293444ms ago: executing program 4 (id=1167):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002)
getdents64(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x15}, @IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0xd00}]}}}]}, 0x44}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x34b, 0x1, 0x4, 0x4, r0, 0x7f, '\x00', r2, r0, 0x2, 0x5, 0x5, 0x8}, 0x50)
socket$kcm(0x21, 0x2, 0xa)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
setrlimit(0x6, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x1d, 0x2, 0x6)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

128.441608ms ago: executing program 4 (id=1168):
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
inotify_init1(0x80000)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r7)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000200000014000180"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000100)="ab", 0x1, 0xe61e2840a154b0c0, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
socket$netlink(0x10, 0x3, 0x0)

127.236782ms ago: executing program 2 (id=1169):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(r0, 0xffffffffffffff41, &(0x7f00000003c0)=0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r3 = fcntl$getown(r1, 0x9)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f00000009c0)={0x8, 0x7fff, {r0}, {<r4=>0xffffffffffffffff}, 0x5, 0x9})
read$FUSE(0xffffffffffffffff, &(0x7f0000001ac0)={0x2020, 0x0, 0x0, <r5=>0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000a00)={{{@in6=@mcast2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@initdev}, 0x0, @in=@private}}, &(0x7f00000002c0)=0xf5)
r9 = openat$sw_sync_info(0xffffff9c, &(0x7f0000000b40), 0x8a200, 0x0)
sendmmsg$unix(r2, &(0x7f0000001640)=[{{&(0x7f0000000480)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000900)=[{&(0x7f0000000500)="d77dfd7d23724178738eca17fef1e86e2a1368b761e6681e983f319867a2f6f2318ea74ea9de0437b7367e89156a009e9fb2502e34aeef0d890716f682a66a78347426acd899fb4c0653624d3e0e2d0881bbdc0609771702d48ca1a536f5e909674f7eb1b9795833266d9c8244e100d43e1410705d28406f246b6eb03f451abf91f40f57c96171a0738bb16170f5587d5096d0f6210d6dc5905e0abe5ff8b44147ff71aeda44f475354ae4f6e1af17eca4a8b888d687a20bca33115e51009c7c2056f839ea77ff8c642d9f5e4efb6bb335b92d1f030d4eadf6d63b50ea60bd979d72a2c7533d122fd6ddd8468df5c22d544d5d57ff96d16c8f211d20a7ed", 0xfe}, {&(0x7f0000000600)="541f3bd7d15e69f504c050f62c4d28887224f07d5568a42ae09e2591910620fe5931e2a85249c00fa4014c99a3e77b75dbdf2d248b26eb01b021649fd0ccb6842c194ca9ad61628a4d034af8f877fe56298d49f1c292d5ef46e315a82643de0ec106c10a6631f28f341bd3fe3d11c5ab2ead4421d549fa5a5e35873ca8e3280fc3324bf83ee04cf5e74ceec5335ddfe32ccc6d991b8fe28a6a2d67692fd6253e6a5827b2940a635a2296462b68ffc8fc66af787b869a5ae9d2d5a67aa8a37b1b5d4b0ec27a8c365875c7d11c182df65d78878e7c5250fdc1eb72aab94f70f99157662f7a7177f111b9", 0xe9}, {&(0x7f00000002c0)}, {&(0x7f0000000700)="67a5e91991d8afcd941a83de456c78031b1654075e865c1e03b632ee2a9ce0084cc02d37bda4c763503d21950f32127980442342341201cc99f27e0db93c19757d0b190de59021b3a1ab1626c74625f974625c7b2ea2118aba408e26c59ab9e858d63590a4b0824f807fda9fdf85f64e7c53a6b1bc333a0664ba5ee10691956df1777867a77285ca32c0cd8276f5304354527c5723250c0030d9e84bf13d4782da5ff166fae74c69540cddce952fac92540ad8a40695679636edb86b76963757e01a71629fca96def0fcc7cc3b157167187a1769f1d3bac0c7865519887a7ce1902bce", 0xe3}, {&(0x7f0000000800)="eab0", 0x2}, {&(0x7f0000000840)="061637d8bfeb6cd051f0eef2c389724de29f12ccc090614d883ce73607501c771e3796b199", 0x25}, {&(0x7f0000000880)="c35d864ee5187911648e5d591dacd49f2a8e00912752141484efc619015e44f917afbc312b90f09b70917ae64832ad63265083c0f7a3d543686d77d4b6e81fd26d4af7c0f89179f2a31b8a737a46d1b95b11000e", 0x54}], 0x7, 0x0, 0x0, 0x10}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000940)="62021a785341d0d0cb2cad7f", 0xc}], 0x1, &(0x7f00000016c0)=ANY=[@ANYBLOB="180000000100000002000000", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r6, @ANYBLOB="180000000100000002000000", @ANYRES32=r0, @ANYRES32=r8, @ANYRES32=0xee00, @ANYBLOB="180000000100000001000000", @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="200000000100000001000000a11fa9a316d6656374fc5a325a6c4daa9f2d430d16285ef809ee7d40bd8826b51b2398b309cc4ebbbe6937c84c9c33ee80d54964fd05d3d9688afd41e39f9c0e844558a1b64c8d85991f02b8f44c000022357306f0133e8a5f33110f1c75ca494916a36dd625b0837053ab6ead1165e34c0529354e7cee5688fa54e52b89f2a7ab98d1b5951002c44bd69819c14c62b23ff662ec732845c5a910967d08317966ab154c241002e53bd60a5a423a6e72f83d55cee0d789ce67", @ANYRES32=r9, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r1, @ANYBLOB="180000000100000002000000", @ANYRES32=r0, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0], 0xb0, 0x20044000}}, {{&(0x7f0000000e80)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000001280)=[{&(0x7f0000000f00)="0e7189729a651079410802f3ccf2eb96d9642716a67cd98282f98a7529a7777c423a1de966f2a361897bb86383d5a149f05d29e188e438f45f651684266fa9f4124fff281d1dd0a14ab7aacd6bfefa316223a06bb99a08fd673815089a14536715702eb4b97b37d6d7cd5e62e1ca8899edfb74e537a269a81051f9d448c6aafd4c268fbe6305c89008b491ea2dfd156bece82ec5c6163009bc1b469f4d3a2f425f02bff1bc473355259a2c93e52c78fc492122f874fa1b7022747902437c7a5d0ce60878ae06cac0f9d52287b2856d4ca5bd848fa79990ec5ef52b05fb82c2a1f65518", 0xe3}, {&(0x7f0000001000)="ba6eb812b8a568adbccce9bd8f2fe4b25c6db515dd30ea30779fa5cb6d3bbae66151edf0ea8f92bcb3e93bd14d9fa37334821a8b2c90c503fea6ce475c09e873a874609e2c43874c4639dea3f632df2da2c9e254b41fe98ebe6a486fa817887cc44207500cc25553ab0264fadc36c2f9a544fc7267935f7807af0968634ea887cd192c6222bbab1205aced17c5f0c61b40a5d5d955d17a10d7507ef315eac546db6d54552d688ebbe9994f8f72af396a8f977d056659a0f24414a7f6648292744156242cd8fbed4c7c8cdf99b4ad7ca814260e1c3c8c953feb4417e8abb8cbcd4c0eb04a19a34104745037", 0xeb}, {&(0x7f0000001100)="b6799875c3fcdfce10aaf9fb165b622e1ba7abd572e93307681e66879dad22ca346ef4e2ea7da8407b08c177c0d1181b08643f4ea1f6bba01d398834ecad267157ea1c48cff74c3a4a24f217c57f326fcec44fc425cdac8a3e3ad019fc9e776ce88a67d816055dd00f0fab828504d81abad4f1e978b4c3338f1283d14a455023c40b6900243511760a7f37ba74ee6c779cd273e74dff6634854b0ee014307f0aca810a5013b7d84c63238e47e70b012ce36a7d", 0xb3}, {&(0x7f00000011c0)="3cd9a71c5ac8aea7d49ecefd3a3bd36ada53d838affbe84fb890cd090cd94f27d2d1579a23a73747621d1c9b72a88f3935731041b491fc0e4d6e28b47eebf36c7e1e561dd9d8408bcee35a34765d60a91e626aec01c176c7627cb87e0aa12954e70dcc2516e5e3442028444cb067f0b98981429761c58a5d9fde1168c4197c17118e6cf4040b99e3ca8d1623d462", 0x8e}], 0x4, 0x0, 0x0, 0x80}}, {{&(0x7f00000012c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000001440)=[{&(0x7f0000000b80)="4a0fd9085eb1aeb951d3a70c00dbc76e146c6157a3f820ebcfaac57eccdc953f1533bdcc1642a7ff55e5ad6306b2289cb8800a09255d57f00ec4a332bd68728cc18d10ead0558d7379902c3884f1dd277039677d73f66aee3ffa6099a95c6debdd3de05986345f1ed5ad26676586a23857bf5c1a933f418be02c2fa6843b14f6c5867a8a734e084cb6bb31495e4a2d0f9b960ba5eab59e0bb1f5e18615eea1a8c1ff1489685953c4493ef92f2e6e57cc5576932935a2cab38d12ad1d53855150e9779be7481687a690ad8800103abddc48c6b39c86", 0xd5}], 0x1, &(0x7f0000001580)=[@cred={{0x18, 0x1, 0x2, {0x0, r8, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r9, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10, 0x1, 0x1, [r1]}}, @cred={{0x18, 0x1, 0x2, {r7, r5}}}, @rights={{0x28, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff, r1, r2, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x90, 0x2}}], 0x4, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r10 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r10)
r11 = syz_open_dev$dri(&(0x7f0000001a80), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r11, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r12=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r10, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r12, <r13=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r10, 0xc06864ce, &(0x7f00000000c0)={r13, 0x0, 0x0, 0x0, 0x0, [<r14=>0x0, 0x0, 0x0, <r15=>0x0]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r10, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x5, 0x34325258, 0x0, [r15, 0x0, 0x0, r14], [0x2b8, 0xfffffffd, 0xfffffff7], [0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x2000000000]})
mkdirat(r10, &(0x7f0000000180)='./bus\x00', 0x104)
r16 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r16, 0x3292e291)
setsockopt$SO_J1939_FILTER(r16, 0x6b, 0x1, &(0x7f0000000400)=[{0x2, 0x2, {0x0, 0xf0}, {0x0, 0xff, 0x4}, 0x7ad59ec82cffbda0, 0xfd}, {0x0, 0x3, {0x1, 0x1, 0x2}, {0x1, 0xf0, 0x4}, 0x2, 0x1}, {0x2, 0x3, {0x2, 0x1, 0x2}, {0x2, 0xf0, 0x4}, 0x2, 0xfd}, {0x1, 0x1, {0x0, 0xff, 0x4}, {0x0, 0x1, 0x2}, 0xfd}], 0x70)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r17 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r17, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)

0s ago: executing program 4 (id=1170):
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
syz_io_uring_setup(0x57a0, &(0x7f0000000080)={0x0, 0xd498, 0x8, 0x3, 0x348}, &(0x7f0000000340), &(0x7f0000000140)) (async)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) (async, rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000) (async, rerun: 32)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 32)
r1 = getpid() (rerun: 32)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async, rerun: 32)
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6) (rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
getsockopt$ARPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
setsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000380)={0x0, "f53643"}, 0x6)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) (async)
chdir(&(0x7f0000000300)='./file0\x00') (async, rerun: 32)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0) (async, rerun: 32)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x20000002) (async, rerun: 32)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0x70)
syz_open_dev$tty20(0xc, 0x4, 0x0) (async, rerun: 32)
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x2, 0x9}) (async, rerun: 32)
write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8) (async, rerun: 32)
syz_usb_connect$cdc_ncm(0x4, 0xa0, &(0x7f00000006c0)=ANY=[@ANYBLOB="12010102020000102505a1a440000102030109028e0002010600f50904000001020d0000052406000105240000040d240f01080000004e0063060806241a08001a152412bd99a317a88b045e4f01a607c0ffcb7e392a000500080d050002002401020809058103ff03dc020f0904010000020d00000904010102020d000009058202200020030709050302000000021000000000000000000000000000000000372082f4c99c9517164fdb7b62a6681ae0753096e0b0fd960116c4aab172e67dcf83c27cf48d2e0ec12b65ae68433c80d4d488e9db16ddc076bb93b204b0625a0d8557840b91ca40765f5929cbb1a6efffabf8134f7470f52db519f2ce322cb9ee9db16cee5272d75581f4f52d41123bc47995fc6eea7577c22dc193de27e655fc0ab4c5c64429de7002071e017c4c93d9cd9d2ed62f2b649d333b583dc0b4f25e860241a7b77779931f2cf2fcc3bd44297e16"], 0x0) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

kernel console output (not intermixed with test programs):


[  206.812043][ T1178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.828783][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  206.832042][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.839471][   T63] Bluetooth: hci4: command tx timeout
[  207.015004][ T8947] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  207.505547][ T3242] libceph: connect (1)[c::]:6789 error -101
[  207.758749][ T3242] libceph: mon0 (1)[c::]:6789 connect error
[  207.857660][ T8959] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  207.872862][ T8959] netlink: 16 bytes leftover after parsing attributes in process `syz.0.742'.
[  207.875767][ T8959] netlink: 16 bytes leftover after parsing attributes in process `syz.0.742'.
[  207.898513][ T8961] netlink: 12 bytes leftover after parsing attributes in process `syz.4.743'.
[  208.667804][ T8900] ceph: No mds server is up or the cluster is laggy
[  208.919561][   T63] Bluetooth: hci4: command tx timeout
[  208.928264][   T63] Bluetooth: hci1: unexpected event for opcode 0x0402
[  208.933443][ T8978] bond0: (slave bridge_slave_1): Releasing backup interface
[  208.943904][ T8978] team0: Port device vlan0 removed
[  208.953615][   T12] tipc: Resetting bearer <eth:team0>
[  208.962971][ T8978] team0: Unable to change to the same mode the team is in
[  208.967457][ T8978] team0: Port device vlan0 added
[  208.971541][ T8978] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  209.254456][ T8985] IPVS: set_ctl: invalid protocol: 103 172.30.0.1:20004
[  209.257223][ T8985] netlink: 12 bytes leftover after parsing attributes in process `syz.0.751'.
[  209.914956][ T6060] libceph: connect (1)[c::]:6789 error -101
[  209.919563][ T6060] libceph: mon0 (1)[c::]:6789 connect error
[  209.963706][ T9001] futex_wake_op: syz.4.753 tries to shift op by -1; fix this program
[  210.167787][ T9006] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  210.234671][ T9008] netlink: 16 bytes leftover after parsing attributes in process `syz.1.755'.
[  210.237864][ T9008] netlink: 16 bytes leftover after parsing attributes in process `syz.1.755'.
