last executing test programs:

1m3.180527647s ago: executing program 2 (id=3739):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r5, r4, &(0x7f0000002080)=0x64, 0x23b)

1m3.099096878s ago: executing program 2 (id=3740):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})
r3 = socket$inet(0x2, 0x3, 0x33)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
recvmsg(r4, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x2040)
getsockopt$inet_mreqsrc(r3, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x16a00)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f00000000c0), &(0x7f0000000140)=0x4)
write$sysctl(r6, &(0x7f0000000000)='1\x00', 0x2)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)

1m3.000417623s ago: executing program 2 (id=3744):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006840)={0x2020, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x2b, 0x0, 0x20, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x80}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x1, 0x0, 0x7, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1m2.998949964s ago: executing program 2 (id=3745):
mkdirat(0xffffffffffffff9c, &(0x7f0000000840)='./bus\x00', 0xa4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getsig(0x4202, r0, 0x195, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @void, @value}, 0x28)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
read$FUSE(r2, &(0x7f0000000640)={0x2020}, 0x2020)
r3 = fanotify_init(0x8, 0x0)
fanotify_mark(r3, 0x1, 0x8000020, r1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0xc0189436, &(0x7f0000000140))

1m2.930823499s ago: executing program 2 (id=3746):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000001880)={0x14, 0x7, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4004800}, 0x50)

1m2.579774038s ago: executing program 2 (id=3750):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB], 0x30}], 0x1}, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m2.557970504s ago: executing program 32 (id=3750):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB], 0x30}], 0x1}, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

18.870136152s ago: executing program 4 (id=4144):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="30000000120001000000002000000010100000000c00000000000000000000002378e29f6a8a94751fa60f01"], 0x30}], 0x1}, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

18.608626107s ago: executing program 4 (id=4148):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x12, 0x1, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f00000001c0), &(0x7f0000000280)=@udp=r1}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000640)="b4", &(0x7f0000000180)=@udp=r1}, 0x20)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

18.608456944s ago: executing program 4 (id=4149):
r0 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x44)
fcntl$setlease(r0, 0x400, 0x0)
r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) (async)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x27}, 0x74) (async)
fcntl$setlease(r1, 0x400, 0x0) (async)
fcntl$setlease(r1, 0x400, 0x2)

18.60829417s ago: executing program 4 (id=4150):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x26)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='freezer.self_freezing\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r4, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r2, 0x8000010000000080)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x6000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000600)={0x20, 0xa, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4c080}, 0x4000000)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r4, 0x0, 0x81, &(0x7f0000000440)={'filter\x00', 0x0, 0x0, 0x0, [0x7, 0x7, 0x7fffffffffffffff, 0x3, 0xb7, 0x101], 0x5, &(0x7f00000002c0)=[{}, {}, {}], 0x0, [{}, {}, {}, {}, {}]}, 0xc8)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, &(0x7f0000002080)=0x64, 0x23b)

18.500260001s ago: executing program 4 (id=4151):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f00000001c0)={0x5, "03bbfeb3fb52d288fb0f0000000000006c446593aea9a257d98e03ab46af00", <r2=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r2, 0xc0383e04, &(0x7f0000000140)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)=[{}]})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$sysctl(r0, &(0x7f0000000000)='1\x00', 0x2)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)

17.970148237s ago: executing program 4 (id=4154):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x58, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20048858}, 0x4000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000001c0)='.\x00', &(0x7f0000000200)='ocfs2\x00', 0x200800, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x30, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x18}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x14000006}, 0x0)
sendmsg$inet(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="54238f5292573e9dfef1cb548ff11bfd8a0ac70ae728d90bdd9713003e6819fef2a7509a62975839f25dbe7a", 0x2c}, {&(0x7f0000000180)="aaff59f6d3a61272fc5bb8d312e0da75ef1446d357328a56eaa88ac3f265cb5c4b7afa4ab5d20fefafdd007b631a17a5747102e2f6b48e2b63cfe2cb08e39352baee269d6082fe12834b6a33f833c390dbee2f9947bd0e0fe2d36e96a267cef0d1", 0x61}], 0x2}, 0x80)

17.894322282s ago: executing program 33 (id=4154):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x58, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20048858}, 0x4000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000001c0)='.\x00', &(0x7f0000000200)='ocfs2\x00', 0x200800, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x30, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x18}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x14000006}, 0x0)
sendmsg$inet(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="54238f5292573e9dfef1cb548ff11bfd8a0ac70ae728d90bdd9713003e6819fef2a7509a62975839f25dbe7a", 0x2c}, {&(0x7f0000000180)="aaff59f6d3a61272fc5bb8d312e0da75ef1446d357328a56eaa88ac3f265cb5c4b7afa4ab5d20fefafdd007b631a17a5747102e2f6b48e2b63cfe2cb08e39352baee269d6082fe12834b6a33f833c390dbee2f9947bd0e0fe2d36e96a267cef0d1", 0x61}], 0x2}, 0x80)