[  210.246329][ T6060] libceph: connect (1)[c::]:6789 error -101
[  210.248333][ T6060] libceph: mon0 (1)[c::]:6789 connect error
[  210.500392][ T9017] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  210.905882][ T6060] libceph: connect (1)[c::]:6789 error -101
[  210.912346][ T6060] libceph: mon0 (1)[c::]:6789 connect error
[  210.999551][   T63] Bluetooth: hci4: command tx timeout
[  211.078113][   T63] Bluetooth: hci2: unexpected event for opcode 0x0402
[  211.095214][ T9019] team0: Port device vlan0 removed
[  211.101549][   T61] tipc: Resetting bearer <eth:team0>
[  211.136214][ T9019] team0: Unable to change to the same mode the team is in
[  211.146022][ T9019] team0: Port device vlan0 added
[  211.156312][ T9019] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  211.559745][ T6152] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  211.711109][ T6152] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  211.714741][ T6152] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  211.718948][ T6152] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  211.723266][ T6152] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  211.727738][ T6152] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  211.735611][ T6152] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  211.739778][ T6152] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  211.743421][ T6152] usb 7-1: Product: syz
[  211.745353][ T6152] usb 7-1: Manufacturer: syz
[  211.753215][ T6152] cdc_wdm 7-1:1.0: skipping garbage
[  211.755433][ T6152] cdc_wdm 7-1:1.0: skipping garbage
[  211.762093][ T6152] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  211.764624][ T6152] cdc_wdm 7-1:1.0: Unknown control protocol
[  211.956863][ T6039] usb 7-1: USB disconnect, device number 5
[  212.443443][   T53] libceph: connect (1)[c::]:6789 error -101
[  212.445573][   T53] libceph: mon0 (1)[c::]:6789 connect error
[  212.609477][ T6039] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  212.674495][ T8998] ceph: No mds server is up or the cluster is laggy
[  212.778495][ T6039] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  212.783183][ T6039] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  212.787861][ T6039] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  212.792196][ T6039] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  212.797441][ T6039] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  212.819083][ T6039] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  212.824746][ T6039] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  212.829058][ T6039] usb 7-1: Product: syz
[  212.831519][ T6039] usb 7-1: Manufacturer: syz
[  212.900829][ T6039] cdc_wdm 7-1:1.0: skipping garbage
[  212.903195][ T6039] cdc_wdm 7-1:1.0: skipping garbage
[  212.925284][ T6039] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  212.930490][ T6039] cdc_wdm 7-1:1.0: Unknown control protocol
[  213.112808][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.115163][    C2] cdc_wdm 7-1:1.0: Cannot schedule work
[  213.117277][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.119655][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.121983][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.124078][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.126012][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.127976][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.129939][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.131894][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.134091][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.136075][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.138008][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.140035][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.142020][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.143980][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.145937][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.147986][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.149985][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.152025][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.154052][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.156628][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.159547][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.162066][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.164116][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.166101][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.168109][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.170073][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.172044][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.174019][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.176052][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.178041][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.180029][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.181970][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.183937][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.185881][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.187964][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.189906][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.191854][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.193797][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.195791][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.197777][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.199807][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.201836][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.203898][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.206026][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.208094][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.210187][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.212178][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.214120][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.216111][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.218576][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.220777][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.222854][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.224829][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.226916][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.229085][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.231668][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.234500][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.237088][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.239332][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.241288][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.243258][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.245217][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.247313][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.249400][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.251519][    C2] cdc_wdm 7-1:1.0: Stall on int endpoint
[  213.270659][ T6039] usb 7-1: USB disconnect, device number 6
[  213.303581][   T40] audit: type=1326 audit(1756398431.392:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9020 comm="syz.2.760" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x0
[  213.436840][   T63] Bluetooth: hci1: unexpected event for opcode 0x0402
[  213.449191][ T9049] team0: Port device vlan0 removed
[  213.453697][   T12] tipc: Resetting bearer <eth:team0>
[  213.464907][ T9049] team0: Unable to change to the same mode the team is in
[  213.475148][ T9049] team0: Port device vlan0 added
[  213.480007][ T9049] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  213.903511][ T9066] netlink: 4 bytes leftover after parsing attributes in process `syz.1.771'.
[  213.908702][ T9066] netlink: 104 bytes leftover after parsing attributes in process `syz.1.771'.
[  213.913154][ T9066] netlink: 104 bytes leftover after parsing attributes in process `syz.1.771'.
[  214.240268][ T9082] hugetlbfs: Bad value 'k' for mount option 'size'
[  214.240268][ T9082] 
[  214.979430][ T9085] support for the xor transformation has been removed.
[  215.526902][   T40] audit: type=1400 audit(1756398433.612:1593): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=9093 comm="syz.2.777"
[  216.216672][   T53] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  216.693245][   T53] usb 9-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  216.696269][   T53] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.698880][   T53] usb 9-1: Product: syz
[  216.701179][   T53] usb 9-1: Manufacturer: syz
[  216.717105][   T53] usb 9-1: SerialNumber: syz
[  216.794687][   T53] usb 9-1: config 0 descriptor??
[  217.012197][ T9096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.778'.
[  217.024919][   T53] cx82310_eth 9-1:0.0: probe with driver cx82310_eth failed with error -22
[  217.038000][   T53] cxacru 9-1:0.0: usbatm_usb_probe: bind failed: -19!
[  217.046821][   T53] usb 9-1: USB disconnect, device number 2
[  217.225670][ T9120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.783'.
[  217.581747][ T9128] FAULT_INJECTION: forcing a failure.
[  217.581747][ T9128] name failslab, interval 1, probability 0, space 0, times 0
[  217.587616][ T9128] CPU: 2 UID: 0 PID: 9128 Comm: syz.4.784 Not tainted syzkaller #0 PREEMPT(full) 
[  217.587639][ T9128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.587650][ T9128] Call Trace:
[  217.587656][ T9128]  <TASK>
[  217.587663][ T9128]  dump_stack_lvl+0x16c/0x1f0
[  217.587696][ T9128]  should_fail_ex+0x512/0x640
[  217.587719][ T9128]  ? __kmalloc_noprof+0xbf/0x510
[  217.587742][ T9128]  ? constrain_params_by_rules+0x175/0xca0
[  217.587759][ T9128]  should_failslab+0xc2/0x120
[  217.587781][ T9128]  __kmalloc_noprof+0xd2/0x510
[  217.587800][ T9128]  ? kasan_quarantine_put+0x10a/0x240
[  217.587818][ T9128]  ? lockdep_hardirqs_on+0x7c/0x110
[  217.587845][ T9128]  constrain_params_by_rules+0x175/0xca0
[  217.587863][ T9128]  ? constrain_params_by_rules+0xa09/0xca0
[  217.587883][ T9128]  ? constrain_params_by_rules+0xa0e/0xca0
[  217.587902][ T9128]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  217.587924][ T9128]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  217.587957][ T9128]  snd_pcm_hw_refine+0x7de/0xad0
[  217.587980][ T9128]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  217.588001][ T9128]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  217.588023][ T9128]  ? snd_pcm_hw_param_value+0x266/0x5b0
[  217.588052][ T9128]  snd_pcm_hw_param_first+0x334/0x6f0
[  217.588069][ T9128]  ? trace_hw_mask_param+0x18b/0x200
[  217.588097][ T9128]  snd_pcm_hw_params+0x5eb/0x1ba0
[  217.588119][ T9128]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  217.588138][ T9128]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  217.588159][ T9128]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  217.588175][ T9128]  ? __asan_memset+0x23/0x50
[  217.588195][ T9128]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  217.588217][ T9128]  snd_pcm_oss_change_params_locked+0x1432/0x3a30
[  217.588247][ T9128]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  217.588280][ T9128]  ? get_pid_task+0xfc/0x250
[  217.588308][ T9128]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  217.588328][ T9128]  snd_pcm_oss_read+0x39b/0x760
[  217.588347][ T9128]  ? security_file_permission+0x71/0x210
[  217.588373][ T9128]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  217.588392][ T9128]  vfs_read+0x1e4/0xcf0
[  217.588418][ T9128]  ? __pfx_vfs_read+0x10/0x10
[  217.588435][ T9128]  ? find_held_lock+0x2b/0x80
[  217.588454][ T9128]  ? __fget_files+0x204/0x3c0
[  217.588478][ T9128]  ? __fget_files+0x20e/0x3c0
[  217.588494][ T9128]  ? handle_mm_fault+0x200/0xd10
[  217.588519][ T9128]  ksys_read+0x12a/0x250
[  217.588539][ T9128]  ? __pfx_ksys_read+0x10/0x10
[  217.588559][ T9128]  ? rcu_is_watching+0x12/0xc0
[  217.588582][ T9128]  __do_fast_syscall_32+0x7c/0x3a0
[  217.588605][ T9128]  do_fast_syscall_32+0x32/0x80
[  217.588658][ T9128]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  217.588685][ T9128] RIP: 0023:0xf702e579
[  217.588699][ T9128] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  217.588716][ T9128] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  217.588733][ T9128] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  217.588744][ T9128] RDX: 00000000000000db RSI: 0000000000000000 RDI: 0000000000000000
[  217.588754][ T9128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  217.588764][ T9128] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  217.588773][ T9128] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  217.588796][ T9128]  </TASK>
[  217.838323][ T9140] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  217.922663][ T9140] netlink: 16 bytes leftover after parsing attributes in process `syz.2.785'.
[  217.925450][ T9140] netlink: 16 bytes leftover after parsing attributes in process `syz.2.785'.
[  219.653556][ T9177] netlink: 8 bytes leftover after parsing attributes in process `syz.4.793'.
[  219.792316][ T9182] FAULT_INJECTION: forcing a failure.
[  219.792316][ T9182] name failslab, interval 1, probability 0, space 0, times 0
[  219.808371][ T9182] CPU: 1 UID: 0 PID: 9182 Comm: syz.2.795 Not tainted syzkaller #0 PREEMPT(full) 
[  219.808407][ T9182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  219.808416][ T9182] Call Trace:
[  219.808423][ T9182]  <TASK>
[  219.808431][ T9182]  dump_stack_lvl+0x16c/0x1f0
[  219.808459][ T9182]  should_fail_ex+0x512/0x640
[  219.808485][ T9182]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  219.808510][ T9182]  should_failslab+0xc2/0x120
[  219.808535][ T9182]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  219.808555][ T9182]  ? copy_process+0x4b6/0x7690
[  219.808580][ T9182]  copy_process+0x4b6/0x7690
[  219.808611][ T9182]  ? __pfx_copy_process+0x10/0x10
[  219.808644][ T9182]  kernel_clone+0xfc/0x930
[  219.808666][ T9182]  ? __pfx_kernel_clone+0x10/0x10
[  219.808691][ T9182]  ? css_rstat_updated+0x1c2/0x510
[  219.808709][ T9182]  ? __pfx_vfs_write+0x10/0x10
[  219.808731][ T9182]  __do_compat_sys_ia32_clone+0xcb/0x110
[  219.808754][ T9182]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  219.808772][ T9182]  ? find_held_lock+0x2b/0x80
[  219.808789][ T9182]  ? ksys_write+0x1ac/0x250
[  219.808801][ T9182]  ? __pfx_ksys_write+0x10/0x10
[  219.808815][ T9182]  ? rcu_is_watching+0x12/0xc0
[  219.808828][ T9182]  __do_fast_syscall_32+0x7c/0x3a0
[  219.808845][ T9182]  do_fast_syscall_32+0x32/0x80
[  219.808861][ T9182]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  219.808874][ T9182] RIP: 0023:0xf7f22579
[  219.808884][ T9182] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  219.808895][ T9182] RSP: 002b:00000000f544650c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  219.808907][ T9182] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  219.808914][ T9182] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  219.808920][ T9182] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  219.808926][ T9182] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  219.808932][ T9182] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  219.808945][ T9182]  </TASK>
[  219.981232][ T9191] Device name cannot be null; rc = [-22]
[  220.122897][ T9201] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  221.109395][ T9201] netlink: 16 bytes leftover after parsing attributes in process `syz.0.801'.
[  221.127944][ T9201] netlink: 16 bytes leftover after parsing attributes in process `syz.0.801'.
[  221.189736][ T9215] binder: 9213:9215 ioctl c0306201 0 returned -14
[  221.194227][ T9215] hsr0: entered promiscuous mode
[  221.255441][ T9221] netlink: 4 bytes leftover after parsing attributes in process `syz.2.805'.
[  221.260846][ T9221] hsr_slave_0: left promiscuous mode
[  221.265594][ T9221] hsr_slave_1: left promiscuous mode
[  221.347397][ T9221] hsr0 (unregistering): left promiscuous mode
[  221.351350][ T9226] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  221.354182][ T9226] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  221.357849][ T9226] vhci_hcd vhci_hcd.0: Device attached
[  221.392487][ T9228] vhci_hcd: connection closed
[  221.393848][   T13] vhci_hcd: stop threads
[  221.398412][   T13] vhci_hcd: release socket
[  221.401927][   T13] vhci_hcd: disconnect device
[  221.593100][ T9231] netlink: 12 bytes leftover after parsing attributes in process `syz.0.808'.
[  221.827038][ T9234] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  221.829864][ T9234] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  221.835720][ T9234] vhci_hcd vhci_hcd.0: Device attached
[  221.883198][ T9235] kvm: kvm [9233]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0xa00000000ff
[  221.902365][ T9235] kvm: kvm [9233]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0x4c00000000ff
[  221.940899][ T9235] kvm: kvm [9233]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0x8e00000000ff
[  222.015164][ T9235] kvm: kvm [9233]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0xd400000000ff
[  222.179711][   T53] usb 38-1: SetAddress Request (2) to port 0
[  222.183524][   T53] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[  222.561732][ T9236] vhci_hcd: connection reset by peer
[  222.564127][ T1174] vhci_hcd: stop threads
[  222.565717][ T1174] vhci_hcd: release socket
[  222.567439][ T1174] vhci_hcd: disconnect device
[  222.781798][ T9251] netlink: 4 bytes leftover after parsing attributes in process `syz.1.812'.
[  223.154376][ T9254] FAULT_INJECTION: forcing a failure.
[  223.154376][ T9254] name failslab, interval 1, probability 0, space 0, times 0
[  223.158487][ T9254] CPU: 0 UID: 0 PID: 9254 Comm: syz.2.813 Not tainted syzkaller #0 PREEMPT(full) 
[  223.158501][ T9254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  223.158519][ T9254] Call Trace:
[  223.158524][ T9254]  <TASK>
[  223.158539][ T9254]  dump_stack_lvl+0x16c/0x1f0
[  223.158558][ T9254]  should_fail_ex+0x512/0x640
[  223.158573][ T9254]  ? fs_reclaim_acquire+0xae/0x150
[  223.158590][ T9254]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  223.158605][ T9254]  should_failslab+0xc2/0x120
[  223.158619][ T9254]  __kmalloc_noprof+0xd2/0x510
[  223.158635][ T9254]  tomoyo_realpath_from_path+0xc2/0x6e0
[  223.158651][ T9254]  ? tomoyo_profile+0x47/0x60
[  223.158662][ T9254]  tomoyo_path_number_perm+0x245/0x580
[  223.158675][ T9254]  ? tomoyo_path_number_perm+0x237/0x580
[  223.158689][ T9254]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  223.158715][ T9254]  ? find_held_lock+0x2b/0x80
[  223.158726][ T9254]  ? hook_file_ioctl_common+0x145/0x410
[  223.158743][ T9254]  ? __fget_files+0x20e/0x3c0
[  223.158757][ T9254]  security_file_ioctl_compat+0x9b/0x240
[  223.158773][ T9254]  __ia32_compat_sys_ioctl+0xc3/0x370
[  223.158792][ T9254]  __do_fast_syscall_32+0x7c/0x3a0
[  223.158808][ T9254]  do_fast_syscall_32+0x32/0x80
[  223.158822][ T9254]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  223.158836][ T9254] RIP: 0023:0xf7f22579
[  223.158845][ T9254] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  223.158855][ T9254] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  223.158865][ T9254] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  223.158872][ T9254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  223.158878][ T9254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  223.158884][ T9254] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  223.158890][ T9254] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.158902][ T9254]  </TASK>
[  223.158963][ T9254] ERROR: Out of memory at tomoyo_realpath_from_path.
[  223.265234][ T9254] kvm: kvm [9253]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0xa00000000ff
[  223.282172][ T9254] kvm: kvm [9253]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0x4c00000000ff
[  223.310430][ T9254] kvm: kvm [9253]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0x8e00000000ff
[  223.364128][ T9254] kvm: kvm [9253]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0xd400000000ff
[  223.466360][ T9258] netlink: 56 bytes leftover after parsing attributes in process `syz.1.814'.
[  223.470696][ T9258] netlink: 8 bytes leftover after parsing attributes in process `syz.1.814'.
[  223.594776][   T34] IPVS: starting estimator thread 0...
[  223.636891][ T9269] netlink: 148 bytes leftover after parsing attributes in process `syz.4.817'.
[  223.660712][ T9270] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  223.691657][ T9267] IPVS: using max 43 ests per chain, 103200 per kthread
[  223.692769][    T9] libceph: connect (1)[c::]:6789 error -101
[  223.697133][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  223.732894][ T9276] netlink: 28 bytes leftover after parsing attributes in process `syz.2.819'.
[  223.959719][    T9] libceph: connect (1)[c::]:6789 error -101
[  223.963015][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  224.470107][    T9] libceph: connect (1)[c::]:6789 error -101
[  224.474468][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  224.507656][ T9272] ceph: No mds server is up or the cluster is laggy
[  224.526473][ T9289] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  224.550442][ T9291] random: crng reseeded on system resumption
[  224.581147][ T9293] random: crng reseeded on system resumption
[  224.586314][ T9293] FAULT_INJECTION: forcing a failure.
[  224.586314][ T9293] name failslab, interval 1, probability 0, space 0, times 0
[  224.590831][ T9293] CPU: 3 UID: 0 PID: 9293 Comm: syz.4.824 Not tainted syzkaller #0 PREEMPT(full) 
[  224.590850][ T9293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  224.590858][ T9293] Call Trace:
[  224.590862][ T9293]  <TASK>
[  224.590866][ T9293]  dump_stack_lvl+0x16c/0x1f0
[  224.590906][ T9293]  should_fail_ex+0x512/0x640
[  224.590928][ T9293]  ? fs_reclaim_acquire+0xae/0x150
[  224.590945][ T9293]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  224.590960][ T9293]  should_failslab+0xc2/0x120
[  224.590975][ T9293]  __kmalloc_noprof+0xd2/0x510
[  224.590991][ T9293]  tomoyo_realpath_from_path+0xc2/0x6e0
[  224.591008][ T9293]  ? tomoyo_profile+0x47/0x60
[  224.591019][ T9293]  tomoyo_path_number_perm+0x245/0x580
[  224.591031][ T9293]  ? tomoyo_path_number_perm+0x237/0x580
[  224.591045][ T9293]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  224.591071][ T9293]  ? find_held_lock+0x2b/0x80
[  224.591082][ T9293]  ? hook_file_ioctl_common+0x145/0x410
[  224.591099][ T9293]  ? __fget_files+0x20e/0x3c0
[  224.591113][ T9293]  security_file_ioctl_compat+0x9b/0x240
[  224.591140][ T9293]  __ia32_compat_sys_ioctl+0xc3/0x370
[  224.591159][ T9293]  __do_fast_syscall_32+0x7c/0x3a0
[  224.591175][ T9293]  do_fast_syscall_32+0x32/0x80
[  224.591189][ T9293]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  224.591203][ T9293] RIP: 0023:0xf702e579
[  224.591211][ T9293] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  224.591222][ T9293] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  224.591233][ T9293] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000400c330d
[  224.591240][ T9293] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  224.591246][ T9293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  224.591252][ T9293] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  224.591258][ T9293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  224.591270][ T9293]  </TASK>
[  224.591275][ T9293] ERROR: Out of memory at tomoyo_realpath_from_path.
[  224.931984][ T9306] FAULT_INJECTION: forcing a failure.
[  224.931984][ T9306] name failslab, interval 1, probability 0, space 0, times 0
[  224.936061][ T9306] CPU: 2 UID: 0 PID: 9306 Comm: syz.4.827 Not tainted syzkaller #0 PREEMPT(full) 
[  224.936085][ T9306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  224.936095][ T9306] Call Trace:
[  224.936101][ T9306]  <TASK>
[  224.936108][ T9306]  dump_stack_lvl+0x16c/0x1f0
[  224.936154][ T9306]  should_fail_ex+0x512/0x640
[  224.936178][ T9306]  ? fs_reclaim_acquire+0xae/0x150
[  224.936206][ T9306]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  224.936231][ T9306]  should_failslab+0xc2/0x120
[  224.936260][ T9306]  __kmalloc_noprof+0xd2/0x510
[  224.936287][ T9306]  tomoyo_realpath_from_path+0xc2/0x6e0
[  224.936314][ T9306]  ? tomoyo_profile+0x47/0x60
[  224.936332][ T9306]  tomoyo_path_number_perm+0x245/0x580
[  224.936353][ T9306]  ? tomoyo_path_number_perm+0x237/0x580
[  224.936375][ T9306]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  224.936423][ T9306]  ? find_held_lock+0x2b/0x80
[  224.936441][ T9306]  ? hook_file_ioctl_common+0x145/0x410
[  224.936470][ T9306]  ? __fget_files+0x20e/0x3c0
[  224.936494][ T9306]  security_file_ioctl_compat+0x9b/0x240
[  224.936518][ T9306]  __ia32_compat_sys_ioctl+0xc3/0x370
[  224.936550][ T9306]  __do_fast_syscall_32+0x7c/0x3a0
[  224.936576][ T9306]  do_fast_syscall_32+0x32/0x80
[  224.936600][ T9306]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  224.936622][ T9306] RIP: 0023:0xf702e579
[  224.936635][ T9306] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  224.936653][ T9306] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  224.936670][ T9306] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  224.936681][ T9306] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  224.936691][ T9306] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  224.936701][ T9306] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  224.936711][ T9306] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  224.936734][ T9306]  </TASK>
[  224.936783][ T9306] ERROR: Out of memory at tomoyo_realpath_from_path.
[  225.322672][ T9317] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  225.341811][ T9317] netlink: 16 bytes leftover after parsing attributes in process `syz.0.829'.
[  225.348268][ T9317] netlink: 16 bytes leftover after parsing attributes in process `syz.0.829'.
[  225.532739][ T9320] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  225.745663][ T9320] netlink: 16 bytes leftover after parsing attributes in process `syz.4.837'.
[  225.748931][ T9320] netlink: 16 bytes leftover after parsing attributes in process `syz.4.837'.
[  226.534546][ T9328] FAULT_INJECTION: forcing a failure.
[  226.534546][ T9328] name failslab, interval 1, probability 0, space 0, times 0
[  226.540470][ T9328] CPU: 3 UID: 0 PID: 9328 Comm: syz.1.832 Not tainted syzkaller #0 PREEMPT(full) 
[  226.540487][ T9328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  226.540494][ T9328] Call Trace:
[  226.540497][ T9328]  <TASK>
[  226.540502][ T9328]  dump_stack_lvl+0x16c/0x1f0
[  226.540520][ T9328]  should_fail_ex+0x512/0x640
[  226.540535][ T9328]  ? fs_reclaim_acquire+0xae/0x150
[  226.540553][ T9328]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  226.540568][ T9328]  should_failslab+0xc2/0x120
[  226.540589][ T9328]  __kmalloc_noprof+0xd2/0x510
[  226.540605][ T9328]  tomoyo_realpath_from_path+0xc2/0x6e0
[  226.540623][ T9328]  ? tomoyo_profile+0x47/0x60
[  226.540634][ T9328]  tomoyo_path_number_perm+0x245/0x580
[  226.540647][ T9328]  ? tomoyo_path_number_perm+0x237/0x580
[  226.540660][ T9328]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  226.540687][ T9328]  ? find_held_lock+0x2b/0x80
[  226.540700][ T9328]  ? hook_file_ioctl_common+0x145/0x410
[  226.540717][ T9328]  ? __fget_files+0x20e/0x3c0
[  226.540732][ T9328]  security_file_ioctl_compat+0x9b/0x240
[  226.540747][ T9328]  __ia32_compat_sys_ioctl+0xc3/0x370
[  226.540766][ T9328]  __do_fast_syscall_32+0x7c/0x3a0
[  226.540782][ T9328]  do_fast_syscall_32+0x32/0x80
[  226.540797][ T9328]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.540810][ T9328] RIP: 0023:0xf70ee579
[  226.540820][ T9328] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  226.540831][ T9328] RSP: 002b:00000000f54de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  226.540842][ T9328] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  226.540848][ T9328] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  226.540854][ T9328] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.540860][ T9328] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  226.540866][ T9328] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.540879][ T9328]  </TASK>
[  226.540883][ T9328] ERROR: Out of memory at tomoyo_realpath_from_path.
[  226.571605][ T9333] xt_time: invalid argument - start or stop time greater than 23:59:59
[  226.777606][ T9343] FAULT_INJECTION: forcing a failure.
[  226.777606][ T9343] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.782517][ T9343] CPU: 2 UID: 0 PID: 9343 Comm: syz.0.836 Not tainted syzkaller #0 PREEMPT(full) 
[  226.782541][ T9343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  226.782553][ T9343] Call Trace:
[  226.782559][ T9343]  <TASK>
[  226.782565][ T9343]  dump_stack_lvl+0x16c/0x1f0
[  226.782592][ T9343]  should_fail_ex+0x512/0x640
[  226.782620][ T9343]  _copy_from_user+0x2e/0xd0
[  226.782645][ T9343]  copy_from_sockptr_offset.constprop.0+0x136/0x170
[  226.782666][ T9343]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  226.782686][ T9343]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  226.782705][ T9343]  sk_getsockopt+0x13d/0x30a0
[  226.782721][ T9343]  ? __lock_acquire+0x62e/0x1ce0
[  226.782737][ T9343]  ? __pfx_sk_getsockopt+0x10/0x10
[  226.782757][ T9343]  ? get_pid_task+0xfc/0x250
[  226.782774][ T9343]  ? aa_sk_perm+0x2f4/0xb10
[  226.782788][ T9343]  ? __pfx_aa_sk_perm+0x10/0x10
[  226.782801][ T9343]  ? __lock_acquire+0x62e/0x1ce0
[  226.782817][ T9343]  ? aa_sock_opt_perm+0xfd/0x1c0
[  226.782829][ T9343]  do_sock_getsockopt+0x3a3/0x440
[  226.782847][ T9343]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  226.782863][ T9343]  ? __fget_files+0x204/0x3c0
[  226.782881][ T9343]  __sys_getsockopt+0x123/0x1b0
[  226.782897][ T9343]  __ia32_sys_getsockopt+0xbc/0x160
[  226.782910][ T9343]  ? lockdep_hardirqs_on+0x7c/0x110
[  226.782923][ T9343]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  226.782938][ T9343]  __do_fast_syscall_32+0x7c/0x3a0
[  226.782954][ T9343]  do_fast_syscall_32+0x32/0x80
[  226.782968][ T9343]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.782982][ T9343] RIP: 0023:0xf7f85579
[  226.782991][ T9343] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  226.783002][ T9343] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  226.783012][ T9343] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000001
[  226.783019][ T9343] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000080000080
[  226.783025][ T9343] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.783031][ T9343] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  226.783037][ T9343] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.783049][ T9343]  </TASK>
[  226.874697][ T9334] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  227.032565][ T9334] netlink: 16 bytes leftover after parsing attributes in process `syz.2.831'.
[  227.037744][ T9334] netlink: 16 bytes leftover after parsing attributes in process `syz.2.831'.
[  227.152557][   T34] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  227.271935][ T9353] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  227.276509][   T53] usb 38-1: device descriptor read/8, error -110
[  227.323466][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.329474][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.340829][   T34] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  227.349720][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.360114][   T34] usb 5-1: config 0 descriptor??
[  227.601140][   T34] usbhid 5-1:0.0: can't add hid device: -71
[  227.603556][   T34] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  227.608313][   T34] usb 5-1: USB disconnect, device number 3
[  227.670198][   T53] usb usb38-port1: attempt power cycle
[  227.908572][ T9357] kvm: kvm [9356]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0xa0000000051
[  227.931598][ T9357] kvm: kvm [9356]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0x4c0000000072
[  227.967803][ T9357] kvm: kvm [9356]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0x8e00000000b3
[  228.031695][ T9357] kvm: kvm [9356]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0xd4000000012f
[  228.205071][ T9363] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  228.230941][   T53] usb usb38-port1: unable to enumerate USB device
[  228.288514][ T9366] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  228.333468][ T9363] netlink: 16 bytes leftover after parsing attributes in process `syz.4.842'.
[  228.337379][ T9363] netlink: 16 bytes leftover after parsing attributes in process `syz.4.842'.
[  228.410450][ T9366] netlink: 16 bytes leftover after parsing attributes in process `syz.0.843'.
[  228.414869][ T9366] netlink: 16 bytes leftover after parsing attributes in process `syz.0.843'.
[  228.496300][ T9369] kvm: kvm [9368]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0xa0000000051
[  228.522064][ T9369] kvm: kvm [9368]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0x4c0000000072
[  228.567932][ T9369] kvm: kvm [9368]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0x8e00000000b3
[  228.640781][ T9369] kvm: kvm [9368]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0xc2) = 0xd4000000012f
[  228.841091][  T226] tipc: Resetting bearer <eth:team0>
[  229.229823][ T9385] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  229.805117][ T9396] bridge0: entered allmulticast mode
[  229.807592][ T9397] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  229.808012][ T9396] FAULT_INJECTION: forcing a failure.