17.300039596s ago: executing program 1 (id=4159):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
write$6lowpan_control(r1, &(0x7f0000000540)='connect aa:aa:aa:aa:aa:11 1', 0x1b)
bind$alg(r0, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x5, &(0x7f0000002d40)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000ffffffd40700001000000095000000000000002ba72804605789bfbc7174159805d30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2681d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc162619b3af8a4e825d922c65e3a2a2ad358061d0ae0209e6e83d15645aa818d92b21aa6459512f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa8666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bf3d6b2e28f90c52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e517232586872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f747f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d350100c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000600001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736dd19363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a56a6d920335c8e8726fd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419dfc75c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047050d7296cd3856476a0ea49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64dc4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2ddf267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed186a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d36df524b760ab92efcce7dd1574a0730a9e015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbe4fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a7e008f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d054c744fd06a57f7bcb8fb58c512d0884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c63fb9450dd03985d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921bd4d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a980010000fdf278218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9d3696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637c335892b420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f21d9d5bc27d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072da00f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c30600a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce6459200000067c38a656d326cff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86da86b52f79a3f7306436762dd1a08ce023e07cebc7892ec6f9f696da38feed3d70001500e34ad2e1b2e64af4e37211b524e20f4ae1ba89a32bad2af9030f8add5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac3ffff1ac279a688f10a12105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e90eb1fffffffffffffcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d0dbaec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c2615318bf813e788c84409dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f6eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f11b615c87c441dc970ec896a5af6bf69b50a244bc138a1cae3d220bcff6bcb3058c6e0d1cc0da889710f33f5638f805ce602365492282863cc8092b16656dea03cd50182aabbac78a14506dcbf823bec4a5dad14c4d7353b6a55c28321647df3a85bf9fca4e18aeaf4867e6a3dbdd7a5dbe1a52bddae83fc368404a032bd2649cf74d7af8e9e3e43fad643ad3e8575a2bb0507531eac5e10b631575f1360803c8f556e07f292ab66b9bcea0c2f09db289a5934a4f2f5fe5cfc52b270a4a5fa2a8de62dcaf7ef52f1fd84c55e6a0c5a365a3b4e73c4ac6fc26367f3f6c07b06a0874c039622ba2bd369b105f57099f742a000a36c2f044a5de24604f82a1f197d9a70b5a62f794f57ec02df70d459fedd6125ae41479a2661360a79e175f0add2820018d5985183ee80f681403a7d08e0e2b88d0750c90b7ed5fed6f81ce797f3b60445ce811d2b4e45005a5ea06c1fe927af06433cd3885dc954e698a7a73416c73bfab7773a604e14338797ce9148cda4c0bf05fb67915aeb3661e755e4e1a0ceedfe8e91ee5361ff4c7c07b422e1443a6616b0104000000000000a4c0a1d44d9dfd82896f5623e1d37da4a9a9444485e9b1e3b6b548528989d2aecc1e7b6ee92ca19298801105ced8964e000000000000000000000000000000000000000000000000000000000003d1c031ee2fc25c7ad34283187545b1343f7ab862e66cf5bf4ba4dbf5fda31619c05ddb97199ad4d01471e9b3c7f485b1e74d0ed34201915e79d5ed229f0773ab6b38529c45b10d0796e005b6d663b942320339b9fe1d4e393b4bcb596898cde06955a345db3cb956b0e5da1c1dba7046f4d12fc65085302f330a5e05b59db781cf9cf33752836fff6fcbf379332357c47f3597e084d0779b3cbfb312925a8151e338eca2c80600000000ac5992a4c7ec0b741f117f628562c3b27483ad6d733ffcbfca0ba805af95f8985901b0b8f918efa139e984fe872f22f5f094e3fbdf45ec2076710d8c787156b3e05774ac977c3db6288d252b2a73c84a07d73f9721e52f5b5d331ebb7db0a03be93fd96d7355405e954b8d6d0efcd6c37d869086efe15e30b7b6b2b37647e265a62fccfeb16f12f109dc5e405b53d1737b7a2620943affaa2eb07585e23e0513df2f83218f9f3ed9ba3026bcfbe5e9b36ab5b052886227827b983c0fe8da495f1ea7b5c35e42ff83f6e5e5a71ba3000000000000000000f73ffcd0c92a30304d5142441978012e2e6e1c45c28713fa5354f1fd124598688dffa0890dc8c6b4d9732347896d17d4efe12c20c706dcd4601135c553713cc4000a6690a2eed2e680db50589a659a240afc2c1eaa381a4135933a8d7abff2a7882ff50eabbe493ae54f71473eb65fe8e850f36d096a9c7dfd8fd2a35234bef2ba4755e10489b2508e4a9d911135b6c802e16e23fc7a3c3c0f5939b842bca82db931e5ba180f1eed5f539371105aee1d06af045892e18eb5dfd361f6d89fff0b82da98fa7aa90fe92b59887fda0ed8d375ba13fe3f63e69e417c89e31fdf55b9c2e9e0398c661d4c4ce0804971f3"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x0, @empty}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r2, &(0x7f00000002c0), &(0x7f00000004c0)=@udp=r3}, 0x20)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r2, &(0x7f0000000280), &(0x7f0000000100)=@tcp=r3, 0x1}, 0x20)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d4", 0x5)
connect$unix(r4, &(0x7f0000000580)=@file={0x0, './file0\x00'}, 0x6e)
r5 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$xdp(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000200)="a34e7711d0f3f01469656d5f2a908768eeb5e7aceff54dbdfcdd23d8ae6e68ab60db8baef0dde79dcdc484b8349392b1b0ffe2c0a21fd81ace4c87965b5d9a08d44c7a08d21f14b767769865fa881e38c6ef8bd6058a6b9a3037e66805f229d1e536640000", 0x65}, {&(0x7f00000003c0)="c322e947499a220c9851edb9595f06ec0bcf44e9dbad3a40a9c7f651975d0eac92d25934cc03086413096d91bb93e883e9c228b31d1f01f42fd687ce790ec266d3bde36e04c462b5e7875bc7e2a31a5d6145ad04a7416f8c64f42ac43a55f2dc3a5c0d6d9b785cbc40862b43a6d8fa2f51f2700ca1af71b7876cd3034ad2a4c107d688f9329c605564947ea65f5321de8f82cd7bcbb98fbd8081d9a7650019d05f669187dc605d73c75ef22b7d6bd287df243d2c576e81d5155572f625d5e1186c898cace0f4ef6b2cc8437c0d7178d14b133f9124919a89c96772aed4b408eb6848d882", 0xe4}, {&(0x7f0000000c00)="64e3ba4da56fae1515863f351070b7813786c8e6a5ded6f4a1b8ca5a7075992555eb70e7d1c6cd6847b8cf828ebbb2d5824a2bffed173d62cd80e07cb3e703e393322dcc5afade0ccbc037dc63c067f0c265c3224baa18631fae9bb8a738734ae131797f7f35c478004e3f44015240dd1ef4b5bedbf1429651730b7eb237a082434545aaf4a13d2b49e57c42a9b8f062793e524cc4a249a8185bca24bc6f7107de412af7810c0328ef920d6f8fa28735760a0c721e010d764c40743d5926969797342416e2ca03195f3a0e89922126d6db7923bf04a1c8bc1e70d9e5569ec5bbb43b2ecc7e02170d7b744eb4bb83148b76c5eb10b671337e4d0ee10271f029b0ce777f4e1e9dca02c6e7466bb03151a48dc50a4c28311d9ef3fd100df99528eb15ca3779e5879f79137ad398a7f80bf482eff344344bcf9f885c6f37f92720ad5da083f2ef79ed42ec38d99db1fbd89e13ca1996d24c23b0f202249524a37abfc0689916d167f477a4c7562d48677db76517fdc953f486a83c2237868e9c744c7670e16f173af72ea221b8f55a5f72e12b0a3c964151afeabe1b3fb00eacc0547683ace308578bcd91da847d41db706637b4c8f97090cf6afcad767b7354043c1dfe66d354c11c6bd892ed78e59b9523fb8b5fe85138bddf53bb487b250a7ee31662a46765dc9bf80e11e0e687050f7c42200e321650a7d91452fd48e657e469ef0a43916f0992120dcfdc5dce2a80e630505026b41fb79b612d78ce48118ec56cebb736c99403a57e173a3d646816fe016a3c2d9ebb69b8e59c0680789be776204a327052a5c4a1eb9b9c005b8bc2a976c41331c7a481d9ab35115b80eddc3d82ce18be058162393631373506db25b245894e3ef5a85b96306e22c6a3e18cd3a2d5fecf8f205cce610ca5c6424171f796a170cf86559dc5ae829d6bdc5e43061459d79791205e7baaf6f8a270759d83b93aa5f88e20baab7b2d932bb6b5265197b034482e3509cfb83cf277cdb3312330d3bc41c597586ddee311a0b0851ed9694035548a8f6406c5cffdf134156df82269af680aaf85b353d8359d55f80deebd6c178f3e1a78976b22c18dea6e8d5b74fc7d61927d80df53820d358465c1171b556733f1b73816d570b60aef6ee86a3e8faabcd79250221557fd90db2a23ca393037ba30b6c8e42d3351c1038d265e3c0b5be9e1862312afcd9e0df1843c9121f61331ce92a648c1f2a1c28cd19269028d1b40ef231f5536463e31ca2fc73a7c7d0234c694216f100307c9bfaed50fc2961a321b5fc0e42bd0439eed62eecf981a945f48749889fe881f4f67b4fc57d12defa9e3b4d0507dcf8b1c45eb355eeb5350776082985f72d15bdb93336c8b69957a873cb5dd45f2f0c2811442ffa7931242d47cbcc5fa8e97d96b00226749e4a5d777a63979222204800c9ef56ae47bcf4db7c0957d168dd7567678c55e45a38666881f0e847544e29d34e1efaaab59dacfd223afe9587140fbf2d11988bda27b3db86bae978cd21eecdc156d52ffcce3f71099738a5f33f53d8496eba666eb48624d0bd88fdd362b7b3719e8f71569809ccaf3749831e28c2a6d38716b6de1721cc851862d087539c0ead31b97fe55b9c3e4d5f3c89e6d7184a39ae12dc9a5b9aba1f02f4c070c16838064a725f659f5066dd8e000ab80c8d19f29b00c6594ab4b5b04c94e43bf0fe49f3c44f17f25e9ebf52a46ee0682b50592f86b9d7ae73992451fbb19c8ce9498febc20070f6167650aa899843e5297b705c2863a964904e1c92a1982747c2c02b5ca43297ba3bb3c699705b424181aa7f1813c78241e20c7dbd87b40f94420030c2b9e17f6f6d8ce94bd29dd3db136596be71313db7e161c94697b1cc73c82e1ab78eff2f2fed8d0c847cfb55c5ccf1020f1826574697c4c01c01e26de376892927ca4d964d302d7a168836ffbfff8b866a5a6436b11e7e12f487354ebb4efc1aed3f98987c249a50d7f8a9d03782c44b059bc86d68e00759b762615ddf56a025fcdbdac66f9dc74db58b8147a3b5dd8870e8a056101b4dee8f3fcf2af781fd6c32365412d5ba8dd1aedaa120f3561d17171cfaef30c402adb184a9c254dc0e6d0c1c0a61af8ea6e58da402b29cbd55e58ac922fc9a67c9a8069687daf0f9535a567b055d2b0dd64293ec2a380fc9c7b6a69c79bfaa99265201d675632f4a437eddcb69a63776e97275d70dab3ca9ffc9640982a808c705f0b4a9b6ed02e74b76eaee7bba6edc1ea99512e76ab5f15eee1cee039d697d64f7601c1f2d760dcdbae155b66e143b6330c963d35b4b68ddf0b58dbea7cea398af7afedf9b4dd9c2c9a5650519d46e1b905de31ccc52cafe293c85cb72c02000111bc16166f226408591eabbc52b985110f0f018548d333ee994a742397af5b2a7fb4e7964ba5b695f16f05a06fe19e7fd25d8b2dd43ba38c0e348fd2229f78702ea01bb28849f64ca58c08cd04add025ffcfe0e90a96d16480b1ee894bd3a38c5e882748373f4e56c2ffd28889bface972606913fe78e1355f557316e97dfc3968f38c066390e03bb8ae5b46c0e4948790670c6ed8e7f93630587931819c09b4b7e37739a848639db9b747a78be8f17a08a4cedac167e5797af4e87e04abcf8b15b2d4a3f3d862cbb925f85cdc92d43fe77cb6e50af207ce5deb8d7f84010b910c87d7367ad5b99a0ba96fd2e054b9ce48208d2baaeb370813ad692cd0b362762380fbf909480e5b5b82ba4eb505d3c849e17173733f3285fadb831f25ce0687d12d35dfbcb166c66b3d23d8f79986fd930323e395435d1d3b97b370b256c3cec845b177e2c4fd526008be16956b4585f0b83d1f2bb48da6a56212df5c04236c9c25e4bddf759931313e5d558228477ee4179ca1839518d5644d04338a3d9d95dc6e53188c1d4ea459c596a171915a162712059c3bc56151ac875c4f53010f70a0db0431bc98cec9f7f0fe93296c0b618ff70fa0047ea6bb4a4be7114d088372e370227ee9569d8be02a49ba2ee20ff8c9d75654a08f53cc3480c0f2056ff7f45d4fd2e8d9af2af4aa1485f0f6f39933ef7d628a0119d150daa3d4f05e50b4c418e38f5d591fa2a5b6fb68101a929efbc852f7a7591f37ef2a3bbb91e68b5449c90bd349d3501be19a55426563db02121e0e62ea954a90711e4728a0c230247eac80fcd7c0326ff7738ce950b69310c8acfa1277a492a6901abcbfea19956d564207cfad418fbde7c4511e6599e216327b9eab2d901264327ba562f404de53c733ccade8463a2a09456aee741528bd6ff3689c275430aa5cd9e898b940e90289b743c58de5321107deb55560fc23270e3f80c40ec78efd4f7ae67a4a67ccf869eab63f46e053d569bb1cd370d0faf1f5d34d8420f6cb8cfde0544133372b1c77eb56ddb9e480cb0b7a90c781d79af7875c69beaad0d2e55a4d2446078dffa8501666b60bd265b78a07224b60d950cbbc68e6bd50c53f981d9a9f796dbbe91db3ae9cf5ea7fbbeaf01522979823baca3bc680f0de3cdb1e78cc28d5c6666e6c0f9af545dcbf4fe49b1b8e1908f57bfe6c9f3aaba7c3f83a83a5dcb8b903190a3349a7f41cc0b2ed0213d50a74f0ec5db738b47a43ec7314b8c3487143349f69e75fb17e68def6d8cf709f7e598e8bdbe6ca57af422ba35765a1f8dba0cad9f686b5a4e07feb52820a6597fe2d24856ff242f562f04272d8b669f195b2651f8fc334243da38361c02e8dd83bfc72af4bdd818757c3dcf8293ab7bf505dae6e90ce642665113d446fe5c376f5b2c592414489f1f2197e46d27893d7df1a83e60a9763609a7a439e9cdd4b4bb87073996137482607ba8a782102d6ef3399685cc3af2d8a64a7a763ca7948e359a850cae2e68b04f19579d2871f71d5159d071aaf278b9869ca8d67d0c98d5119ccba00a15c8cfd7f46f6919fbf3fef7f7859aa3f164f2f9805c6659ef17e0eecd34ca115d285404f4d3bf7a2173dcf66f000443626c20cfd4e940754af0d05add41f37b288f6c29b14b26f68f7179840408ab2098867c72f70749b9bcbf28a489234dba1a380c81b841192e39dc6248218c292dcb1f912a2a47f005a9c0787562e947b510b62df51ceb6e7933bd4f0cc40dbc5767fa92e6f9efd06016ea4a53466866cde8336014eba41e7a148cd5b2f369cc71bf9874f7ed74b904db12de938db3daaf54a17276e610940ee17c3c5961f3d6c024bee886ce70e5fe2dc1fa95f0394595296fcb2ab5b723360abce891791d36c41ce3d68bed51645de02b03857ec37fea20b904942399d73c11eedd358a7cc6350b8c2420952abae1ca7e18a4f58c92466a8fd0d805e455f833890f77ba8bd6955c36f7a2bce0826e8b739d5678aabca80fca7b3ea3a29b28021d7e3cc14428c464d7d3c9f5b63970a838631a135bc881ea9c2126ef268af1e41a7ab444cab3e0eeb4b74e5dc36fe94f672d19972041f4a156573558f1794b81de578cb8bcdfe63b1bce04730c58eb704db524a5acbb6ac41d658719b41546ca3677f45ff3f7cf294281780390cc4f206e0cc8954bc0bba5deeea3fc14a2346b6a2c39b9dfbcd6e2a6e55cbf2c3c96e7cefffc208ce894984d2464b49e03799999c6f070e712427b7bd62c3e99fe2192421c33bdc2415b0cbbf2f823d1ce8bd72d98f52dad24195056b2bc385d83a500d69a544cc402e9a98dec9fd93cbcdb0f2961424b7b58dd4943262b428c110d8cb1cea9fcb72a050e0c86010a5a08f46598d4e736ea55af20b94107e78a1fa7b0d72f1af8714e4e8d24afd8296ec03574a7305a9fadffc9f6ed85b18355807a09d4f947e90eec011942c9ac120d3d816d2c5d9c299b73b460d2163c1e9966c44c623924debc280865a7457f4fa9f2d86cf9d1c93d40dd53e130805c8e636dd1f5e2daf117adae11f725c439b91ccef61b82a63e44be798bdb370918ebfc1a4c04e3ef8f130194dd8d009c02381da5605436cbc3f9dce4408f2b242e4484fe2a53d3ed0d68d7a50a85eb80b1c04d1412ae67f51fad7a43f0e381a3e07cdcd6999eb5b116b9085c78cad2dda8ccdc5c65114d3ffc48138437989204bb10cf3ada9cf9cf618b8110723d046debd265b22bba754337b7338b46e8d49863626ea7f92f692e43baa6c48668354d74a1cec631869e1cb987bea659cab15544f2e4409ab38d5c25e731f46a49c7b58b95d94db3f3195cb3c3cfa4383800e5768ca47bc9050a82c646d643837eec10c9deb9c168d1ca9efa68f7708cd049614b25792aab10c003e514f5d2c7e012677f73196551ec70972fcbcb9e9cd6ae74120d29060e6d38a", 0xebc}], 0x3}, 0x80c1)
sendmsg$alg(r5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x48814}, 0x14000012)
recvmmsg$unix(r5, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000002a00)=""/4100, 0x1004}], 0x1}}], 0x1, 0x10000, 0x0)

17.230151482s ago: executing program 1 (id=4161):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x4)
mkdirat(r0, &(0x7f0000000340)='./file0\x00', 0x111)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lstat(&(0x7f0000000380)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = memfd_create(&(0x7f0000000000)='\t^\x1ax1\xc7\xbe\xa1\xc6F\xfa\x9cq\xb1w&\xdfP\xba\xdf\xf9F\xc1\xd4x\xaa\x92~srQ\xeaS\x88\xad\xd1Js\\\xb2\xc5\xed\xe8\x7f\xdc(\x01\xcey\xc7\x15?\n\xad\xe7R\x9e\xe1K\xfd\xc95f@O}\\\xdd\xca!;\xf38\'D9\xcb\xda\xa1\xc1p\xd4)\x18x\x17\xab7\x06\x9f\xe3X\v\xf2\xcc\x05\xb4( m\xde\x0f\xf3\xf8\x1b\vW\x00\x90\x01\xfe\x1e<\xabL-3\xe6\x81V\x8d3\x1b$\x0e\x00\x00\x00\x00\x00\x00\x94&\xac\x88\x95\xff\xda\x14d\xcbx\bx\x95\xab\xcb@\x8d\xa0\xe4I\xff\x87\x90\xd9\x89O\x98\x90\x86\xff\xcc\xc1\xf5\r\xea\x19c\xba\xa9\"d$\x01h\x0f&/B\xa5\x18%\xc7\x00\x17\x00\x00sH\xc7ex#\xb0\xe4\x1b\xce\x0f\xear,-\n\xe6gB#\x8ch=:F$\xe6\x87\xf0AF\xd5\x84c\xd5\xd5(\xb3\xac\x9b\x80\x81y\xf1\a\x0f \xbb\xfa\xd3\x88\xad=5J\x13>u\x8c\x00\x00\x00\x00\xff\xff\xff\xff\xb8~\xaa-\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1f\xdf\xcf\b\x9f\xb6\xf2\x84\xbag\xe5.\xe4\x1f\xb3\xf4\xc6\xad\x06\x1btb\"\x87\x0f\xd7\xf9\x10~\xdc7\xe7\xdc\x11\xd8?\x040\xc5%%\x1c\x8d\xe0\xb99\x10\x11\x84\xbb\xa9\x9em\x1d\xfd\xd4\xcf\x8cH\xa6\x980\xadg\x9b\x8b$\x0e\x04\xd8\xaa\x17\xac\xf4\xda\xd0z\x87H\x03Du\x91\x839\xec\xd7\xde\xf2P\xf6dj-b\x84\x18\xe9\fy`\xca\x86Za7\xe4P\x95B\xeefTdk\x83\xcc\xa4\xa5\b\x1e\x998\x042\xb2\xdd\x8a\xea\xefQ\xf3-Z\a\xd3\xbb\xd5\x80\xb7\v\xa9\xae*\xca\xd90\xc8\xf4_\xe9N7*K:\xe1\xa4\xf7G\a\xd4Q\f7\xdeK,&\xf8\xe7\xffj\xd1\xae\xa1\x04\xf9\xd5\xc5\\\xcc:\xb1\xa70\x84\xf72 \xd1\xcb}Ky\xa5\x9bx&\xad\xf0U\x1aK\x8bN\xcd\xf50\xa3\xc7\xee\x7f\x1a#\xc9\xb3^\xdd/\x13\xb6\xe9%\xed\x04\xf4o}\x17U\x16C\xb2\xea7C\xb6fH$\xd6\xeb\x03\xd2\xa9\xa0\x9a\x93\xed-S\xe5p\xa28*\x98C\xa9\xf5\xf1*\xaa3\xb9\x88\xb3E\x03\x06\xf7\xa7', 0xa)
fchmod(r2, 0x184)
mount$9p_virtio(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x1000012, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=virtio,access=', @ANYBLOB="92bfb72653c1367384640c4e763a87eff8dc3efc3e00"])
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000040), 0x2040, &(0x7f00000001c0)={[{@verity_on}, {@verity_off}, {@uuid_auto}, {@lowerdir={'lowerdir', 0x3d, './file1'}}], [{@uid_lt={'uid<', r1}}, {@fsname={'fsname', 0x3d, '!%+-%)\xa9$&/]]-'}}, {@permit_directio}]})
fchdir(r2)
mount$overlay(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000080), 0x2010000, &(0x7f0000000180)={[{@nfs_export_on}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@index_off}]})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x3, 0x2, 0x4)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000001880)={0x1c, 0x7, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004800}, 0x50)

17.229853672s ago: executing program 1 (id=4162):
ioprio_set$pid(0x3, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="1201000000000020ac050f0222000182830109022400010100000009040000020301020009210005000122000009058103", @ANYRESHEX], 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, 0x0, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
read$FUSE(r4, &(0x7f0000000080)={0x2020}, 0x2020)

16.000547428s ago: executing program 1 (id=4165):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, &(0x7f0000000000)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@subsystem='cpuacct'}, {@xattr}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x2)
mknodat$loop(r0, &(0x7f0000000080)='./file0\x00', 0xc0, 0x1)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x40078, &(0x7f0000000000))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
close_range(r2, 0xffffffffffffffff, 0x400000000000000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r4 = accept4$tipc(r3, 0x0, &(0x7f0000000200), 0x80800)
sendmsg$tipc(r4, &(0x7f0000000880)={&(0x7f0000000240)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x1}}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000280)="5955b908b54d845c52d328c3f415a347ed31101eab41e12b6f58db6748327f086e3016a114103231b88c5f701834d6cf5e398efe4a7fc434ad04", 0x3a}, {&(0x7f00000002c0)="b581f48debbd7c2c199e7a8b81157dbf1358", 0x12}, {&(0x7f0000000300)="285ef71a03aa8c797cd4340f5c0211636db18af117b11fefcef1604cce465587a19d3ba507aa3af3e5c00a782d2c0e8fd54de51f33ca45d1e6e8875e7cd5fb68f6ffa9e1716469bacec3ded1b68385e1c85ceeca5aa0fa5ec0ab7f15906042348255ccf76e41e894304dec0a9b495788949144000a70a4a209797cec57a9a05841ce1dd834dc3f11c785e099bc6c83204e4db9b5c0f4c427", 0x98}, {&(0x7f00000003c0)="29b9116580f96b0f3ab98c3c4e9e5ea149e928d61f56b15feddbced69c886cbb5a87290775c0b90cd73f97411fb252e77337eed0edab82e02d4a9c88ef2e583932cf3ee0eadd2d22b1f0fb282be8eeac326ee07eca1b4fc1600b5a5a00a5ac398cb19ffd04609528e923004a757ad5d11d3f4b80f0", 0x75}, {&(0x7f0000000440)="0360edba20a3ff5fc65e0234047ee91813757eabbe167b4ba545b32b8690f9d0bde15c990c854423c2759f6beb8ddef7427a3f56faa69831a7277ea6bb171e6290fc36d1f55ed8a71f82843174bbc48e4a926e30b390eaf585481243e394cb94b9f191da6ac9246127c1643157476f0625ab34", 0x73}, {&(0x7f00000004c0)="087a492f6ea6acbe1fc48d143c6651e8ccbc2c60b05bf4093482d06c8a6468256602e3a121470ba4820855edec45351066ac4f24473249695038546fb47cd3ce60876436de841c972b", 0x49}, {&(0x7f0000000540)="e0c458c313c1136969b9c3788e960aa62783700de1a2df3be66ac602f172190c8b3d15ea17c3499cb8dd56dacb9c7da0407d9d62b45f18c60bf5b60c16e3ad4575d472386eea75652c7c910eae01552fd0469587eb32dfcecc334ba593", 0x5d}, {&(0x7f00000005c0)="2d0b0b2f2eaf2274a4ecba85db7894f28f6052b398f9a4b6028a2867b9f896bd05c06b7766ab89b47816ce1a0e39653b88b04eca93e7042193e79f2645b6a6fcb25effa5", 0x44}, {&(0x7f0000000640)="cb9e99e581d0709c632c85c02ad39d8e54d0f307a52d8f3aeff00641a4d066f71f2ad79cac670036f27df73515c79d73afe5912451f8fedc7166e82513a57b9343e455c96070797697d6807683fc7047997bd0c7daae5042c51457864c4b4dde0dd636c6ebb50415d69df28bdda4ad7e80ed890710314457ff6a4faf56820b5bf1a1676431112b2ca648d9db738b60ac7273d7330739b9784b76dd06091e0ee642ce80b57018ed2245869587c420e12163361a2714eedb4cf1b7bf75eec01e011daeb7", 0xc3}], 0x9, &(0x7f0000000800)="eb466d59f3f9db611d03f36e080a463b83ee4c8f06ffec25ab43b406ebbe90a21c96077b3a414884ead53568198e8d129953f5a8534d2a594606569766883e592c25a770", 0x44}, 0x24000014)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_int(r5, 0x29, 0x1a, 0x0, &(0x7f0000000040))
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
write$P9_RXATTRWALK(r3, &(0x7f0000000180)={0xf, 0x1f, 0x1, 0x9}, 0xf)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0)