[  229.808012][ T9396] name failslab, interval 1, probability 0, space 0, times 0
[  229.818519][ T9396] CPU: 0 UID: 0 PID: 9396 Comm: syz.0.851 Not tainted syzkaller #0 PREEMPT(full) 
[  229.818536][ T9396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.818543][ T9396] Call Trace:
[  229.818548][ T9396]  <TASK>
[  229.818552][ T9396]  dump_stack_lvl+0x16c/0x1f0
[  229.818593][ T9396]  should_fail_ex+0x512/0x640
[  229.818614][ T9396]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  229.818629][ T9396]  should_failslab+0xc2/0x120
[  229.818643][ T9396]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  229.818656][ T9396]  ? find_held_lock+0x2b/0x80
[  229.818666][ T9396]  ? __alloc_skb+0x2b2/0x380
[  229.818681][ T9396]  __alloc_skb+0x2b2/0x380
[  229.818694][ T9396]  ? __pfx___alloc_skb+0x10/0x10
[  229.818708][ T9396]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  229.818726][ T9396]  netlink_alloc_large_skb+0x69/0x130
[  229.818743][ T9396]  netlink_sendmsg+0x6a1/0xdd0
[  229.818759][ T9396]  ? __pfx_netlink_sendmsg+0x10/0x10
[  229.818775][ T9396]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  229.818789][ T9396]  sock_write_iter+0x4ff/0x5b0
[  229.818800][ T9396]  ? __pfx_sock_write_iter+0x10/0x10
[  229.818815][ T9396]  ? bpf_lsm_file_permission+0x9/0x10
[  229.818831][ T9396]  ? security_file_permission+0x71/0x210
[  229.818846][ T9396]  ? rw_verify_area+0xcf/0x6c0
[  229.818858][ T9396]  vfs_write+0x7d0/0x11d0
[  229.818871][ T9396]  ? __pfx_sock_write_iter+0x10/0x10
[  229.818882][ T9396]  ? __pfx_vfs_write+0x10/0x10
[  229.818893][ T9396]  ? find_held_lock+0x2b/0x80
[  229.818911][ T9396]  ksys_write+0x1f8/0x250
[  229.818922][ T9396]  ? __pfx_ksys_write+0x10/0x10
[  229.818936][ T9396]  ? rcu_is_watching+0x12/0xc0
[  229.818948][ T9396]  __do_fast_syscall_32+0x7c/0x3a0
[  229.818964][ T9396]  do_fast_syscall_32+0x32/0x80
[  229.818979][ T9396]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  229.818992][ T9396] RIP: 0023:0xf7f85579
[  229.819001][ T9396] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  229.819012][ T9396] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  229.819027][ T9396] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  229.819034][ T9396] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000000
[  229.819040][ T9396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.819046][ T9396] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.819052][ T9396] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.819064][ T9396]  </TASK>
[  230.243445][ T9406] FAULT_INJECTION: forcing a failure.
[  230.243445][ T9406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.252645][ T9406] CPU: 1 UID: 0 PID: 9406 Comm: syz.1.854 Not tainted syzkaller #0 PREEMPT(full) 
[  230.252672][ T9406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  230.252679][ T9406] Call Trace:
[  230.252684][ T9406]  <TASK>
[  230.252688][ T9406]  dump_stack_lvl+0x16c/0x1f0
[  230.252707][ T9406]  should_fail_ex+0x512/0x640
[  230.252725][ T9406]  _copy_from_user+0x2e/0xd0
[  230.252743][ T9406]  copy_from_sockptr_offset.constprop.0+0x136/0x170
[  230.252757][ T9406]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  230.252774][ T9406]  sk_setsockopt+0x162/0x3af0
[  230.252789][ T9406]  ? __pfx___might_resched+0x10/0x10
[  230.252802][ T9406]  ? __pfx_sk_setsockopt+0x10/0x10
[  230.252817][ T9406]  ? aa_sk_perm+0x2f4/0xb10
[  230.252830][ T9406]  ? ksys_write+0x190/0x250
[  230.252844][ T9406]  ? __pfx_aa_sk_perm+0x10/0x10
[  230.252859][ T9406]  ? find_held_lock+0x2b/0x80
[  230.252870][ T9406]  ? aa_sock_opt_perm+0xfd/0x1c0
[  230.252883][ T9406]  do_sock_setsockopt+0x193/0x1d0
[  230.252901][ T9406]  __sys_setsockopt+0x120/0x1a0
[  230.252917][ T9406]  __ia32_sys_setsockopt+0xbc/0x160
[  230.252929][ T9406]  ? lockdep_hardirqs_on+0x7c/0x110
[  230.252944][ T9406]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  230.252958][ T9406]  __do_fast_syscall_32+0x7c/0x3a0
[  230.252974][ T9406]  do_fast_syscall_32+0x32/0x80
[  230.252989][ T9406]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  230.253002][ T9406] RIP: 0023:0xf70ee579
[  230.253011][ T9406] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  230.253021][ T9406] RSP: 002b:00000000f549c55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  230.253031][ T9406] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000001
[  230.253038][ T9406] RDX: 000000000000001a RSI: 0000000080000140 RDI: 0000000000000008
[  230.253044][ T9406] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  230.253050][ T9406] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  230.253056][ T9406] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  230.253080][ T9406]  </TASK>
[  230.531484][ T9414] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  230.596538][ T9415] __nla_validate_parse: 1 callbacks suppressed
[  230.596554][ T9415] netlink: 16 bytes leftover after parsing attributes in process `syz.1.856'.
[  230.602205][ T9415] netlink: 16 bytes leftover after parsing attributes in process `syz.1.856'.
[  230.721591][ T9418] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  230.733950][ T9418] netlink: 16 bytes leftover after parsing attributes in process `syz.4.857'.
[  230.736983][ T9418] netlink: 16 bytes leftover after parsing attributes in process `syz.4.857'.
[  230.813627][ T9420] FAULT_INJECTION: forcing a failure.
[  230.813627][ T9420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.817685][ T9420] CPU: 3 UID: 0 PID: 9420 Comm: syz.0.858 Not tainted syzkaller #0 PREEMPT(full) 
[  230.817700][ T9420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  230.817707][ T9420] Call Trace:
[  230.817711][ T9420]  <TASK>
[  230.817715][ T9420]  dump_stack_lvl+0x16c/0x1f0
[  230.817733][ T9420]  should_fail_ex+0x512/0x640
[  230.817750][ T9420]  _copy_from_user+0x2e/0xd0
[  230.817768][ T9420]  get_compat_msghdr+0xa7/0x170
[  230.817783][ T9420]  ? __pfx_get_compat_msghdr+0x10/0x10
[  230.817801][ T9420]  ___sys_sendmsg+0x1ae/0x1d0
[  230.817817][ T9420]  ? __pfx____sys_sendmsg+0x10/0x10
[  230.817837][ T9420]  ? find_held_lock+0x2b/0x80
[  230.817856][ T9420]  __sys_sendmsg+0x16d/0x220
[  230.817870][ T9420]  ? __pfx___sys_sendmsg+0x10/0x10
[  230.817890][ T9420]  ? rcu_is_watching+0x12/0xc0
[  230.817903][ T9420]  __do_fast_syscall_32+0x7c/0x3a0
[  230.817919][ T9420]  do_fast_syscall_32+0x32/0x80
[  230.817933][ T9420]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  230.817947][ T9420] RIP: 0023:0xf7f85579
[  230.817956][ T9420] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  230.817967][ T9420] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  230.817979][ T9420] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080004bc0
[  230.817985][ T9420] RDX: 0000000004040084 RSI: 0000000000000000 RDI: 0000000000000000
[  230.817992][ T9420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  230.818018][ T9420] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  230.818028][ T9420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  230.818041][ T9420]  </TASK>
[  230.911521][ T9423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.859'.
[  230.914521][ T9423] netlink: 124 bytes leftover after parsing attributes in process `syz.0.859'.
[  230.917851][ T9423] netlink: 64 bytes leftover after parsing attributes in process `syz.0.859'.
[  230.923673][ T9423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.859'.
[  231.264876][ T9426] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  231.456893][   T40] audit: type=1326 audit(1756398449.532:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.464601][   T40] audit: type=1326 audit(1756398449.532:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.476487][   T40] audit: type=1326 audit(1756398449.532:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.476963][ T1174] Bluetooth: hci0: Frame reassembly failed (-84)
[  231.484677][   T40] audit: type=1326 audit(1756398449.532:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.494937][   T40] audit: type=1326 audit(1756398449.532:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.504013][   T40] audit: type=1326 audit(1756398449.532:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.512233][   T40] audit: type=1326 audit(1756398449.532:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.520082][   T40] audit: type=1326 audit(1756398449.532:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.527607][   T40] audit: type=1326 audit(1756398449.532:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.534086][   T40] audit: type=1326 audit(1756398449.532:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9428 comm="syz.2.861" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  231.625548][ T9426] netlink: 16 bytes leftover after parsing attributes in process `syz.0.860'.
[  231.629108][ T9426] netlink: 16 bytes leftover after parsing attributes in process `syz.0.860'.
[  232.442070][ T9438] FAULT_INJECTION: forcing a failure.
[  232.442070][ T9438] name failslab, interval 1, probability 0, space 0, times 0
[  232.447214][ T9438] CPU: 0 UID: 0 PID: 9438 Comm: syz.1.864 Not tainted syzkaller #0 PREEMPT(full) 
[  232.447231][ T9438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  232.447237][ T9438] Call Trace:
[  232.447241][ T9438]  <TASK>
[  232.447249][ T9438]  dump_stack_lvl+0x16c/0x1f0
[  232.447268][ T9438]  should_fail_ex+0x512/0x640
[  232.447283][ T9438]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  232.447298][ T9438]  should_failslab+0xc2/0x120
[  232.447313][ T9438]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  232.447326][ T9438]  ? vm_area_dup+0x27/0x8d0
[  232.447339][ T9438]  vm_area_dup+0x27/0x8d0
[  232.447350][ T9438]  __split_vma+0x18e/0x1070
[  232.447365][ T9438]  ? __pfx___split_vma+0x10/0x10
[  232.447376][ T9438]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[  232.447397][ T9438]  vms_gather_munmap_vmas+0x3b1/0x1340
[  232.447412][ T9438]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  232.447431][ T9438]  ? mas_walk+0x6f5/0x980
[  232.447447][ T9438]  __mmap_region+0x436/0x27b0
[  232.447461][ T9438]  ? __pfx___mmap_region+0x10/0x10
[  232.447473][ T9438]  ? find_held_lock+0x2b/0x80
[  232.447487][ T9438]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  232.447500][ T9438]  ? is_bpf_text_address+0x94/0x1a0
[  232.447514][ T9438]  ? kernel_text_address+0x8d/0x100
[  232.447525][ T9438]  ? __kernel_text_address+0xd/0x40
[  232.447534][ T9438]  ? unwind_get_return_address+0x59/0xa0
[  232.447546][ T9438]  ? arch_stack_walk+0xa6/0x100
[  232.447559][ T9438]  ? __lock_acquire+0x62e/0x1ce0
[  232.447574][ T9438]  ? __lock_acquire+0xb97/0x1ce0
[  232.447587][ T9438]  ? _parse_integer_limit+0x17f/0x1d0
[  232.447618][ T9438]  ? mm_get_unmapped_area+0x95/0xe0
[  232.447636][ T9438]  mmap_region+0x1ab/0x3f0
[  232.447649][ T9438]  ? __get_unmapped_area+0x267/0x440
[  232.447665][ T9438]  do_mmap+0xa3e/0x1210
[  232.447683][ T9438]  ? __pfx_do_mmap+0x10/0x10
[  232.447698][ T9438]  ? __pfx_down_write_killable+0x10/0x10
[  232.447717][ T9438]  vm_mmap_pgoff+0x29e/0x470
[  232.447735][ T9438]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  232.447749][ T9438]  ? handle_mm_fault+0x200/0xd10
[  232.447763][ T9438]  ? ksys_write+0x1ac/0x250
[  232.447777][ T9438]  ksys_mmap_pgoff+0x7d/0x5c0
[  232.447791][ T9438]  ? rcu_is_watching+0x12/0xc0
[  232.447802][ T9438]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[  232.447818][ T9438]  __do_fast_syscall_32+0x7c/0x3a0
[  232.447844][ T9438]  do_fast_syscall_32+0x32/0x80
[  232.447861][ T9438]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  232.447875][ T9438] RIP: 0023:0xf70ee579
[  232.447884][ T9438] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  232.447894][ T9438] RSP: 002b:00000000f54de55c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[  232.447905][ T9438] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000b36000
[  232.447911][ T9438] RDX: 0000000006ebbeef RSI: 0000000000008031 RDI: 00000000ffffffff
[  232.447918][ T9438] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  232.447924][ T9438] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  232.447930][ T9438] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  232.447943][ T9438]  </TASK>
[  232.640362][ T9441] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  232.662550][ T5984] Bluetooth: hci1: unexpected event for opcode 0x0402
[  232.678633][ T9443] team0: Port device vlan0 removed
[  232.684881][ T1174] tipc: Resetting bearer <eth:team0>
[  232.695801][ T9443] team0: Unable to change to the same mode the team is in
[  232.701052][ T9443] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  233.325926][ T9455] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  233.479537][   T63] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  233.795821][ T9464] futex_wake_op: syz.2.871 tries to shift op by -1; fix this program
[  233.826481][ T6152] libceph: connect (1)[c::]:6789 error -101
[  233.832953][ T6152] libceph: mon0 (1)[c::]:6789 connect error
[  234.090153][ T6152] libceph: connect (1)[c::]:6789 error -101
[  234.092142][ T6152] libceph: mon0 (1)[c::]:6789 connect error
[  234.171567][ T9467] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  234.402632][ T6152] libceph: connect (1)[c::]:6789 error -101
[  234.406448][ T6152] libceph: mon0 (1)[c::]:6789 connect error
[  234.454921][ T9481] futex_wake_op: syz.0.873 tries to shift op by -1; fix this program
[  234.599640][ T6152] libceph: connect (1)[c::]:6789 error -101
[  234.602110][ T6152] libceph: mon0 (1)[c::]:6789 connect error
[  234.659625][ T6152] libceph: connect (1)[c::]:6789 error -101
[  234.661908][ T6152] libceph: mon0 (1)[c::]:6789 connect error
[  235.178530][ T6152] libceph: connect (1)[c::]:6789 error -101
[  235.181478][ T6152] libceph: mon0 (1)[c::]:6789 connect error
[  236.013031][ T9491] FAULT_INJECTION: forcing a failure.