15.930507604s ago: executing program 1 (id=4166):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24}, 0x24}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xf}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0x20007c92}]}}]}, 0x3c}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0x7}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000006c0)=@newtfilter={0x4c, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xe}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ARP_OP={0x5, 0x3d, 0x2}, @TCA_FLOWER_KEY_CT_STATE={0x6, 0x5b, 0x8}, @TCA_FLOWER_KEY_ENC_IPV4_SRC={0x8, 0x1b, @dev={0xac, 0x14, 0x14, 0x42}}]}}]}, 0x4c}}, 0x14)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010ac054402000000002d7b0902240001000000000904000000030002"], 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
read$msr(r7, &(0x7f0000000040)=""/60, 0x3c)

14.349342252s ago: executing program 0 (id=4169):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2542, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/rt6_stats\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc0686611, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x38}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x4}, @NFTA_SET_ELEM_EXPIRATION={0xc}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000840)={0x1, 0x0, @pic={0x1, 0xfb, 0x4, 0x3, 0x6, 0x3, 0x4, 0x6, 0xfd, 0x6, 0x4, 0xe4, 0x7, 0x3, 0x91, 0x3}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x6, 0x0, 0x0, 0x0, 0x10000000, 0x4000000406c, 0x0, 0x8000000000000, 0x80000000000000, 0x0, 0x9, 0x40, 0x7, 0x0, 0x8001], 0x1, 0x3c4210})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

14.210316782s ago: executing program 0 (id=4170):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000001880)={0x14, 0x7, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x50)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7000001, 0x12, r1, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)={0xb, {'syz1\x00', 'syz0\x00', 'syz1\x00', 0x0, 0x4, 0x10, 0x5, 0x10, 0x100}}, 0x118)
r2 = socket$kcm(0x10, 0x2, 0x4)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x6}, @hci_rp_read_def_link_policy={{0x6}, {0xfe, 0x1}}}}, 0x9)
rt_sigsuspend(0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)="89000000120081ae08060cdc03a6000000000002000000006ee2ffca1b1f0000000004c00e72f750375ed08a563319bf9ed720000000d6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100002400d0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece0195b49e33538afa8af92347514f0b56a20ff27fff00"/137, 0x89}], 0x1}, 0x4080)
getsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000100), &(0x7f0000000140)=0x4)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x7, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc09bbdbd78ee1693}, 0x41)

14.209863171s ago: executing program 0 (id=4171):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xf, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000001340)=@framed={{0xbe, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x8}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

14.200373354s ago: executing program 0 (id=4172):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000002480), 0x20402, 0x0)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000080)=0xf7e)
read$dsp(r1, &(0x7f00000002c0)=""/4096, 0x1000)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xa, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
r2 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000040)=0x1c, 0x800)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wg1\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8936, &(0x7f0000000140)={@mcast2, 0x56, r3})

13.989209727s ago: executing program 1 (id=4173):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x3, 0x2, 0x1, 0xfffa}, 0x2f, [0x8000, 0xc95a, 0x200, 0x5, 0x83, 0x2, 0x3, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x4640, 0x7, 0x5, 0x8006, 0x0, 0x7, 0x3c5b, 0x1, 0x1db, 0x10, 0x5, 0x0, 0xfffffffb, 0xe661, 0x4, 0x7, 0x7, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0x11, 0x4, 0x80008071, 0x7, 0x17, 0x1, 0x5, 0x5, 0x3e, 0x18e, 0x9, 0x6, 0x454f, 0x6, 0x4, 0x8, 0x3ff, 0x7f, 0x0, 0x5, 0x6, 0x8, 0x8000, 0x1, 0x50], [0x10000007, 0x9, 0x8000012f, 0x8001, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf3, 0xe, 0x2bf, 0x46c7, 0x9, 0xfffffffc, 0x203, 0x0, 0x0, 0x2005, 0x2f, 0x10, 0x312, 0x66abcbd2, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x2, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0xfffff575, 0x5f31, 0x100d, 0x4e0, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x5, 0x6, 0x47, 0x8, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x9, 0x3, 0x3, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x4, 0x408, 0x4, 0x5, 0xfffffffd, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x4, 0x9, 0xb, 0x4, 0x10000, 0x5, 0x0, 0x1ec, 0x5, 0x47, 0x8001, 0x3, 0x303c, 0x4, 0x8000000d, 0x5, 0x2, 0x2, 0x400003, 0x20000004, 0x4, 0x40006d01, 0x6, 0x38, 0x800003, 0x200, 0x81, 0x20003, 0x0, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0xa9, 0x5, 0x0, 0xac8, 0xbf, 0x2, 0xe, 0x7ff, 0x12b, 0x4, 0x100, 0xa, 0xffffffff, 0x9, 0x2, 0x120000, 0x807ff, 0x2006, 0x80a2ef, 0x1, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x1938, 0x6, 0x10000006, 0x0, 0xb9, 0x0, 0x1ff, 0x4, 0x57, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2000002, 0x14a, 0x60a7, 0x106, 0x7, 0x7, 0x80000000, 0x0, 0x5, 0xc8, 0xfffffffe, 0xfffff000, 0xffff, 0x3, 0x7e, 0x100, 0x9622, 0x107, 0xaf, 0x20000008, 0x5, 0x226, 0x2, 0x5, 0x0, 0x30b1d693, 0xa1c, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x803, 0xd7, 0x200, 0xb, 0xfff]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSIFBR(r3, 0x8941, &(0x7f00000005c0)=@get={0x1, 0x0})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x400, 0x8, 0x6, 0x31, 0x47, 0x2, 0x1000, 0x7fff, 0x7, 0x768, 0x66, 0x400, 0x7fffffffffffffff, 0x0, 0x2, 0x9], 0x2000, 0x601})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x7, 0xf, 0x9, '\x00', 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r6, 0x6, 0x18, &(0x7f0000000080)=0x80000049, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @mss, @sack_perm, @window={0x3, 0x74a}, @timestamp, @mss, @timestamp, @sack_perm], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f00000001c0), 0x4)
syz_open_procfs(r4, &(0x7f0000000440)='net/nf_conntrack_expect\x00')
ioctl$KDFONTOP_SET(r5, 0x4b4b, &(0x7f0000000040)={0x4, 0x0, 0x3, 0x1d, 0x100, 0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, 0xee01}}, './file0\x00'})
r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x40801, 0x0)
ioctl$SNDCTL_TMR_START(r7, 0x5402)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x42802)
r8 = syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r8, 0xc0205647, &(0x7f0000000100)={0x0, 0x1, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x980913, 0x0, '\x00', @p_u8=0x0}})

13.150607747s ago: executing program 3 (id=4174):
r0 = memfd_secret(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/disk', 0x169a82, 0x0)
sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x18, 0x1401, 0x100, 0x70bd28, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0xc841)
sendfile(r1, r1, 0x0, 0x30)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0xb, 0x9c000)

13.150224577s ago: executing program 3 (id=4175):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
write$sndseq(r1, 0x0, 0x0)
poll(&(0x7f0000000000)=[{r1, 0x8a}], 0x1, 0x100)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000001140)={0x80, 0x1})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r6, r5, &(0x7f0000002080)=0x64, 0x23b)

12.860022768s ago: executing program 3 (id=4176):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a60274fcffffffffffffff14e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028643b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ede1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bc00d08e36655c00"})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x7}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0), 0x8000, 0x0)
inotify_add_watch(r3, &(0x7f0000000200)='./file0\x00', 0x10000000)
write$sysctl(0xffffffffffffffff, &(0x7f0000000240)='6\x00', 0x2)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000003e000701feffffff00130000017c0000040042800c00018006000600800a00000c00028006000a"], 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0xc000)
ioctl$TCXONC(r4, 0x4b45, 0x3)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
preadv(r6, &(0x7f00000013c0)=[{&(0x7f0000001480)=""/201, 0xc9}], 0x1, 0x5, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)

12.630099886s ago: executing program 3 (id=4177):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000300)={0x0, 0x2, 0x9})
r1 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x3501)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000080), 0x0, 0x6a6e03)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x1, &(0x7f0000000040)={0x2, 0xf, 0x8, 0x2}, 0x8, 0xea, 0x8, 0x0, 0x0, 0x0, 0x0})
syz_clone(0xc031000, &(0x7f0000000180)="07ed6299d5e7e7f76b669c21e653989dc6c4229069a345c1b2c15c0312a38d7c324eed16cb6cf68aaa807a10f47360a849b1a10e9ad0d1463049c016d6543f0cb5d68f1dd7eb756ab5706523de5a464acf92ff40a748d9ce56f5866003046792f936ce6ffaa122dcd713d6a5f82634e45c71db58cd66a80ca8e70fcde23ddfd399b63d5566f390501aa4d9cfdb174d0c4935b446170b5d47f41f4da45658b693f1d6e67fb16ea9e4cfdaef9cb8f22efa4bfac2bcbcae7e141411dd", 0xbb, &(0x7f0000000100), &(0x7f0000000240), &(0x7f0000000280)="c1fd47e3c10d897199669b7974005b0d740960eb15")
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f00000000c0)={0x0, r2})