[  236.013031][ T9491] name failslab, interval 1, probability 0, space 0, times 0
[  236.016987][ T9491] CPU: 1 UID: 0 PID: 9491 Comm: syz.1.878 Not tainted syzkaller #0 PREEMPT(full) 
[  236.017003][ T9491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  236.017009][ T9491] Call Trace:
[  236.017014][ T9491]  <TASK>
[  236.017020][ T9491]  dump_stack_lvl+0x16c/0x1f0
[  236.017039][ T9491]  should_fail_ex+0x512/0x640
[  236.017055][ T9491]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  236.017070][ T9491]  should_failslab+0xc2/0x120
[  236.017085][ T9491]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  236.017098][ T9491]  ? sock_alloc_inode+0x25/0x1c0
[  236.017117][ T9491]  ? __pfx_sock_alloc_inode+0x10/0x10
[  236.017132][ T9491]  sock_alloc_inode+0x25/0x1c0
[  236.017147][ T9491]  alloc_inode+0x64/0x240
[  236.017168][ T9491]  sock_alloc+0x40/0x280
[  236.017183][ T9491]  do_accept+0xf7/0x530
[  236.017195][ T9491]  ? do_raw_spin_lock+0x12c/0x2b0
[  236.017212][ T9491]  ? __pfx_do_accept+0x10/0x10
[  236.017234][ T9491]  __sys_accept4+0x100/0x1c0
[  236.017246][ T9491]  ? __pfx___sys_accept4+0x10/0x10
[  236.017259][ T9491]  ? __pfx_ksys_write+0x10/0x10
[  236.017274][ T9491]  __ia32_sys_accept4+0x94/0x100
[  236.017286][ T9491]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  236.017301][ T9491]  __do_fast_syscall_32+0x7c/0x3a0
[  236.017317][ T9491]  do_fast_syscall_32+0x32/0x80
[  236.017331][ T9491]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  236.017345][ T9491] RIP: 0023:0xf70ee579
[  236.017354][ T9491] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  236.017364][ T9491] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 000000000000016c
[  236.017375][ T9491] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000080
[  236.017381][ T9491] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  236.017387][ T9491] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  236.017393][ T9491] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  236.017400][ T9491] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  236.017414][ T9491]  </TASK>
[  236.360655][ T6152] libceph: connect (1)[c::]:6789 error -101
[  236.363164][ T6152] libceph: mon0 (1)[c::]:6789 connect error
[  236.365879][ T6152] libceph: connect (1)[c::]:6789 error -101
[  236.368046][ T6152] libceph: mon0 (1)[c::]:6789 connect error
[  236.556099][ T9461] ceph: No mds server is up or the cluster is laggy
[  236.740495][ T9497] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  236.830030][ T9499] No buffer was provided with the request
[  237.045166][ T9499] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  237.047553][ T9499] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  237.050094][ T9499] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  237.052064][ T9499] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  237.053923][ T9499] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  237.057149][ T9499] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  237.213322][ T9476] ceph: No mds server is up or the cluster is laggy
[  237.226346][ T9511] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  237.394805][ T9511] __nla_validate_parse: 4 callbacks suppressed
[  237.394879][ T9511] netlink: 16 bytes leftover after parsing attributes in process `syz.1.883'.
[  237.400517][ T9511] netlink: 16 bytes leftover after parsing attributes in process `syz.1.883'.
[  237.525777][ T9515] tipc: Resetting bearer <eth:team0>
[  237.563986][ T9515] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  237.588214][ T9519] netlink: 16 bytes leftover after parsing attributes in process `syz.0.886'.
[  237.591524][ T9519] netlink: 16 bytes leftover after parsing attributes in process `syz.0.886'.
[  238.188237][ T9523] FAULT_INJECTION: forcing a failure.
[  238.188237][ T9523] name failslab, interval 1, probability 0, space 0, times 0
[  238.193889][ T9523] CPU: 2 UID: 0 PID: 9523 Comm: syz.2.887 Not tainted syzkaller #0 PREEMPT(full) 
[  238.193905][ T9523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  238.193911][ T9523] Call Trace:
[  238.193915][ T9523]  <TASK>
[  238.193920][ T9523]  dump_stack_lvl+0x16c/0x1f0
[  238.193959][ T9523]  should_fail_ex+0x512/0x640
[  238.193974][ T9523]  ? fs_reclaim_acquire+0xae/0x150
[  238.193992][ T9523]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  238.194008][ T9523]  should_failslab+0xc2/0x120
[  238.194022][ T9523]  __kmalloc_noprof+0xd2/0x510
[  238.194037][ T9523]  tomoyo_realpath_from_path+0xc2/0x6e0
[  238.194053][ T9523]  ? tomoyo_profile+0x47/0x60
[  238.194064][ T9523]  tomoyo_path_number_perm+0x245/0x580
[  238.194076][ T9523]  ? tomoyo_path_number_perm+0x237/0x580
[  238.194090][ T9523]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  238.194116][ T9523]  ? find_held_lock+0x2b/0x80
[  238.194127][ T9523]  ? hook_file_ioctl_common+0x145/0x410
[  238.194145][ T9523]  ? __fget_files+0x20e/0x3c0
[  238.194159][ T9523]  security_file_ioctl_compat+0x9b/0x240
[  238.194174][ T9523]  __ia32_compat_sys_ioctl+0xc3/0x370
[  238.194194][ T9523]  __do_fast_syscall_32+0x7c/0x3a0
[  238.194210][ T9523]  do_fast_syscall_32+0x32/0x80
[  238.194224][ T9523]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  238.194238][ T9523] RIP: 0023:0xf7f22579
[  238.194246][ T9523] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  238.194257][ T9523] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  238.194267][ T9523] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c05064a7
[  238.194274][ T9523] RDX: 0000000080000500 RSI: 0000000000000000 RDI: 0000000000000000
[  238.194280][ T9523] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  238.194286][ T9523] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  238.194292][ T9523] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  238.194304][ T9523]  </TASK>
[  238.194309][ T9523] ERROR: Out of memory at tomoyo_realpath_from_path.
[  238.227236][ T9525] netlink: 8 bytes leftover after parsing attributes in process `syz.4.889'.
[  238.326993][   T40] kauditd_printk_skb: 25 callbacks suppressed
[  238.327006][   T40] audit: type=1326 audit(1756398456.412:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.346637][   T40] audit: type=1326 audit(1756398456.412:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.354325][   T40] audit: type=1326 audit(1756398456.412:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.363606][   T40] audit: type=1326 audit(1756398456.412:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.368580][ T9534] FAULT_INJECTION: forcing a failure.
[  238.368580][ T9534] name failslab, interval 1, probability 0, space 0, times 0
[  238.372441][   T40] audit: type=1326 audit(1756398456.412:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.376062][ T9534] CPU: 0 UID: 0 PID: 9534 Comm: syz.4.893 Not tainted syzkaller #0 PREEMPT(full) 
[  238.376082][ T9534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  238.376090][ T9534] Call Trace:
[  238.376095][ T9534]  <TASK>
[  238.376101][ T9534]  dump_stack_lvl+0x16c/0x1f0
[  238.376124][ T9534]  should_fail_ex+0x512/0x640
[  238.376157][ T9534]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  238.376194][ T9534]  should_failslab+0xc2/0x120
[  238.376216][ T9534]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  238.376232][ T9534]  ? __alloc_skb+0x2b2/0x380
[  238.376252][ T9534]  __alloc_skb+0x2b2/0x380
[  238.376268][ T9534]  ? __pfx___alloc_skb+0x10/0x10
[  238.376287][ T9534]  ? find_held_lock+0x2b/0x80
[  238.376304][ T9534]  __ip6_append_data+0x2b74/0x4750
[  238.376324][ T9534]  ? __pfx_raw6_getfrag+0x10/0x10
[  238.376354][ T9534]  ? __pfx___ip6_append_data+0x10/0x10
[  238.376370][ T9534]  ? __pfx_ip6_mtu+0x10/0x10
[  238.376381][ T9534]  ? ip6_setup_cork+0xc51/0x1530
[  238.376399][ T9534]  ip6_append_data+0x1bd/0x4c0
[  238.376414][ T9534]  ? __pfx_raw6_getfrag+0x10/0x10
[  238.376430][ T9534]  rawv6_sendmsg+0x163d/0x4820
[  238.376449][ T9534]  ? aa_label_sk_perm+0x195/0x600
[  238.376470][ T9534]  ? aa_profile_af_perm+0x360/0x3a0
[  238.376488][ T9534]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  238.376527][ T9534]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  238.376541][ T9534]  ? inet_sendmsg+0x11c/0x140
[  238.376554][ T9534]  inet_sendmsg+0x11c/0x140
[  238.376568][ T9534]  sock_write_iter+0x4aa/0x5b0
[  238.376582][ T9534]  ? __pfx_sock_write_iter+0x10/0x10
[  238.376602][ T9534]  ? __lock_acquire+0x62e/0x1ce0
[  238.376621][ T9534]  do_iter_readv_writev+0x65f/0x9e0
[  238.376638][ T9534]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  238.376655][ T9534]  ? bpf_lsm_file_permission+0x9/0x10
[  238.376674][ T9534]  ? security_file_permission+0x71/0x210
[  238.376693][ T9534]  ? rw_verify_area+0xcf/0x6c0
[  238.376708][ T9534]  vfs_writev+0x35f/0xde0
[  238.376727][ T9534]  ? __pfx_vfs_writev+0x10/0x10
[  238.376741][ T9534]  ? find_held_lock+0x2b/0x80
[  238.376764][ T9534]  ? __fget_files+0x20e/0x3c0
[  238.376777][ T9534]  ? __fget_files+0x1b0/0x3c0
[  238.376794][ T9534]  ? do_writev+0x28c/0x340
[  238.376808][ T9534]  do_writev+0x28c/0x340
[  238.376821][ T9534]  ? __pfx_do_writev+0x10/0x10
[  238.376836][ T9534]  ? rcu_is_watching+0x12/0xc0
[  238.376853][ T9534]  __do_fast_syscall_32+0x7c/0x3a0
[  238.376872][ T9534]  do_fast_syscall_32+0x32/0x80
[  238.376891][ T9534]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  238.376907][ T9534] RIP: 0023:0xf702e579
[  238.376921][ T9534] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  238.376936][ T9534] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  238.376949][ T9534] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  238.376958][ T9534] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  238.376966][ T9534] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  238.376974][ T9534] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  238.376981][ T9534] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  238.376997][ T9534]  </TASK>
[  238.496624][   T40] audit: type=1326 audit(1756398456.412:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.505198][   T40] audit: type=1326 audit(1756398456.412:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.514259][   T40] audit: type=1326 audit(1756398456.412:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.522824][   T40] audit: type=1326 audit(1756398456.412:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.531355][   T40] audit: type=1326 audit(1756398456.412:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9526 comm="syz.0.890" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  238.698833][ T9542] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  239.017304][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  239.079461][   T63] Bluetooth: hci4: command 0x0c1a tx timeout
[  239.082329][ T5984] Bluetooth: hci3: command 0x0c1a tx timeout
[  239.082489][ T5335] Bluetooth: hci2: command 0x0c1a tx timeout
[  239.226248][ T9549] tipc: Resetting bearer <eth:team0>
[  239.243425][ T9549] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  239.384769][ T9549] netlink: 16 bytes leftover after parsing attributes in process `syz.0.898'.
[  239.389322][ T9549] netlink: 16 bytes leftover after parsing attributes in process `syz.0.898'.
[  239.812385][ T9561] FAULT_INJECTION: forcing a failure.
[  239.812385][ T9561] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.816424][ T9561] CPU: 2 UID: 0 PID: 9561 Comm: syz.4.903 Not tainted syzkaller #0 PREEMPT(full) 
[  239.816439][ T9561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.816446][ T9561] Call Trace:
[  239.816450][ T9561]  <TASK>
[  239.816455][ T9561]  dump_stack_lvl+0x16c/0x1f0
[  239.816479][ T9561]  should_fail_ex+0x512/0x640
[  239.816498][ T9561]  _copy_from_user+0x2e/0xd0
[  239.816515][ T9561]  get_compat_msghdr+0xa7/0x170
[  239.816530][ T9561]  ? __pfx_get_compat_msghdr+0x10/0x10
[  239.816548][ T9561]  ___sys_sendmsg+0x1ae/0x1d0
[  239.816564][ T9561]  ? __pfx____sys_sendmsg+0x10/0x10
[  239.816584][ T9561]  ? find_held_lock+0x2b/0x80
[  239.816603][ T9561]  __sys_sendmsg+0x16d/0x220
[  239.816617][ T9561]  ? __pfx___sys_sendmsg+0x10/0x10
[  239.816637][ T9561]  ? rcu_is_watching+0x12/0xc0
[  239.816650][ T9561]  __do_fast_syscall_32+0x7c/0x3a0
[  239.816666][ T9561]  do_fast_syscall_32+0x32/0x80
[  239.816681][ T9561]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  239.816694][ T9561] RIP: 0023:0xf702e579
[  239.816702][ T9561] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  239.816713][ T9561] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  239.816723][ T9561] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080003780
[  239.816730][ T9561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  239.816736][ T9561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  239.816742][ T9561] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  239.816747][ T9561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  239.816760][ T9561]  </TASK>
[  239.872465][    C2] vkms_vblank_simulate: vblank timer overrun
[  239.951979][ T9569] FAULT_INJECTION: forcing a failure.
[  239.951979][ T9569] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.956067][ T9569] CPU: 2 UID: 0 PID: 9569 Comm: syz.1.912 Not tainted syzkaller #0 PREEMPT(full) 
[  239.956082][ T9569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.956089][ T9569] Call Trace:
[  239.956093][ T9569]  <TASK>
[  239.956097][ T9569]  dump_stack_lvl+0x16c/0x1f0
[  239.956115][ T9569]  should_fail_ex+0x512/0x640
[  239.956132][ T9569]  _copy_from_user+0x2e/0xd0
[  239.956150][ T9569]  get_compat_msghdr+0xa7/0x170
[  239.956164][ T9569]  ? __pfx_get_compat_msghdr+0x10/0x10
[  239.956182][ T9569]  ___sys_sendmsg+0x1ae/0x1d0
[  239.956197][ T9569]  ? __pfx____sys_sendmsg+0x10/0x10
[  239.956217][ T9569]  ? find_held_lock+0x2b/0x80
[  239.956236][ T9569]  __sys_sendmsg+0x16d/0x220
[  239.956250][ T9569]  ? __pfx___sys_sendmsg+0x10/0x10
[  239.956270][ T9569]  ? rcu_is_watching+0x12/0xc0
[  239.956283][ T9569]  __do_fast_syscall_32+0x7c/0x3a0
[  239.956299][ T9569]  do_fast_syscall_32+0x32/0x80
[  239.956313][ T9569]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  239.956327][ T9569] RIP: 0023:0xf70ee579
[  239.956335][ T9569] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  239.956346][ T9569] RSP: 002b:00000000f54de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  239.956356][ T9569] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000400
[  239.956363][ T9569] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  239.956375][ T9569] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  239.956381][ T9569] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  239.956387][ T9569] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  239.956399][ T9569]  </TASK>
[  240.012668][    C2] vkms_vblank_simulate: vblank timer overrun
[  240.313602][ T9576] tipc: Resetting bearer <eth:team0>
[  240.316211][ T9576] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  240.332840][ T9577] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  240.453679][ T9578] netlink: 16 bytes leftover after parsing attributes in process `syz.1.915'.
[  240.457182][ T9578] netlink: 16 bytes leftover after parsing attributes in process `syz.1.915'.
[  240.462911][ T9579] netlink: 16 bytes leftover after parsing attributes in process `syz.2.906'.
[  241.089414][   T59] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  241.169454][ T5335] Bluetooth: hci4: command 0x0c1a tx timeout
[  241.250788][   T59] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  241.254536][   T59] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  241.258131][   T59] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  241.261733][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.270143][ T9581] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  241.276817][   T59] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  241.480437][ T9590] netlink: 'syz.4.911': attribute type 12 has an invalid length.
[  241.531967][   T59] usb 5-1: USB disconnect, device number 4
[  241.589780][ T9592] kAFS: unable to lookup cell ''
[  241.879957][ T9600] tipc: Resetting bearer <eth:team0>
[  241.884454][ T9600] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  242.430678][ T9611] __nla_validate_parse: 5 callbacks suppressed
[  242.430690][ T9611] netlink: 24 bytes leftover after parsing attributes in process `syz.0.918'.
[  242.523297][   T59] libceph: connect (1)[c::]:6789 error -101
[  242.526118][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  242.551409][ T9616] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  242.570851][ T9618] futex_wake_op: syz.1.920 tries to shift op by -1; fix this program
[  242.587518][ T9616] netlink: 16 bytes leftover after parsing attributes in process `syz.4.921'.
[  242.591302][ T9616] netlink: 16 bytes leftover after parsing attributes in process `syz.4.921'.
[  242.779882][   T59] libceph: connect (1)[c::]:6789 error -101
[  242.782224][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  243.097928][ T9635] create_pit_timer: 4 callbacks suppressed
[  243.097939][ T9635] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  243.189656][ T9646] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  243.197646][ T9646] kvm: requested 28495 ns i8254 timer period limited to 200000 ns
[  243.203028][ T9646] kvm: requested 33523 ns i8254 timer period limited to 200000 ns
[  243.210907][ T9646] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  243.214486][ T9646] kvm: requested 170133 ns i8254 timer period limited to 200000 ns
[  243.217978][ T9646] kvm: requested 2514 ns i8254 timer period limited to 200000 ns
[  243.224844][ T9646] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  243.229932][ T9646] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  243.233328][ T9646] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  243.239410][ T5335] Bluetooth: hci4: command 0x0c1a tx timeout
[  243.264440][   T29] libceph: connect (1)[c::]:6789 error -101
[  243.266977][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  243.319624][   T59] libceph: connect (1)[c::]:6789 error -101
[  243.321033][ T9653] futex_wake_op: syz.4.929 tries to shift op by -1; fix this program
[  243.321619][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  243.529788][   T29] libceph: connect (1)[c::]:6789 error -101
[  243.532605][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  244.049804][   T29] libceph: connect (1)[c::]:6789 error -101
[  244.051282][ T9656] tipc: Resetting bearer <eth:team0>
[  244.052503][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  244.057702][ T9656] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  244.101214][   T40] kauditd_printk_skb: 72 callbacks suppressed
[  244.101229][   T40] audit: type=1326 audit(1756398462.192:1711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9657 comm="syz.2.931" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  244.113083][   T40] audit: type=1326 audit(1756398462.192:1712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9657 comm="syz.2.931" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  244.118475][ T9659] FAULT_INJECTION: forcing a failure.
[  244.118475][ T9659] name failslab, interval 1, probability 0, space 0, times 0
[  244.122204][   T40] audit: type=1326 audit(1756398462.192:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9657 comm="syz.2.931" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  244.126559][ T9659] CPU: 1 UID: 0 PID: 9659 Comm: syz.2.931 Not tainted syzkaller #0 PREEMPT(full) 
[  244.126586][ T9659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.126593][ T9659] Call Trace:
[  244.126598][ T9659]  <TASK>
[  244.126602][ T9659]  dump_stack_lvl+0x16c/0x1f0
[  244.126620][ T9659]  should_fail_ex+0x512/0x640
[  244.126636][ T9659]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  244.126651][ T9659]  should_failslab+0xc2/0x120
[  244.126666][ T9659]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  244.126679][ T9659]  ? audit_log_start+0x2c5/0x7f0
[  244.126695][ T9659]  audit_log_start+0x2c5/0x7f0
[  244.126712][ T9659]  ? __pfx_audit_log_start+0x10/0x10
[  244.126727][ T9659]  ? rcu_is_watching+0x12/0xc0
[  244.126738][ T9659]  ? trace_sched_exit_tp+0xd1/0x120
[  244.126759][ T9659]  ? migrate_enable+0x1ed/0x260
[  244.126775][ T9659]  ? __pfx_migrate_enable+0x10/0x10
[  244.126796][ T9659]  audit_seccomp+0x60/0x1f0
[  244.126810][ T9659]  __seccomp_filter+0x7b6/0xea0
[  244.126823][ T9659]  ? __pfx___seccomp_filter+0x10/0x10
[  244.126834][ T9659]  ? handle_mm_fault+0x200/0xd10
[  244.126847][ T9659]  ? fput+0x9b/0xd0
[  244.126862][ T9659]  ? ksys_write+0x1ac/0x250
[  244.126876][ T9659]  __secure_computing+0x215/0x320
[  244.126889][ T9659]  syscall_trace_enter+0x89/0x240
[  244.126906][ T9659]  __do_fast_syscall_32+0x21b/0x3a0
[  244.126923][ T9659]  do_fast_syscall_32+0x32/0x80
[  244.126937][ T9659]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  244.126950][ T9659] RIP: 0023:0xf7f22579
[  244.126958][ T9659] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  244.126969][ T9659] RSP: 002b:00000000f542555c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  244.126980][ T9659] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000008
[  244.126986][ T9659] RDX: 0000000000000000 RSI: 000000000010ffff RDI: 0000000000000000
[  244.126992][ T9659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  244.126998][ T9659] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  244.127004][ T9659] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  244.127018][ T9659]  </TASK>
[  244.130558][ T9659] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  244.132173][ T9656] netlink: 16 bytes leftover after parsing attributes in process `syz.0.930'.
[  244.132191][ T9656] netlink: 16 bytes leftover after parsing attributes in process `syz.0.930'.
[  244.134228][   T40] audit: type=1326 audit(1756398462.192:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9657 comm="syz.2.931" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  244.139693][ T9659] audit: out of memory in audit_log_start
[  244.141378][   T40] audit: type=1326 audit(1756398462.192:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9657 comm="syz.2.931" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  244.250132][   T40] audit: type=1326 audit(1756398462.192:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9657 comm="syz.2.931" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  244.258559][   T40] audit: type=1326 audit(1756398462.192:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9657 comm="syz.2.931" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  244.267083][   T40] audit: type=1326 audit(1756398462.192:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9657 comm="syz.2.931" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  244.439749][ T6039] libceph: connect (1)[c::]:6789 error -101
[  244.442438][ T6039] libceph: mon0 (1)[c::]:6789 connect error
[  245.136971][ T9670] netlink: 20 bytes leftover after parsing attributes in process `syz.0.934'.
[  245.162795][ T9672] netlink: 20 bytes leftover after parsing attributes in process `syz.0.935'.
[  245.166450][ T9672] FAULT_INJECTION: forcing a failure.
[  245.166450][ T9672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.171062][ T9672] CPU: 0 UID: 0 PID: 9672 Comm: syz.0.935 Not tainted syzkaller #0 PREEMPT(full) 
[  245.171077][ T9672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  245.171084][ T9672] Call Trace:
[  245.171087][ T9672]  <TASK>
[  245.171092][ T9672]  dump_stack_lvl+0x16c/0x1f0
[  245.171109][ T9672]  should_fail_ex+0x512/0x640
[  245.171127][ T9672]  _copy_from_user+0x2e/0xd0
[  245.171144][ T9672]  get_compat_msghdr+0xa7/0x170
[  245.171158][ T9672]  ? __pfx_get_compat_msghdr+0x10/0x10
[  245.171176][ T9672]  ___sys_sendmsg+0x1ae/0x1d0
[  245.171192][ T9672]  ? __pfx____sys_sendmsg+0x10/0x10
[  245.171212][ T9672]  ? find_held_lock+0x2b/0x80
[  245.171231][ T9672]  __sys_sendmsg+0x16d/0x220
[  245.171245][ T9672]  ? __pfx___sys_sendmsg+0x10/0x10
[  245.171265][ T9672]  ? rcu_is_watching+0x12/0xc0
[  245.171278][ T9672]  __do_fast_syscall_32+0x7c/0x3a0
[  245.171293][ T9672]  do_fast_syscall_32+0x32/0x80
[  245.171308][ T9672]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  245.171321][ T9672] RIP: 0023:0xf7f85579
[  245.171329][ T9672] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  245.171340][ T9672] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  245.171350][ T9672] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  245.171357][ T9672] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  245.171363][ T9672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  245.171369][ T9672] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  245.171375][ T9672] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  245.171387][ T9672]  </TASK>
[  245.324674][ T9613] ceph: No mds server is up or the cluster is laggy
[  245.476997][ T9681] netlink: 20 bytes leftover after parsing attributes in process `syz.1.937'.
[  245.479872][   T53] libceph: connect (1)[c::]:6789 error -101
[  245.483616][   T53] libceph: mon0 (1)[c::]:6789 connect error
[  246.026280][ T9696] tipc: Resetting bearer <eth:team0>
[  246.030328][ T9696] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  246.130358][ T9698] netlink: 16 bytes leftover after parsing attributes in process `syz.2.942'.
[  246.134474][ T9698] netlink: 16 bytes leftover after parsing attributes in process `syz.2.942'.
[  246.137909][ T9650] ceph: No mds server is up or the cluster is laggy
[  246.303509][ T9709] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  246.592288][ T9715] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  247.592810][ T9735] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  247.701748][ T9735] __nla_validate_parse: 5 callbacks suppressed
[  247.701768][ T9735] netlink: 16 bytes leftover after parsing attributes in process `syz.1.951'.
[  247.707685][ T9735] netlink: 16 bytes leftover after parsing attributes in process `syz.1.951'.
[  248.223281][ T9753] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  248.410123][ T9759] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  248.428837][ T9758] netlink: 16 bytes leftover after parsing attributes in process `syz.4.961'.
[  248.432744][ T9758] netlink: 16 bytes leftover after parsing attributes in process `syz.4.961'.
[  249.301922][   T40] kauditd_printk_skb: 113 callbacks suppressed
[  249.301933][   T40] audit: type=1326 audit(1756398467.390:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.311382][   T40] audit: type=1326 audit(1756398467.390:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.318082][   T40] audit: type=1326 audit(1756398467.390:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.326345][   T40] audit: type=1326 audit(1756398467.390:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.333635][   T40] audit: type=1326 audit(1756398467.390:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.338595][ T9777] tipc: Resetting bearer <eth:team0>
[  249.341106][   T40] audit: type=1326 audit(1756398467.390:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.350194][   T40] audit: type=1326 audit(1756398467.390:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.358138][ T9777] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  249.358247][   T40] audit: type=1326 audit(1756398467.390:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.372219][   T40] audit: type=1326 audit(1756398467.390:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.378966][   T40] audit: type=1326 audit(1756398467.390:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.0.964" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000
[  249.508095][ T9782] netlink: 16 bytes leftover after parsing attributes in process `syz.2.965'.
[  249.511201][ T9782] netlink: 16 bytes leftover after parsing attributes in process `syz.2.965'.
[  249.578975][ T9791] netlink: 12 bytes leftover after parsing attributes in process `syz.1.970'.
[  249.712966][ T9796] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  249.807391][ T9796] netlink: 16 bytes leftover after parsing attributes in process `syz.1.971'.
[  249.811423][ T9796] netlink: 16 bytes leftover after parsing attributes in process `syz.1.971'.
[  250.117030][ T9801] netlink: 16 bytes leftover after parsing attributes in process `syz.0.973'.
[  250.173650][ T9803] capability: warning: `syz.0.973' uses deprecated v2 capabilities in a way that may be insecure
[  250.960460][ T9832] FAULT_INJECTION: forcing a failure.
[  250.960460][ T9832] name failslab, interval 1, probability 0, space 0, times 0
[  250.965867][ T9832] CPU: 2 UID: 0 PID: 9832 Comm: syz.0.985 Not tainted syzkaller #0 PREEMPT(full) 
[  250.965893][ T9832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  250.965904][ T9832] Call Trace:
[  250.965912][ T9832]  <TASK>
[  250.965921][ T9832]  dump_stack_lvl+0x16c/0x1f0
[  250.965950][ T9832]  should_fail_ex+0x512/0x640
[  250.965975][ T9832]  ? fs_reclaim_acquire+0xae/0x150
[  250.966003][ T9832]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  250.966026][ T9832]  should_failslab+0xc2/0x120
[  250.966050][ T9832]  __kmalloc_noprof+0xd2/0x510
[  250.966078][ T9832]  tomoyo_realpath_from_path+0xc2/0x6e0
[  250.966113][ T9832]  ? tomoyo_profile+0x47/0x60
[  250.966132][ T9832]  tomoyo_path_number_perm+0x245/0x580
[  250.966152][ T9832]  ? tomoyo_path_number_perm+0x237/0x580
[  250.966176][ T9832]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  250.966199][ T9832]  ? arch_stack_walk+0xa6/0x100
[  250.966244][ T9832]  ? __kasan_slab_free+0x60/0x70
[  250.966265][ T9832]  ? kmem_cache_free+0x2d1/0x4d0
[  250.966287][ T9832]  ? from_kuid+0x8d/0xd0
[  250.966312][ T9832]  ? __pfx_from_kuid+0x10/0x10
[  250.966343][ T9832]  tomoyo_path_chown+0x173/0x1b0
[  250.966360][ T9832]  ? __pfx_tomoyo_path_chown+0x10/0x10
[  250.966377][ T9832]  ? from_vfsuid+0xea/0x140
[  250.966402][ T9832]  ? __pfx_from_vfsuid+0x10/0x10
[  250.966430][ T9832]  security_path_chown+0x12a/0x2e0
[  250.966452][ T9832]  chown_common+0x3d3/0x680
[  250.966483][ T9832]  ? __pfx_chown_common+0x10/0x10
[  250.966508][ T9832]  ? find_held_lock+0x2b/0x80
[  250.966533][ T9832]  ? mnt_get_write_access+0x20c/0x300
[  250.966564][ T9832]  do_fchownat+0x1a7/0x200
[  250.966589][ T9832]  ? __pfx_do_fchownat+0x10/0x10
[  250.966615][ T9832]  ? __pfx_ksys_write+0x10/0x10
[  250.966640][ T9832]  __ia32_sys_lchown16+0xe6/0x120
[  250.966662][ T9832]  __do_fast_syscall_32+0x7c/0x3a0
[  250.966689][ T9832]  do_fast_syscall_32+0x32/0x80
[  250.966713][ T9832]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  250.966735][ T9832] RIP: 0023:0xf7f85579
[  250.966749][ T9832] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  250.966766][ T9832] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000010
[  250.966784][ T9832] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000000000
[  250.966795][ T9832] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  250.966805][ T9832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  250.966814][ T9832] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  250.966824][ T9832] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  250.966863][ T9832]  </TASK>
[  250.966967][ T9832] ERROR: Out of memory at tomoyo_realpath_from_path.