12.629674676s ago: executing program 3 (id=4178):
r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000300), 0x10000, 0x0)
ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f00000003c0)={0x36, 0x24, 0xe, 0x9, 0x6, 0x3, 0x2, 0x148, 0xffffffffffffffff}) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) (async)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r3)
mkdir(&(0x7f0000000100)='./control\x00', 0x0) (async, rerun: 32)
rmdir(&(0x7f0000000040)='./control\x00') (rerun: 32)
creat(&(0x7f0000000140)='./control\x00', 0x30) (async, rerun: 64)
sendmsg$DEVLINK_CMD_RATE_DEL(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)={0x1c, r2, 0x1, 0x0, 0x25dfdbfd, {0x54}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x8000) (async, rerun: 64)
sendmsg$DEVLINK_CMD_GET(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x14, r2, 0x1, 0x0, 0x25cfdbfc, {0x54}}, 0xfffffffffffffe47}, 0x1, 0x0, 0x0, 0x48090}, 0x40010) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r5, 0x4038ae7a, &(0x7f0000000180)={0x1, 0x283, 0x0, &(0x7f0000000340)})
ioctl$KVM_SET_CLOCK(r5, 0x4188aec6, &(0x7f0000000040)={0x1, 0x8, 0x0, 0x20000000000000})
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x5) (async, rerun: 64)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000200)=0xdc) (async, rerun: 64)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000017b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x200008c0) (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r9) (rerun: 32)

12.399976137s ago: executing program 0 (id=4179):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x5, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000001880)={0x1c, 0x7, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004800}, 0x50)

11.524509477s ago: executing program 0 (id=4180):
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000001c0), 0x313243, 0x0)
r1 = syz_io_uring_setup(0x6fb4, &(0x7f0000000300)={0x0, 0x114df, 0x4, 0x1, 0x8b, 0x0, r0}, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x1c}}, 0x4c000)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r4, 0x0, &(0x7f00000004c0)="99367b", 0x3, 0x40000180, 0x1})
io_uring_enter(r1, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x60, 0x7, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFTA_RULE_COMPAT={0x14, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x33}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x1d}]}, @NFTA_RULE_COMPAT={0x2c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x3c}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x62}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x890d}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x16}]}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x2}]}, 0x60}}, 0x4000000)
ioctl$sock_SIOCADDRT(r4, 0x890b, &(0x7f0000000500)={0x0, @qipcrtr={0x2a, 0x4, 0x7fff}, @ethernet={0x6, @broadcast}, @isdn={0x22, 0x9, 0xc, 0x1b}, 0x8, 0x0, 0x0, 0x0, 0x400, &(0x7f0000000280)='tunl0\x00', 0xc7, 0x2, 0x5})
unshare(0x68040200)
unshare(0x40000)
r7 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
openat$cgroup_procs(r7, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xdd1ff000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000240)=0x1)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001b00), r8)
sendmsg$NL80211_CMD_REQ_SET_REG(r8, &(0x7f0000001bc0)={0x0, 0x0, &(0x7f0000001b80)={&(0x7f0000001b40)={0x1c, r9, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x24008000)
getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)={'security\x00', 0x0, [0x8, 0x7ffb, 0x151, 0x80000008, 0x6]}, &(0x7f0000000100)=0x54)

0s ago: executing program 3 (id=4181):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010ac054402000000002d7b0902240001000000000904000000030002"], 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000a40)={@fallback=r0, r0, 0x2f, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000003c0)={@cgroup=r0, r1, 0x2f, 0x18, 0x4, @void, @value=r1}, 0x20)
r2 = gettid()
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="3f068067884efe2edfbe0be56e5777adc6fbc75545525923b362f7375e19337da7282aea08d55bdb0e9b500e89ff1e07e08fe9f02cccc34da14639b40db23af0efab668499beabbe443847038e62a1867b589e68e1dd81b5bddafca77031a1b027900e66ff4828", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
chdir(&(0x7f0000000280)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0xee01, &(0x7f00000000c0)={0x84, 0x7f, 0x2000200000a95e, 0x1, 0x9, 0x9, 0x48cd, 0x0, 0x7fffffff})
r4 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1812c1, 0x0)
fchown(r4, 0xee01, 0x0)
fchown(r4, 0x0, 0x0)
r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000100)='ceph\x00', 0x0, &(0x7f0000000340)="010001000000000000001000015b097ead8584780aed42abbad05dd5", 0x1c, r5)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r6, 0xc038943b, &(0x7f0000000240)={0x4, 0x10, '\x00', 0x1, &(0x7f0000000200)=[0x0, 0x0]})
ioctl$DRM_IOCTL_ADD_BUFS(r3, 0xc0206416, &(0x7f00000001c0)={0x9, 0x6, 0x7, 0x9, 0x0, 0x4})
r7 = syz_init_net_socket$ax25(0x3, 0x2, 0xce)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r8})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000580)={&(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0], 0x8, 0x4, 0x7, 0x3})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r3, 0xc01864b0, &(0x7f00000005c0)={r8, r9, 0x7, 0xf, 0x1000})
setsockopt$ax25_int(r7, 0x101, 0xc, &(0x7f0000000000)=0x7, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000240)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}, @dest_unreach={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast2, @local, {[@noop, @end, @timestamp_prespec={0x44, 0xc, 0x21, 0x3, 0x0, [{@private}]}, @ssrr={0x89, 0xf, 0x0, [@private, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast]}, @timestamp_addr={0x44, 0x4c, 0x0, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@private}, {}, {@private=0xa010101}, {@loopback}, {@private}, {@multicast2}, {@multicast1}, {@broadcast}]}, @timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}]}}}}}}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
read$msr(r10, &(0x7f0000000040)=""/60, 0x3c)

kernel console output (not intermixed with test programs):