[  251.634718][ T9854] tipc: Resetting bearer <eth:team0>
[  251.639037][ T9854] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  252.115736][ T9865] fuse: Bad value for 'fd'
[  252.220597][ T9870] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  252.579214][ T9878] bridge_slave_0: left allmulticast mode
[  252.581163][ T9878] bridge_slave_0: left promiscuous mode
[  252.583114][ T9878] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.587801][ T9878] bridge_slave_1: left allmulticast mode
[  252.589961][ T9878] bridge_slave_1: left promiscuous mode
[  252.591826][ T9878] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.598379][ T9878] bond0: (slave bond_slave_0): Releasing backup interface
[  252.607097][ T9878] bond0: (slave bond_slave_1): Releasing backup interface
[  252.614909][ T9878] team0: Port device team_slave_0 removed
[  252.621373][ T9878] team0: Port device team_slave_1 removed
[  252.624022][ T9878] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  252.626710][ T9878] batman_adv: batadv0: Removing interface: batadv_slave_0
[  252.627206][ T9879] netlink: 'syz.4.999': attribute type 10 has an invalid length.
[  252.634004][ T9878] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  252.636851][ T9878] batman_adv: batadv0: Removing interface: batadv_slave_1
[  252.661532][ T9879] 8021q: adding VLAN 0 to HW filter on device bond0
[  252.665084][ T9879] team0: Port device bond0 added
[  252.753162][ T9878] team0 (unregistering): Port device bond0 removed
[  253.031702][ T9886] __nla_validate_parse: 4 callbacks suppressed
[  253.031714][ T9886] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1002'.
[  253.178602][ T9892] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  254.371715][ T9902] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.377504][ T9902] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  254.536301][ T9911] tipc: Resetting bearer <eth:team0>
[  254.540339][ T9911] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  254.545508][ T9913] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  254.580368][ T9912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1011'.
[  254.603891][ T9914] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  254.608046][ T9914] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  254.612000][ T9914] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[  254.691060][ T9911] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1017'.
[  254.698512][ T9911] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1017'.
[  254.724063][ T9915] tipc: Resetting bearer <eth:team0>
[  254.744550][ T9921] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1010'.
[  254.747425][ T9921] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1010'.
[  254.771964][ T9915] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  255.234090][ T9939] afs: Unknown parameter 'dyn€'
[  255.332133][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  255.397591][ T9942] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  256.851054][ T9964] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1026'.
[  256.897745][ T9964] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.074762][ T9964] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.147025][ T9964] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.225062][ T9964] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.476842][ T1174] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.528882][   T61] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.612921][ T1174] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.655535][   T61] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.833321][ T9980] tipc: Resetting bearer <eth:team0>
[  257.835749][ T9980] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  257.896500][ T9980] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1029'.
[  257.899701][ T9980] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1029'.
[  257.966862][   T40] kauditd_printk_skb: 118 callbacks suppressed
[  257.966873][   T40] audit: type=1326 audit(1756398475.051:1960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9987 comm="syz.2.1035" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f22579 code=0x0
[  257.995541][ T9990] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  258.095951][ T9992] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1032'.
[  258.100101][ T9992] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1032'.
[  258.646458][ T9996] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1034'.
[  260.411252][T10021] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1043'.
[  260.501884][T10022] tipc: Resetting bearer <eth:team0>
[  260.589899][T10022] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  260.686669][T10022] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1042'.
[  260.690122][T10022] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1042'.
[  260.822804][   T40] audit: type=1326 audit(1756398477.911:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10030 comm="syz.4.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  260.832200][   T40] audit: type=1326 audit(1756398477.911:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10030 comm="syz.4.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  260.841142][   T40] audit: type=1326 audit(1756398477.911:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10030 comm="syz.4.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  260.850282][   T40] audit: type=1326 audit(1756398477.911:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10030 comm="syz.4.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  260.859490][   T40] audit: type=1326 audit(1756398477.911:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10030 comm="syz.4.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  260.870216][   T40] audit: type=1326 audit(1756398477.911:1966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10030 comm="syz.4.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  260.878945][   T40] audit: type=1326 audit(1756398477.911:1967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10030 comm="syz.4.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf702e579 code=0x7ffc0000
[  260.887966][   T40] audit: type=1326 audit(1756398477.911:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10030 comm="syz.4.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  260.896514][   T40] audit: type=1326 audit(1756398477.911:1969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10030 comm="syz.4.1045" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  261.194788][T10035] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  261.261931][T10038] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1046'.
[  261.265504][T10038] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1046'.
[  261.694340][T10044] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  261.724386][T10044] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1048'.
[  261.728351][T10044] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1048'.
[  262.319132][ T5335] Bluetooth: hci1: unexpected event for opcode 0x0402
[  262.353515][T10061] tipc: Resetting bearer <eth:team0>
[  262.384724][T10061] team0: Unable to change to the same mode the team is in
[  262.391990][T10061] team0: Port device vlan0 added
[  263.618757][T10088] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  263.658580][T10088] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1065'.
[  263.662669][T10088] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1065'.
[  265.182552][T10100] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  265.190029][T10101] FAULT_INJECTION: forcing a failure.
[  265.190029][T10101] name failslab, interval 1, probability 0, space 0, times 0
[  265.195930][T10101] CPU: 0 UID: 0 PID: 10101 Comm: syz.2.1068 Not tainted syzkaller #0 PREEMPT(full) 
[  265.195957][T10101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  265.195968][T10101] Call Trace:
[  265.195976][T10101]  <TASK>
[  265.195984][T10101]  dump_stack_lvl+0x16c/0x1f0
[  265.196015][T10101]  should_fail_ex+0x512/0x640
[  265.196039][T10101]  ? find_held_lock+0x2b/0x80
[  265.196059][T10101]  should_failslab+0xc2/0x120
[  265.196084][T10101]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  265.196107][T10101]  ? __alloc_skb+0x2b2/0x380
[  265.196133][T10101]  __alloc_skb+0x2b2/0x380
[  265.196155][T10101]  ? __pfx___alloc_skb+0x10/0x10
[  265.196179][T10101]  ? __pfx_fdb_create+0x10/0x10
[  265.196196][T10101]  ? br_fdb_find+0xe4/0x240
[  265.196217][T10101]  fdb_notify+0xa4/0x1a0
[  265.196237][T10101]  br_fdb_external_learn_add+0x24b/0x7d0
[  265.196264][T10101]  __br_fdb_add+0x133/0xd90
[  265.196291][T10101]  br_fdb_add+0x769/0xe30
[  265.196319][T10101]  ? __pfx_br_fdb_add+0x10/0x10
[  265.196344][T10101]  ? __nla_parse+0x40/0x60
[  265.196363][T10101]  rtnl_fdb_add+0x4bc/0xac0
[  265.196389][T10101]  ? __pfx_br_fdb_add+0x10/0x10
[  265.196411][T10101]  ? __pfx_rtnl_fdb_add+0x10/0x10
[  265.196455][T10101]  ? __pfx_rtnl_fdb_add+0x10/0x10
[  265.196480][T10101]  rtnetlink_rcv_msg+0x3c6/0xe90
[  265.196508][T10101]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  265.196531][T10101]  ? __lock_acquire+0xb97/0x1ce0
[  265.196566][T10101]  netlink_rcv_skb+0x155/0x420
[  265.196591][T10101]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  265.196618][T10101]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  265.196640][T10101]  ? rcu_is_watching+0x12/0xc0
[  265.196676][T10101]  netlink_unicast+0x5aa/0x870
[  265.196704][T10101]  ? __pfx_netlink_unicast+0x10/0x10
[  265.196728][T10101]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  265.196759][T10101]  netlink_sendmsg+0x8d1/0xdd0
[  265.196788][T10101]  ? __pfx_netlink_sendmsg+0x10/0x10
[  265.196816][T10101]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  265.196840][T10101]  ____sys_sendmsg+0xa95/0xc70
[  265.196855][T10101]  ? btrfs_load_block_group_zone_info+0x36f0/0x5160
[  265.196881][T10101]  ? __pfx_____sys_sendmsg+0x10/0x10
[  265.196897][T10101]  ? get_compat_msghdr+0x11a/0x170
[  265.196995][T10101]  ___sys_sendmsg+0x134/0x1d0
[  265.197027][T10101]  ? __pfx____sys_sendmsg+0x10/0x10
[  265.197069][T10101]  ? find_held_lock+0x2b/0x80
[  265.197106][T10101]  __sys_sendmsg+0x16d/0x220
[  265.197166][T10101]  ? __pfx___sys_sendmsg+0x10/0x10
[  265.197199][T10101]  ? rcu_is_watching+0x12/0xc0
[  265.197220][T10101]  __do_fast_syscall_32+0x7c/0x3a0
[  265.197246][T10101]  do_fast_syscall_32+0x32/0x80
[  265.197269][T10101]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  265.197291][T10101] RIP: 0023:0xf7f22579
[  265.197307][T10101] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  265.197322][T10101] RSP: 002b:00000000f542555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  265.197340][T10101] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000
[  265.197351][T10101] RDX: 0000000004040000 RSI: 0000000000000000 RDI: 0000000000000000
[  265.197360][T10101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  265.197370][T10101] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  265.197380][T10101] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  265.197403][T10101]  </TASK>
[  265.349541][T10097] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1067'.
[  265.352525][T10097] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1067'.
[  265.633812][T10111] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1064'.
[  265.688674][ T3242] IPVS: starting estimator thread 0...
[  265.789646][T10112] IPVS: using max 43 ests per chain, 103200 per kthread
[  266.156475][   T40] kauditd_printk_skb: 109 callbacks suppressed
[  266.156488][   T40] audit: type=1326 audit(1756398483.234:2079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.182455][   T40] audit: type=1326 audit(1756398483.234:2080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.188613][T10121] netlink: 'syz.2.1071': attribute type 10 has an invalid length.
[  266.191760][   T40] audit: type=1326 audit(1756398483.234:2081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.194065][T10121] tipc: Resetting bearer <eth:team0>
[  266.203098][   T40] audit: type=1326 audit(1756398483.234:2082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.210675][   T40] audit: type=1326 audit(1756398483.234:2083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.214125][T10121] batman_adv: batadv0: Adding interface: team0
[  266.217651][   T40] audit: type=1326 audit(1756398483.234:2084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.221961][T10121] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.226382][   T40] audit: type=1326 audit(1756398483.234:2085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.234094][T10121] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  266.239180][T10121] netlink: 'syz.2.1071': attribute type 10 has an invalid length.
[  266.241502][   T40] audit: type=1326 audit(1756398483.234:2086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.244045][T10121] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1071'.
[  266.248962][ T5335] Bluetooth: hci1: unexpected event for opcode 0x0402
[  266.254971][   T40] audit: type=1326 audit(1756398483.234:2087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.265605][   T40] audit: type=1326 audit(1756398483.234:2088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.1.1072" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  266.267449][T10123] team0: Port device vlan0 removed
[  266.281830][T10121] team0: entered promiscuous mode
[  266.285629][T10121] 8021q: adding VLAN 0 to HW filter on device team0
[  266.289427][T10121] batman_adv: batadv0: Interface activated: team0
[  266.295103][T10121] batman_adv: batadv0: Interface deactivated: team0
[  266.299328][T10121] batman_adv: batadv0: Removing interface: team0
[  266.310835][T10121] bridge0: port 1(team0) entered blocking state
[  266.313107][T10121] bridge0: port 1(team0) entered disabled state
[  266.316123][T10121] team0: entered allmulticast mode
[  266.318411][T10121] vlan0: entered allmulticast mode
[  266.322443][T10121] veth0_vlan: entered allmulticast mode
[  266.329209][  T226] tipc: Resetting bearer <eth:team0>
[  266.332547][T10123] team0: Unable to change to the same mode the team is in
[  266.336780][T10123] team0: Port device vlan0 added
[  266.414541][T10130] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1075'.
[  266.554157][T10133] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  266.666447][T10133] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1076'.
[  266.670568][T10133] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1076'.
[  266.951782][T10143] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1079'.
[  267.375000][T10153] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  267.881973][ T5335] Bluetooth: hci4: unexpected event for opcode 0x0402
[  267.962416][T10164] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  267.974329][T10158] vlan0: entered promiscuous mode
[  268.256225][   T53] IPVS: starting estimator thread 0...
[  268.349467][T10184] IPVS: using max 43 ests per chain, 103200 per kthread
[  268.934164][T10188] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  269.003900][T10193] pim6reg: entered allmulticast mode
[  269.010320][T10193] pim6reg: left allmulticast mode
[  269.228590][T10202] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  269.668193][   T53] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  269.930324][   T53] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  269.933924][   T53] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  269.937341][   T53] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  269.941125][   T53] usb 5-1: config 0 interface 0 has no altsetting 0
[  269.944266][   T53] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  269.947330][   T53] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  269.951076][   T53] usb 5-1: config 0 interface 0 has no altsetting 0
[  269.953901][   T53] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  269.957287][   T53] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  269.961020][   T53] usb 5-1: config 0 interface 0 has no altsetting 0
[  269.963905][   T53] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  269.966821][   T53] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  269.970320][   T53] usb 5-1: config 0 interface 0 has no altsetting 0
[  269.973222][   T53] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  269.976214][   T53] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  269.979706][   T53] usb 5-1: config 0 interface 0 has no altsetting 0
[  269.982599][   T53] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  269.986833][   T53] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  269.990347][   T53] usb 5-1: config 0 interface 0 has no altsetting 0
[  269.993263][   T53] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  269.996144][   T53] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  270.000154][   T53] usb 5-1: config 0 interface 0 has no altsetting 0
[  270.004477][   T53] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  270.008381][   T53] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  270.012995][   T53] usb 5-1: config 0 interface 0 has no altsetting 0
[  270.017981][   T53] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  270.020909][   T53] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  270.023488][   T53] usb 5-1: Product: syz
[  270.024915][   T53] usb 5-1: Manufacturer: syz
[  270.026514][   T53] usb 5-1: SerialNumber: syz
[  270.029536][   T53] usb 5-1: config 0 descriptor??
[  270.034562][   T53] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  270.396429][T10210] __nla_validate_parse: 4 callbacks suppressed
[  270.396477][T10210] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1099'.
[  270.414148][T10210] bridge0 (unregistering): left allmulticast mode
[  270.530711][ T6039] usb 5-1: USB disconnect, device number 5
[  270.536096][ T6039] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  270.999910][T10237] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  271.081093][T10240] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1108'.