terface
[  468.932534][   T64] bond0 (unregistering): Released all slaves
[  468.942004][T16278] hsr_slave_0: entered promiscuous mode
[  468.944469][T16278] hsr_slave_1: entered promiscuous mode
[  468.946785][T16278] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  468.949251][T16278] Cannot create hsr debugfs directory
[  468.968849][T16322] lo speed is unknown, defaulting to 1000
[  468.971163][T16327] IPv6: NLM_F_REPLACE set, but no existing node found!
[  468.996951][T16342] veth25: entered promiscuous mode
[  468.999436][T16322] lo speed is unknown, defaulting to 1000
[  469.024247][T16322] lo speed is unknown, defaulting to 1000
[  469.031189][T16322] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  469.041465][ T5289] Bluetooth: hci2: command tx timeout
[  469.061760][T16348] binder: 16347:16348 ioctl c0306201 0 returned -14
[  469.062985][T16322] lo speed is unknown, defaulting to 1000
[  469.067552][T16348] syz.1.3780 (16348): drop_caches: 2
[  469.068956][T16322] lo speed is unknown, defaulting to 1000
[  469.069824][T16348] syz.1.3780 (16348): drop_caches: 2
[  469.073395][T16322] lo speed is unknown, defaulting to 1000
[  469.075884][T16322] lo speed is unknown, defaulting to 1000
[  469.100440][T16350] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  469.100487][T16322] lo speed is unknown, defaulting to 1000
[  469.104812][T16350] FAULT_INJECTION: forcing a failure.
[  469.104812][T16350] name failslab, interval 1, probability 0, space 0, times 0
[  469.106531][T16322] lo speed is unknown, defaulting to 1000
[  469.110108][T16350] CPU: 2 UID: 0 PID: 16350 Comm: syz.1.3781 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  469.110123][T16350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  469.110129][T16350] Call Trace:
[  469.110134][T16350]  <TASK>
[  469.110138][T16350]  dump_stack_lvl+0x16c/0x1f0
[  469.110168][T16350]  should_fail_ex+0x512/0x640
[  469.110185][T16350]  ? fs_reclaim_acquire+0xae/0x150
[  469.110200][T16350]  ? tomoyo_encode2+0x100/0x3e0
[  469.110214][T16350]  should_failslab+0xc2/0x120
[  469.110225][T16350]  __kmalloc_noprof+0xd2/0x510
[  469.110248][T16350]  tomoyo_encode2+0x100/0x3e0
[  469.110270][T16350]  tomoyo_encode+0x29/0x50
[  469.110289][T16350]  tomoyo_realpath_from_path+0x18f/0x6e0
[  469.110317][T16350]  tomoyo_check_open_permission+0x2ab/0x3c0
[  469.110337][T16350]  ? init_file+0x93/0x4c0
[  469.110352][T16350]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  469.110367][T16350]  ? ovl_dir_read_merged+0x357/0x5d0
[  469.110384][T16350]  ? iterate_dir+0x293/0xb40
[  469.110401][T16350]  ? __x64_sys_getdents+0x14d/0x2c0
[  469.110439][T16350]  ? do_raw_spin_lock+0x12c/0x2b0
[  469.110461][T16350]  tomoyo_file_open+0x6b/0x90
[  469.110475][T16350]  security_file_open+0x84/0x1e0
[  469.110498][T16350]  do_dentry_open+0x596/0x1c10
[  469.110524][T16350]  ? lockdep_init_map_type+0x5c/0x280
[  469.110545][T16350]  vfs_open+0x82/0x3f0
[  469.110559][T16350]  dentry_open+0x71/0xd0
[  469.110569][T16350]  ovl_path_open+0x198/0x1f0
[  469.110583][T16350]  ovl_dir_read_merged+0x357/0x5d0
[  469.110596][T16350]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[  469.110611][T16350]  ? __pfx_ovl_fill_merge+0x10/0x10
[  469.110628][T16350]  ? kasan_save_track+0x14/0x30
[  469.110646][T16350]  ovl_iterate+0x86c/0xe40
[  469.110659][T16350]  ? __pfx_down_read_killable+0x10/0x10
[  469.110676][T16350]  ? __pfx_ovl_iterate+0x10/0x10
[  469.110688][T16350]  wrap_directory_iterator+0x9f/0xe0
[  469.110703][T16350]  iterate_dir+0x293/0xb40
[  469.110723][T16350]  __x64_sys_getdents+0x14d/0x2c0
[  469.110737][T16350]  ? __pfx___x64_sys_getdents+0x10/0x10
[  469.110750][T16350]  ? fput+0x70/0xf0
[  469.110760][T16350]  ? __pfx_filldir+0x10/0x10
[  469.110773][T16350]  ? rcu_is_watching+0x12/0xc0
[  469.110788][T16350]  do_syscall_64+0xcd/0x260
[  469.110804][T16350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.110814][T16350] RIP: 0033:0x7f47e5b8e969
[  469.110823][T16350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.110833][T16350] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  469.110843][T16350] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  469.110849][T16350] RDX: 0000000000000036 RSI: 00002000000008c0 RDI: 0000000000000003
[  469.110855][T16350] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  469.110860][T16350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  469.110866][T16350] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  469.110879][T16350]  </TASK>
[  469.110894][T16350] ERROR: Out of memory at tomoyo_realpath_from_path.
[  469.187347][T16359] FAULT_INJECTION: forcing a failure.
[  469.187347][T16359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.219264][T16359] CPU: 1 UID: 0 PID: 16359 Comm: syz.0.3784 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  469.219281][T16359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  469.219287][T16359] Call Trace:
[  469.219291][T16359]  <TASK>
[  469.219296][T16359]  dump_stack_lvl+0x16c/0x1f0
[  469.219314][T16359]  should_fail_ex+0x512/0x640
[  469.219330][T16359]  _copy_from_iter+0x2a4/0x15b0
[  469.219348][T16359]  ? __pfx__copy_from_iter+0x10/0x10
[  469.219360][T16359]  ? avc_has_perm_noaudit+0x149/0x3b0
[  469.219373][T16359]  ? sock_has_perm+0x259/0x2f0
[  469.219384][T16359]  ? __pfx_sock_has_perm+0x10/0x10
[  469.219397][T16359]  hci_sock_sendmsg+0x46d/0x25e0
[  469.219416][T16359]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  469.219434][T16359]  sock_write_iter+0x4fc/0x5b0
[  469.219449][T16359]  ? __pfx_sock_write_iter+0x10/0x10
[  469.219480][T16359]  ? bpf_lsm_file_permission+0x9/0x10
[  469.219494][T16359]  ? security_file_permission+0x71/0x210
[  469.219510][T16359]  ? rw_verify_area+0xcf/0x680
[  469.219525][T16359]  vfs_write+0x5ba/0x1180
[  469.219540][T16359]  ? __pfx_sock_write_iter+0x10/0x10
[  469.219555][T16359]  ? __pfx_vfs_write+0x10/0x10
[  469.219568][T16359]  ? find_held_lock+0x2b/0x80
[  469.219588][T16359]  ksys_write+0x205/0x240
[  469.219603][T16359]  ? __pfx_ksys_write+0x10/0x10
[  469.219621][T16359]  do_syscall_64+0xcd/0x260
[  469.219636][T16359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.219647][T16359] RIP: 0033:0x7fc291d8e969
[  469.219656][T16359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.219666][T16359] RSP: 002b:00007fc292ba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  469.219676][T16359] RAX: ffffffffffffffda RBX: 00007fc291fb5fa0 RCX: 00007fc291d8e969
[  469.219683][T16359] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  469.219689][T16359] RBP: 00007fc292ba9090 R08: 0000000000000000 R09: 0000000000000000
[  469.219694][T16359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.219700][T16359] R13: 0000000000000000 R14: 00007fc291fb5fa0 R15: 00007ffd98445198
[  469.219713][T16359]  </TASK>
[  469.340798][T16365] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3787'.
[  469.342245][T16363] FAULT_INJECTION: forcing a failure.
[  469.342245][T16363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.347915][T16363] CPU: 3 UID: 0 PID: 16363 Comm: syz.1.3785 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  469.347931][T16363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  469.347938][T16363] Call Trace:
[  469.347942][T16363]  <TASK>
[  469.347947][T16363]  dump_stack_lvl+0x16c/0x1f0
[  469.347964][T16363]  should_fail_ex+0x512/0x640
[  469.347980][T16363]  _copy_to_user+0x32/0xd0
[  469.347995][T16363]  copy_siginfo_to_user+0x27/0xc0
[  469.348010][T16363]  x64_setup_rt_frame+0x811/0xcf0
[  469.348028][T16363]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  469.348043][T16363]  ? __pfx_do_splice+0x10/0x10
[  469.348058][T16363]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  469.348073][T16363]  arch_do_signal_or_restart+0x5e6/0x7d0
[  469.348088][T16363]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  469.348101][T16363]  ? __do_splice+0x1e1/0x360
[  469.348122][T16363]  syscall_exit_to_user_mode+0x150/0x2a0
[  469.348137][T16363]  do_syscall_64+0xda/0x260
[  469.348152][T16363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.348162][T16363] RIP: 0033:0x7f47e5b8e967
[  469.348171][T16363] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  469.348181][T16363] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  469.348190][T16363] RAX: 0000000000000113 RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  469.348197][T16363] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000005
[  469.348202][T16363] RBP: 00007f47e6936090 R08: 0000000000000007 R09: 0000000000000009
[  469.348208][T16363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  469.348214][T16363] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  469.348226][T16363]  </TASK>
[  469.406966][    C3] vkms_vblank_simulate: vblank timer overrun
[  469.446027][T16365] veth15: entered promiscuous mode
[  469.457450][T16370] fuse: Bad value for 'user_id'
[  469.459038][T16370] fuse: Bad value for 'user_id'
[  469.789441][T16380] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  470.457528][T16387] FAULT_INJECTION: forcing a failure.
[  470.457528][T16387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  470.462798][T16387] CPU: 0 UID: 0 PID: 16387 Comm: syz.1.3794 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  470.462813][T16387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  470.462819][T16387] Call Trace:
[  470.462823][T16387]  <TASK>
[  470.462827][T16387]  dump_stack_lvl+0x16c/0x1f0
[  470.462845][T16387]  should_fail_ex+0x512/0x640
[  470.462861][T16387]  _copy_to_user+0x32/0xd0
[  470.462877][T16387]  simple_read_from_buffer+0xcb/0x170
[  470.462893][T16387]  proc_fail_nth_read+0x197/0x270
[  470.462909][T16387]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  470.462924][T16387]  ? rw_verify_area+0xcf/0x680
[  470.462937][T16387]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  470.462952][T16387]  vfs_read+0x1de/0xc70
[  470.462968][T16387]  ? __pfx___mutex_lock+0x10/0x10
[  470.462982][T16387]  ? __pfx_vfs_read+0x10/0x10
[  470.462999][T16387]  ? __fget_files+0x20e/0x3c0
[  470.463019][T16387]  ksys_read+0x12a/0x240
[  470.463033][T16387]  ? __pfx_ksys_read+0x10/0x10
[  470.463051][T16387]  do_syscall_64+0xcd/0x260
[  470.463067][T16387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.463078][T16387] RIP: 0033:0x7f47e5b8d37c
[  470.463086][T16387] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  470.463096][T16387] RSP: 002b:00007f47e6936030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  470.463106][T16387] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8d37c
[  470.463112][T16387] RDX: 000000000000000f RSI: 00007f47e69360a0 RDI: 0000000000000004
[  470.463118][T16387] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  470.463124][T16387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  470.463129][T16387] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  470.463142][T16387]  </TASK>
[  470.638209][T16383] netlink: 3696 bytes leftover after parsing attributes in process `syz.0.3793'.
[  470.642175][T16383] netlink: 3696 bytes leftover after parsing attributes in process `syz.0.3793'.
[  470.648780][T16278] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  470.654047][T16278] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  470.659914][T16278] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  470.669560][T16278] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  470.676348][T16400] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3798'.
[  470.699497][T16400] veth17: entered promiscuous mode
[  470.730659][T16409] FAULT_INJECTION: forcing a failure.
[  470.730659][T16409] name failslab, interval 1, probability 0, space 0, times 0
[  470.734704][T16409] CPU: 3 UID: 0 PID: 16409 Comm: syz.1.3802 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  470.734722][T16409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  470.734729][T16409] Call Trace:
[  470.734734][T16409]  <TASK>
[  470.734738][T16409]  dump_stack_lvl+0x16c/0x1f0
[  470.734755][T16409]  should_fail_ex+0x512/0x640
[  470.734769][T16409]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  470.734787][T16409]  should_failslab+0xc2/0x120
[  470.734797][T16409]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  470.734813][T16409]  ? __alloc_skb+0x2b2/0x380
[  470.734826][T16409]  __alloc_skb+0x2b2/0x380
[  470.734835][T16409]  ? __pfx___alloc_skb+0x10/0x10
[  470.734846][T16409]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  470.734861][T16409]  netlink_alloc_large_skb+0x69/0x130
[  470.734874][T16409]  netlink_sendmsg+0x6a1/0xdd0
[  470.734888][T16409]  ? __pfx_netlink_sendmsg+0x10/0x10
[  470.734904][T16409]  ____sys_sendmsg+0xa95/0xc70
[  470.734918][T16409]  ? copy_msghdr_from_user+0x10a/0x160
[  470.734929][T16409]  ? __pfx_____sys_sendmsg+0x10/0x10
[  470.734948][T16409]  ___sys_sendmsg+0x134/0x1d0
[  470.734958][T16409]  ? __pfx____sys_sendmsg+0x10/0x10
[  470.734983][T16409]  __sys_sendmsg+0x16d/0x220
[  470.734994][T16409]  ? __pfx___sys_sendmsg+0x10/0x10
[  470.735012][T16409]  do_syscall_64+0xcd/0x260
[  470.735027][T16409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.735037][T16409] RIP: 0033:0x7f47e5b8e969
[  470.735046][T16409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  470.735056][T16409] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  470.735066][T16409] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  470.735072][T16409] RDX: 0000000000000050 RSI: 0000200000001940 RDI: 0000000000000003
[  470.735078][T16409] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  470.735083][T16409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  470.735089][T16409] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  470.735101][T16409]  </TASK>
[  470.819173][T16412] xt_nat: multiple ranges no longer supported
[  470.823245][   T64] hsr_slave_0: left promiscuous mode
[  470.825534][   T64] hsr_slave_1: left promiscuous mode
[  470.828069][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  470.831062][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  470.834881][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  470.837251][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  470.858832][   T64] veth1_macvtap: left promiscuous mode
[  470.860624][   T64] veth0_macvtap: left promiscuous mode
[  470.862493][   T64] veth1_vlan: left promiscuous mode
[  470.864193][   T64] veth0_vlan: left promiscuous mode
[  470.906142][T16424] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3808'.
[  471.121524][ T5289] Bluetooth: hci2: command tx timeout
[  473.191468][ T5289] Bluetooth: hci2: command tx timeout
[  477.597328][   T64] team0 (unregistering): Port device team_slave_1 removed
[  477.671590][ T5942] Bluetooth: hci3: command 0x0406 tx timeout
[  478.425159][   T64] team0 (unregistering): Port device team_slave_0 removed
[  484.483233][T16440] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  484.489473][T16440] FAULT_INJECTION: forcing a failure.
[  484.489473][T16440] name failslab, interval 1, probability 0, space 0, times 0
[  484.490859][T16278] 8021q: adding VLAN 0 to HW filter on device bond0
[  484.494833][T16440] CPU: 1 UID: 0 PID: 16440 Comm: syz.1.3812 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  484.494858][T16440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  484.494870][T16440] Call Trace:
[  484.494877][T16440]  <TASK>
[  484.494884][T16440]  dump_stack_lvl+0x16c/0x1f0
[  484.494911][T16440]  should_fail_ex+0x512/0x640
[  484.494934][T16440]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  484.494965][T16440]  should_failslab+0xc2/0x120
[  484.494983][T16440]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  484.495009][T16440]  ? selinux_file_open+0x313/0x420
[  484.495032][T16440]  ? __d_alloc+0x31/0xaa0
[  484.495053][T16440]  __d_alloc+0x31/0xaa0
[  484.495074][T16440]  d_alloc_cursor+0x3e/0xe0
[  484.495112][T16440]  dcache_dir_open+0x3b/0x90
[  484.495136][T16440]  do_dentry_open+0x741/0x1c10
[  484.495161][T16440]  ? __pfx_dcache_dir_open+0x10/0x10
[  484.495187][T16440]  vfs_open+0x82/0x3f0
[  484.495207][T16440]  dentry_open+0x71/0xd0
[  484.495225][T16440]  ovl_path_open+0x198/0x1f0
[  484.495248][T16440]  ovl_dir_read_merged+0x357/0x5d0
[  484.495270][T16440]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[  484.495300][T16440]  ? __pfx_ovl_fill_merge+0x10/0x10
[  484.495330][T16440]  ? kasan_save_track+0x14/0x30
[  484.495357][T16440]  ovl_iterate+0x86c/0xe40
[  484.495379][T16440]  ? __pfx_down_read_killable+0x10/0x10
[  484.495407][T16440]  ? __pfx_ovl_iterate+0x10/0x10
[  484.495426][T16440]  wrap_directory_iterator+0x9f/0xe0
[  484.495453][T16440]  iterate_dir+0x293/0xb40
[  484.495479][T16440]  __x64_sys_getdents+0x14d/0x2c0
[  484.495503][T16440]  ? __pfx___x64_sys_getdents+0x10/0x10
[  484.495525][T16440]  ? fput+0x70/0xf0
[  484.495543][T16440]  ? __pfx_filldir+0x10/0x10
[  484.495564][T16440]  ? rcu_is_watching+0x12/0xc0
[  484.495591][T16440]  do_syscall_64+0xcd/0x260
[  484.495617][T16440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.495634][T16440] RIP: 0033:0x7f47e5b8e969
[  484.495650][T16440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.495667][T16440] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  484.495683][T16440] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  484.495694][T16440] RDX: 0000000000000036 RSI: 00002000000008c0 RDI: 0000000000000003
[  484.495705][T16440] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  484.495716][T16440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  484.495727][T16440] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  484.495751][T16440]  </TASK>
[  484.596794][T16278] 8021q: adding VLAN 0 to HW filter on device team0
[  484.609183][T13808] bridge0: port 1(bridge_slave_0) entered blocking state
[  484.612320][T13808] bridge0: port 1(bridge_slave_0) entered forwarding state
[  484.625031][T13808] bridge0: port 2(bridge_slave_1) entered blocking state
[  484.627345][T13808] bridge0: port 2(bridge_slave_1) entered forwarding state
[  484.665618][T16446] FAULT_INJECTION: forcing a failure.
[  484.665618][T16446] name failslab, interval 1, probability 0, space 0, times 0
[  484.672797][T16446] CPU: 2 UID: 0 PID: 16446 Comm: syz.1.3815 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  484.672814][T16446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  484.672820][T16446] Call Trace:
[  484.672824][T16446]  <TASK>
[  484.672828][T16446]  dump_stack_lvl+0x16c/0x1f0
[  484.672847][T16446]  should_fail_ex+0x512/0x640
[  484.672861][T16446]  ? trace_contention_end+0xdd/0x130
[  484.672878][T16446]  should_failslab+0xc2/0x120
[  484.672889][T16446]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  484.672905][T16446]  ? hci_sock_sendmsg+0xde2/0x25e0
[  484.672921][T16446]  ? __alloc_skb+0x2b2/0x380
[  484.672932][T16446]  ? __pfx___mutex_lock+0x10/0x10
[  484.672947][T16446]  __alloc_skb+0x2b2/0x380
[  484.672957][T16446]  ? __pfx___alloc_skb+0x10/0x10
[  484.672971][T16446]  hci_sock_sendmsg+0x1a58/0x25e0
[  484.672989][T16446]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  484.673008][T16446]  sock_write_iter+0x4fc/0x5b0
[  484.673022][T16446]  ? __pfx_sock_write_iter+0x10/0x10
[  484.673040][T16446]  ? bpf_lsm_file_permission+0x9/0x10
[  484.673053][T16446]  ? security_file_permission+0x71/0x210
[  484.673069][T16446]  ? rw_verify_area+0xcf/0x680
[  484.673084][T16446]  vfs_write+0x5ba/0x1180
[  484.673099][T16446]  ? __pfx_sock_write_iter+0x10/0x10
[  484.673114][T16446]  ? __pfx_vfs_write+0x10/0x10
[  484.673127][T16446]  ? find_held_lock+0x2b/0x80
[  484.673147][T16446]  ksys_write+0x205/0x240
[  484.673161][T16446]  ? __pfx_ksys_write+0x10/0x10
[  484.673174][T16446]  ? rcu_is_watching+0x12/0xc0
[  484.673190][T16446]  do_syscall_64+0xcd/0x260
[  484.673205][T16446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.673215][T16446] RIP: 0033:0x7f47e5b8e969
[  484.673224][T16446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.673234][T16446] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  484.673244][T16446] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  484.673250][T16446] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  484.673256][T16446] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  484.673261][T16446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  484.673267][T16446] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  484.673279][T16446]  </TASK>
[  484.693021][T16451] overlayfs: failed to resolve './file0': -2
[  484.726266][T16455] geneve2: entered allmulticast mode
[  484.847923][T16278] 8021q: adding VLAN 0 to HW filter on device batadv0
[  484.874372][T16462] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3820'.
[  485.026875][T16479] fuse: Unknown parameter 'user_id00000000000000000000'
[  485.101171][T16278] veth0_vlan: entered promiscuous mode
[  485.115290][T16278] veth1_vlan: entered promiscuous mode
[  485.126270][T16484] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  485.129972][T16484] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  485.134890][T16484] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  485.138600][T16484] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  485.143010][T16484] geneve2: entered promiscuous mode
[  485.145229][T16484] geneve2: entered allmulticast mode
[  485.167407][T16278] veth0_macvtap: entered promiscuous mode
[  485.176116][T16278] veth1_macvtap: entered promiscuous mode
[  485.185001][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.188253][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.191237][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.196036][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.199749][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.204154][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.208185][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.213576][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.219494][T16278] batman_adv: batadv0: Interface activated: batadv_slave_0
[  485.231683][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.235524][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.238566][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.242560][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.245599][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.248978][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.251972][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  485.255192][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.260329][T16278] batman_adv: batadv0: Interface activated: batadv_slave_1
[  485.267237][T16278] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  485.270800][T16278] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  485.274913][T16278] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  485.278525][T16278] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  485.321880][T13862] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  485.324463][T13862] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  485.340213][T13862] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  485.343662][T13862] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  485.471583][   T65] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  485.505924][T16497] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=16497 comm=syz.0.3829
[  485.519330][T16499] overlayfs: failed to resolve './file1': -2
[  485.560323][T16497] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967291 (274877906624 ns) > initial count (30400 ns). Using initial count to start timer.
[  485.574607][T16502] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3831'.
[  485.622365][   T65] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  485.626851][   T65] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  485.630439][   T65] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  485.634907][   T65] usb 6-1: config 0 interface 0 has no altsetting 0
[  485.638812][   T65] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  485.642439][   T65] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  485.646867][   T65] usb 6-1: config 0 interface 0 has no altsetting 0
[  485.650822][   T65] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  485.654693][   T65] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  485.659020][   T65] usb 6-1: config 0 interface 0 has no altsetting 0
[  485.663826][   T65] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  485.667419][   T65] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  485.672005][   T65] usb 6-1: config 0 interface 0 has no altsetting 0