[  271.188146][T10245] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1107'.
[  271.192200][T10245] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1107'.
[  271.802702][   T34] libceph: connect (1)[c::]:6789 error -101
[  271.805304][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  271.867846][T10255] futex_wake_op: syz.4.1110 tries to shift op by -1; fix this program
[  272.060757][   T34] libceph: connect (1)[c::]:6789 error -101
[  272.062745][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  272.137458][T10261] netlink: 'syz.2.1112': attribute type 10 has an invalid length.
[  272.140846][T10261] syz_tun: entered promiscuous mode
[  272.258870][   T40] kauditd_printk_skb: 114 callbacks suppressed
[  272.258885][   T40] audit: type=1326 audit(1756398489.334:2203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.279518][   T40] audit: type=1326 audit(1756398489.344:2204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.291511][   T40] audit: type=1326 audit(1756398489.354:2205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.311017][   T40] audit: type=1326 audit(1756398489.354:2206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.317951][   T40] audit: type=1326 audit(1756398489.354:2207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.339412][   T40] audit: type=1326 audit(1756398489.354:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.351400][   T40] audit: type=1326 audit(1756398489.354:2209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.362836][   T40] audit: type=1326 audit(1756398489.354:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.374988][   T40] audit: type=1326 audit(1756398489.354:2211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.387211][   T40] audit: type=1326 audit(1756398489.364:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10264 comm="syz.2.1114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  272.572107][  T842] libceph: connect (1)[c::]:6789 error -101
[  272.576103][  T842] libceph: mon0 (1)[c::]:6789 connect error
[  273.400837][  T842] libceph: connect (1)[c::]:6789 error -101
[  273.403046][  T842] libceph: mon0 (1)[c::]:6789 connect error
[  273.498874][T10289] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  274.361039][T10297] netlink: 'syz.1.1125': attribute type 1 has an invalid length.
[  274.363520][T10297] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1125'.
[  274.923060][T10252] ceph: No mds server is up or the cluster is laggy
[  275.049477][ T6152] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  275.210991][ T6152] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  275.214666][ T6152] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  275.218138][ T6152] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  275.227187][ T6152] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  275.233469][ T6152] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  275.237906][ T6152] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.247064][ T6152] usb 6-1: config 0 descriptor??
[  275.508352][T10323] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  275.686240][ T6152] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  275.997514][T10325] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  276.121712][T10329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1133'.
[  276.292018][ T6559] usb 6-1: USB disconnect, device number 6
[  276.370598][T10335] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  276.373868][T10335] overlayfs: failed to set xattr on upper
[  276.376299][T10335] overlayfs: ...falling back to redirect_dir=nofollow.
[  276.379194][T10335] overlayfs: ...falling back to index=off.
[  276.383312][T10335] overlayfs: ...falling back to uuid=null.
[  276.775796][T10343] block device autoloading is deprecated and will be removed.
[  277.630379][T10355] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1138'.
[  277.927627][T10364] futex_wake_op: syz.2.1139 tries to shift op by -1; fix this program
[  278.775376][T10380] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  279.002807][ T6559] libceph: mon0 (1)[c::]:6789 socket closed (con state V1_BANNER)
[  279.321475][T10388] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  279.335362][T10388] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1145'.
[  279.338587][T10388] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1145'.
[  279.879570][ T6039] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  280.050665][ T6039] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  280.055221][ T6039] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  280.058107][ T6039] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.062566][ T6039] usb 6-1: Product: syz
[  280.063932][ T6039] usb 6-1: Manufacturer: syz
[  280.065402][ T6039] usb 6-1: SerialNumber: syz
[  280.068424][ T6039] usb 6-1: config 0 descriptor??
[  280.219725][   T40] kauditd_printk_skb: 80 callbacks suppressed
[  280.219736][   T40] audit: type=1326 audit(1756398497.297:2293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.227945][   T40] audit: type=1326 audit(1756398497.307:2294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.234320][   T40] audit: type=1326 audit(1756398497.307:2295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.242558][   T40] audit: type=1326 audit(1756398497.307:2296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.251427][   T40] audit: type=1326 audit(1756398497.307:2297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.260601][   T40] audit: type=1326 audit(1756398497.307:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.267783][   T40] audit: type=1326 audit(1756398497.307:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.274140][   T40] audit: type=1326 audit(1756398497.307:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.281251][   T40] audit: type=1326 audit(1756398497.307:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.284357][ T6559] libceph: mon0 (1)[c::]:6789 socket closed (con state V1_BANNER)
[  280.287910][   T40] audit: type=1326 audit(1756398497.307:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.4.1148" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  280.491498][ T3242] usb 6-1: USB disconnect, device number 7
[  280.494793][T10392] netlink: 'syz.1.1147': attribute type 1 has an invalid length.
[  280.559405][T10359] ceph: No mds server is up or the cluster is laggy
[  280.646752][T10408] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  280.829165][T10408] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1151'.
[  280.832154][T10408] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1151'.
[  281.133825][T10421] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  281.181295][T10421] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1157'.
[  281.184514][T10421] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1157'.
[  281.926466][T10428] overlayfs: failed to clone upperpath
[  281.982075][T10430] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1158'.
[  282.183189][  T842] libceph: connect (1)[c::]:6789 error -101
[  282.185386][  T842] libceph: mon0 (1)[c::]:6789 connect error
[  282.239074][T10442] futex_wake_op: syz.1.1160 tries to shift op by -1; fix this program
[  282.406214][T10443] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1162'.
[  282.450422][  T842] libceph: connect (1)[c::]:6789 error -101
[  282.455540][  T842] libceph: mon0 (1)[c::]:6789 connect error
[  282.959691][ T6152] libceph: connect (1)[c::]:6789 error -101
[  282.961959][ T6152] libceph: mon0 (1)[c::]:6789 connect error
[  283.194743][T10453] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  283.208118][T10453] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1166'.
[  283.213955][T10453] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1166'.
[  283.656560][T10461] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  283.690857][T10461] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1168'.
[  283.695093][T10461] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1168'.
[  283.974371][ T5335] Oops: general protection fault, probably for non-canonical address 0xdffffc000000004b: 0000 [#1] SMP KASAN NOPTI
[  283.979342][ T5335] KASAN: null-ptr-deref in range [0x0000000000000258-0x000000000000025f]
[  283.984501][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: kworker/u33:1 Not tainted syzkaller #0 PREEMPT(full) 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  283.988678][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  283.993483][ T5335] Workqueue: hci1 hci_rx_work
[  283.995618][ T5335] RIP: 0010:kasan_byte_accessible+0x15/0x30
[  283.998131][ T5335] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 e9 0e 3b 73 09 66 66 2e 0f 1f 84 00 00 00
[  284.006545][ T5335] RSP: 0018:ffffc9000f417728 EFLAGS: 00010286
[  284.009272][ T5335] RAX: dffffc0000000000 RBX: 0000000000000258 RCX: 0000000000000000
[  284.012628][ T5335] RDX: 0000000000000000 RSI: ffffffff89622661 RDI: dffffc000000004b
[  284.015830][ T5335] RBP: 0000000000000258 R08: 0000000000000001 R09: 0000000000000000
[  284.019051][ T5335] R10: ffffc9000f417818 R11: 0000000000000000 R12: ffffffff89622661
[  284.022197][ T5335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  284.025367][ T5335] FS:  0000000000000000(0000) GS:ffff8880974c3000(0000) knlGS:0000000000000000
[  284.029064][ T5335] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  284.031813][ T5335] CR2: 00000000f734d7d8 CR3: 000000006330c000 CR4: 0000000000352ef0
[  284.035104][ T5335] Call Trace:
[  284.036518][ T5335]  <TASK>
[  284.037761][ T5335]  __kasan_check_byte+0x13/0x50
[  284.039878][ T5335]  lock_acquire+0xfc/0x350
[  284.041718][ T5335]  lock_sock_nested+0x41/0xf0
[  284.043532][ T5335]  ? l2cap_sock_new_connection_cb+0x4c/0x240
[  284.046042][ T5335]  l2cap_sock_new_connection_cb+0x4c/0x240
[  284.048336][ T5335]  l2cap_connect_cfm+0x4c7/0xf80
[  284.050416][ T5335]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  284.052679][ T5335]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  284.054771][ T5335]  le_conn_complete_evt+0x1665/0x1d70
[  284.056510][ T5335]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  284.058326][ T5335]  ? hci_event_packet+0x459/0x11c0
[  284.059951][ T5335]  hci_le_conn_complete_evt+0x23c/0x370
[  284.061728][ T5335]  hci_le_meta_evt+0x354/0x5e0
[  284.063249][ T5335]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  284.065153][ T5335]  hci_event_packet+0x685/0x11c0
[  284.066817][ T5335]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  284.068492][ T5335]  ? __pfx_hci_event_packet+0x10/0x10
[  284.070239][ T5335]  ? kcov_remote_start+0x3c9/0x6d0
[  284.072108][ T5335]  ? lockdep_hardirqs_on+0x7c/0x110
[  284.074436][ T5335]  hci_rx_work+0x2c5/0x16b0
[  284.076426][ T5335]  ? rcu_is_watching+0x12/0xc0
[  284.078419][ T5335]  process_one_work+0x9cf/0x1b70
[  284.080489][ T5335]  ? __pfx_process_one_work+0x10/0x10
[  284.082746][ T5335]  ? assign_work+0x1a0/0x250
[  284.084657][ T5335]  worker_thread+0x6c8/0xf10
[  284.086582][ T5335]  ? __pfx_worker_thread+0x10/0x10
[  284.088690][ T5335]  kthread+0x3c5/0x780
[  284.090392][ T5335]  ? __pfx_kthread+0x10/0x10
[  284.092345][ T5335]  ? rcu_is_watching+0x12/0xc0
[  284.094348][ T5335]  ? __pfx_kthread+0x10/0x10
[  284.096368][ T5335]  ret_from_fork+0x5d4/0x6f0
[  284.098396][ T5335]  ? __pfx_kthread+0x10/0x10
[  284.100342][ T5335]  ret_from_fork_asm+0x1a/0x30
[  284.102346][ T5335]  </TASK>
[  284.103628][ T5335] Modules linked in:
[  284.105604][ T5335] ---[ end trace 0000000000000000 ]---
[  284.107912][ T5335] RIP: 0010:kasan_byte_accessible+0x15/0x30
[  284.110309][ T5335] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 e9 0e 3b 73 09 66 66 2e 0f 1f 84 00 00 00
[  284.116420][ T5335] RSP: 0018:ffffc9000f417728 EFLAGS: 00010286
[  284.118425][ T5335] RAX: dffffc0000000000 RBX: 0000000000000258 RCX: 0000000000000000
[  284.121817][ T5335] RDX: 0000000000000000 RSI: ffffffff89622661 RDI: dffffc000000004b
[  284.125259][ T5335] RBP: 0000000000000258 R08: 0000000000000001 R09: 0000000000000000
[  284.128284][ T5335] R10: ffffc9000f417818 R11: 0000000000000000 R12: ffffffff89622661
[  284.131315][ T5335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  284.134490][ T5335] FS:  0000000000000000(0000) GS:ffff8880974c3000(0000) knlGS:0000000000000000
[  284.138489][ T5335] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  284.141406][ T5335] CR2: 00000000f734d7d8 CR3: 000000000e380000 CR4: 0000000000352ef0
[  284.144703][ T5335] Kernel panic - not syncing: Fatal exception
[  284.147703][ T5335] Kernel Offset: disabled
[  284.149470][ T5335] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:24:37  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85617075 RDI=ffffffff9b0f9700 RBP=ffffffff9b0f96c0 RSP=ffffc9000f417120
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b
R12=0000000000000000 R13=0000000000000030 R14=ffffffff9b0f96c0 R15=ffffffff85617010
RIP=ffffffff8561709f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f734d7d8 CR3=000000006330c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffc90006b2fa80 RCX=ffffffff8209eecb RDX=0000000000000051
RSI=00000000000001fd RDI=0000000000000004 RBP=00000000000001fd RSP=ffffc90006b2f598
R8 =0000000000000004 R9 =0000000000000051 R10=00000000000001fd R11=1ffffffff1cb97f1
R12=0000000000000001 R13=0000000000000051 R14=ffff88805356c000 R15=0000000000000050
RIP=ffffffff81bb0220 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffeedf40 CR3=000000006c969000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000002a7554 RBX=0000000000000002 RCX=ffffffff8b90abf9 RDX=ffffed1005686656
RSI=ffffffff8c162c80 RDI=ffffffff8190ccb1 RBP=ffffed1003861910 RSP=ffffc9000047fdf8
R8 =0000000000000000 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000001
R12=0000000000000002 R13=ffff88801c30c880 R14=ffffffff90ab8390 R15=0000000000000000
RIP=ffffffff8b90975f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000561744b78000 CR3=000000004b890000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000002c00000012 0004000000080024 0000000000280030
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000049a 0000001000000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffe30801 8003180800060800 200800060071983c 0000064d00000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff e70810b803010800 10b00300080010a0 0304080010980308
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8c80080010900301 8080840800108803 0408000240808080 8800138002060275
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c400236f69646172 77732f7665642f01 ffffffffffffffff e308138003040800
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0240808080880001 8002060175c40023 6f6964617277732f 7665642f01ffffff
ZMM24=1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b
ZMM25=89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71
ZMM26=2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929
ZMM27=1954948519549485 1954948519549485 1954948519549485 1954948519549485 1954948519549485 1954948519549485 1954948519549485 1954948519549485
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=0000000000000004 RCX=ffffffff84e90dd6 RDX=ffff8880281fa440
RSI=ffffffff84e90ca3 RDI=0000000000000005 RBP=ffffc90002f3f320 RSP=ffffc90002f3f1e0
R8 =0000000000000005 R9 =0000000000000004 R10=0000000000000001 R11=0000000000000012
R12=1ffff920005e7e46 R13=ffff88805bb51920 R14=0000000000000001 R15=ffffffff8c165691
RIP=ffffffff81bb08e1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fe40a3fb300 ffffffff 00c00000
GS =0000 ffff8880977c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000561744b79000 CR3=000000004b890000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000002c00000012 0004000000080024 0000000000280030
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000049a 0000001000000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffe30801 8003180800060800 200800060071983c 0000064d00000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff e70810b803010800 10b00300080010a0 0304080010980308
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8c80080010900301 8080840800108803 0408000240808080 8800138002060275
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c400236f69646172 77732f7665642f01 ffffffffffffffff e308138003040800
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0240808080880001 8002060175c40023 6f6964617277732f 7665642f01ffffff
ZMM24=1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b 1dbbff7b1dbbff7b
ZMM25=89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71 89e7be7189e7be71
ZMM26=2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929 2f8fd9292f8fd929
ZMM27=1954948519549485 1954948519549485 1954948519549485 1954948519549485 1954948519549485 1954948519549485 1954948519549485 1954948519549485
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000 ab120000ab120000