[  485.676057][   T65] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  485.679645][   T65] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  485.684061][   T65] usb 6-1: config 0 interface 0 has no altsetting 0
[  485.687827][   T65] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  485.691606][   T65] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  485.695940][   T65] usb 6-1: config 0 interface 0 has no altsetting 0
[  485.699494][   T65] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  485.703271][   T65] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  485.707618][   T65] usb 6-1: config 0 interface 0 has no altsetting 0
[  485.711117][   T65] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  485.715140][   T65] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  485.719627][   T65] usb 6-1: config 0 interface 0 has no altsetting 0
[  485.723702][   T65] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  485.726459][   T65] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  485.728241][T16508] fuse: Unknown parameter 'user_id00000000000000000000'
[  485.729027][   T65] usb 6-1: Product: syz
[  485.729036][   T65] usb 6-1: Manufacturer: syz
[  485.734803][   T65] usb 6-1: SerialNumber: syz
[  485.737561][   T65] usb 6-1: config 0 descriptor??
[  485.741652][   T65] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  485.943602][ T5967] usb 6-1: USB disconnect, device number 38
[  485.946705][ T5967] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  486.084272][T16529] fuse: Unknown parameter 'user_id00000000000000000000'
[  486.229716][T16538] overlayfs: missing 'workdir'
[  486.396921][T16547] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  486.435204][T16551] FAULT_INJECTION: forcing a failure.
[  486.435204][T16551] name failslab, interval 1, probability 0, space 0, times 0
[  486.435567][T16553] fuse: Bad value for 'fd'
[  486.439330][T16551] CPU: 0 UID: 0 PID: 16551 Comm: syz.4.3853 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  486.439346][T16551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.439352][T16551] Call Trace:
[  486.439364][T16551]  <TASK>
[  486.439369][T16551]  dump_stack_lvl+0x16c/0x1f0
[  486.439396][T16551]  should_fail_ex+0x512/0x640
[  486.439413][T16551]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  486.439430][T16551]  should_failslab+0xc2/0x120
[  486.439441][T16551]  __kmalloc_cache_noprof+0x6a/0x3e0
[  486.439455][T16551]  ? xprt_switch_alloc+0x91/0x3c0
[  486.439471][T16551]  xprt_switch_alloc+0x91/0x3c0
[  486.439483][T16551]  rpc_create_xprt+0x2dc/0x440
[  486.439498][T16551]  rpc_create+0x469/0x7f0
[  486.439512][T16551]  ? __pfx_rpc_create+0x10/0x10
[  486.439528][T16551]  ? __lock_acquire+0xaa4/0x1ba0
[  486.439555][T16551]  ? __pfx___might_resched+0x10/0x10
[  486.439572][T16551]  rpcb_create_af_local+0x11b/0x310
[  486.439583][T16551]  ? __pfx_rpcb_create_af_local+0x10/0x10
[  486.439604][T16551]  ? find_held_lock+0x2b/0x80
[  486.439616][T16551]  ? rpcb_create_local+0x1da/0x270
[  486.439629][T16551]  rpcb_create_local+0x1ee/0x270
[  486.439639][T16551]  svc_bind+0x1e8/0x260
[  486.439652][T16551]  nfsd_create_serv+0x2d2/0x480
[  486.439669][T16551]  ? __pfx_nfsd_create_serv+0x10/0x10
[  486.439688][T16551]  nfsd_nl_listener_set_doit+0xe5/0x1a40
[  486.439704][T16551]  ? rcu_is_watching+0x12/0xc0
[  486.439716][T16551]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  486.439728][T16551]  ? __nla_parse+0x40/0x60
[  486.439745][T16551]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  486.439761][T16551]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  486.439778][T16551]  genl_family_rcv_msg_doit+0x206/0x2f0
[  486.439794][T16551]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  486.439813][T16551]  ? bpf_lsm_capable+0x9/0x10
[  486.439821][T16551]  ? security_capable+0x7e/0x260
[  486.439836][T16551]  genl_rcv_msg+0x55c/0x800
[  486.439852][T16551]  ? __pfx_genl_rcv_msg+0x10/0x10
[  486.439866][T16551]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  486.439878][T16551]  ? __lock_acquire+0xaa4/0x1ba0
[  486.439896][T16551]  netlink_rcv_skb+0x16a/0x440
[  486.439908][T16551]  ? __pfx_genl_rcv_msg+0x10/0x10
[  486.439922][T16551]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  486.439941][T16551]  ? __pfx_down_read+0x10/0x10
[  486.439957][T16551]  ? netlink_deliver_tap+0x1ae/0xd30
[  486.439970][T16551]  genl_rcv+0x28/0x40
[  486.439982][T16551]  netlink_unicast+0x53a/0x7f0
[  486.439996][T16551]  ? __pfx_netlink_unicast+0x10/0x10
[  486.440012][T16551]  netlink_sendmsg+0x8d1/0xdd0
[  486.440027][T16551]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.440044][T16551]  ____sys_sendmsg+0xa95/0xc70
[  486.440058][T16551]  ? copy_msghdr_from_user+0x10a/0x160
[  486.440069][T16551]  ? __pfx_____sys_sendmsg+0x10/0x10
[  486.440089][T16551]  ___sys_sendmsg+0x134/0x1d0
[  486.440100][T16551]  ? __pfx____sys_sendmsg+0x10/0x10
[  486.440127][T16551]  __sys_sendmsg+0x16d/0x220
[  486.440138][T16551]  ? __pfx___sys_sendmsg+0x10/0x10
[  486.440158][T16551]  do_syscall_64+0xcd/0x260
[  486.440173][T16551]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.440183][T16551] RIP: 0033:0x7fea90d8e969
[  486.440193][T16551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.440202][T16551] RSP: 002b:00007fea91b17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  486.440212][T16551] RAX: ffffffffffffffda RBX: 00007fea90fb5fa0 RCX: 00007fea90d8e969
[  486.440219][T16551] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000004
[  486.440225][T16551] RBP: 00007fea91b17090 R08: 0000000000000000 R09: 0000000000000000
[  486.440231][T16551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  486.440236][T16551] R13: 0000000000000000 R14: 00007fea90fb5fa0 R15: 00007ffc88038508
[  486.440249][T16551]  </TASK>
[  486.677001][   T40] audit: type=1400 audit(1746966165.161:1470): avc:  denied  { append } for  pid=16565 comm="syz.4.3857" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  486.865654][T16583] FAULT_INJECTION: forcing a failure.
[  486.865654][T16583] name failslab, interval 1, probability 0, space 0, times 0
[  486.869830][T16583] CPU: 3 UID: 0 PID: 16583 Comm: syz.0.3863 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  486.869845][T16583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.869852][T16583] Call Trace:
[  486.869857][T16583]  <TASK>
[  486.869862][T16583]  dump_stack_lvl+0x16c/0x1f0
[  486.869879][T16583]  should_fail_ex+0x512/0x640
[  486.869892][T16583]  ? __kmalloc_noprof+0xbf/0x510
[  486.869910][T16583]  ? constrain_params_by_rules+0x175/0xca0
[  486.869924][T16583]  should_failslab+0xc2/0x120
[  486.869934][T16583]  __kmalloc_noprof+0xd2/0x510
[  486.869949][T16583]  ? unwind_get_return_address+0x59/0xa0
[  486.869965][T16583]  constrain_params_by_rules+0x175/0xca0
[  486.869984][T16583]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  486.869997][T16583]  ? __lock_acquire+0xaa4/0x1ba0
[  486.870015][T16583]  ? __mutex_trylock_common+0xe9/0x250
[  486.870034][T16583]  ? rcu_is_watching+0x12/0xc0
[  486.870046][T16583]  ? trace_contention_end+0xdd/0x130
[  486.870061][T16583]  ? snd_interval_refine+0x2fa/0x580
[  486.870072][T16583]  snd_pcm_hw_refine+0x7de/0xad0
[  486.870088][T16583]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  486.870104][T16583]  ? do_raw_spin_lock+0x12c/0x2b0
[  486.870117][T16583]  ? mark_held_locks+0x49/0x80
[  486.870133][T16583]  snd_pcm_hw_params+0x3e4/0x1b40
[  486.870148][T16583]  ? snd_pcm_hw_param_first+0x30d/0x6f0
[  486.870161][T16583]  ? snd_pcm_hw_param_near.constprop.0+0x72f/0x8e0
[  486.870176][T16583]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  486.870192][T16583]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  486.870208][T16583]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  486.870222][T16583]  ? __asan_memset+0x23/0x50
[  486.870237][T16583]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  486.870253][T16583]  snd_pcm_oss_change_params_locked+0x1432/0x3b40
[  486.870278][T16583]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  486.870293][T16583]  ? snd_pcm_oss_write+0x4a2/0xa10
[  486.870311][T16583]  ? find_held_lock+0x2b/0x80
[  486.870326][T16583]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  486.870340][T16583]  snd_pcm_oss_write+0x4c3/0xa10
[  486.870355][T16583]  ? bpf_lsm_file_permission+0x9/0x10
[  486.870369][T16583]  ? security_file_permission+0x71/0x210
[  486.870390][T16583]  vfs_write+0x25c/0x1180
[  486.870404][T16583]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  486.870420][T16583]  ? __pfx_vfs_write+0x10/0x10
[  486.870433][T16583]  ? find_held_lock+0x2b/0x80
[  486.870445][T16583]  ? __fget_files+0x204/0x3c0
[  486.870463][T16583]  ? __fget_files+0x20e/0x3c0
[  486.870481][T16583]  ksys_write+0x12a/0x240
[  486.870496][T16583]  ? __pfx_ksys_write+0x10/0x10
[  486.870514][T16583]  do_syscall_64+0xcd/0x260
[  486.870529][T16583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.870539][T16583] RIP: 0033:0x7fc291d8e969
[  486.870548][T16583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.870558][T16583] RSP: 002b:00007fc292b88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  486.870568][T16583] RAX: ffffffffffffffda RBX: 00007fc291fb6080 RCX: 00007fc291d8e969
[  486.870574][T16583] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  486.870580][T16583] RBP: 00007fc292b88090 R08: 0000000000000000 R09: 0000000000000000
[  486.870586][T16583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  486.870591][T16583] R13: 0000000000000000 R14: 00007fc291fb6080 R15: 00007ffd98445198
[  486.870604][T16583]  </TASK>
[  487.093504][   T40] audit: type=1400 audit(1746966165.581:1471): avc:  denied  { remount } for  pid=16584 comm="syz.3.3865" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  487.310234][T16590] FAULT_INJECTION: forcing a failure.
[  487.310234][T16590] name failslab, interval 1, probability 0, space 0, times 0
[  487.314983][T16590] CPU: 2 UID: 0 PID: 16590 Comm: syz.3.3867 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  487.314999][T16590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  487.315006][T16590] Call Trace:
[  487.315023][T16590]  <TASK>
[  487.315027][T16590]  dump_stack_lvl+0x16c/0x1f0
[  487.315045][T16590]  should_fail_ex+0x512/0x640
[  487.315061][T16590]  should_failslab+0xc2/0x120
[  487.315088][T16590]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  487.315107][T16590]  ? skb_clone+0x190/0x3f0
[  487.315120][T16590]  skb_clone+0x190/0x3f0
[  487.315132][T16590]  netlink_deliver_tap+0xabd/0xd30
[  487.315147][T16590]  netlink_dump+0x638/0xd00
[  487.315160][T16590]  ? __pfx_netlink_dump+0x10/0x10
[  487.315178][T16590]  ? rcu_is_watching+0x12/0xc0
[  487.315191][T16590]  ? trace_contention_end+0xdd/0x130
[  487.315209][T16590]  __netlink_dump_start+0x6d6/0x990
[  487.315222][T16590]  ip_set_dump+0x17f/0x210
[  487.315236][T16590]  ? __pfx_ip_set_dump+0x10/0x10
[  487.315249][T16590]  ? __pfx_ip_set_dump_start+0x10/0x10
[  487.315262][T16590]  ? __pfx_ip_set_dump_do+0x10/0x10
[  487.315277][T16590]  ? __pfx_ip_set_dump_done+0x10/0x10
[  487.315295][T16590]  nfnetlink_rcv_msg+0x9f9/0x1200
[  487.315325][T16590]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  487.315339][T16590]  ? kmem_cache_free+0x2d4/0x4d0
[  487.315372][T16590]  ? avc_has_perm_noaudit+0x117/0x3b0
[  487.315388][T16590]  netlink_rcv_skb+0x16a/0x440
[  487.315400][T16590]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  487.315414][T16590]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  487.315433][T16590]  ? bpf_lsm_capable+0x9/0x10
[  487.315441][T16590]  ? security_capable+0x7e/0x260
[  487.315454][T16590]  ? ns_capable+0xd7/0x110
[  487.315467][T16590]  nfnetlink_rcv+0x1b3/0x430
[  487.315480][T16590]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  487.315493][T16590]  ? netlink_deliver_tap+0x1ae/0xd30
[  487.315507][T16590]  netlink_unicast+0x53a/0x7f0
[  487.315520][T16590]  ? __pfx_netlink_unicast+0x10/0x10
[  487.315536][T16590]  netlink_sendmsg+0x8d1/0xdd0
[  487.315550][T16590]  ? __pfx_netlink_sendmsg+0x10/0x10
[  487.315567][T16590]  ____sys_sendmsg+0xa95/0xc70
[  487.315581][T16590]  ? copy_msghdr_from_user+0x10a/0x160
[  487.315592][T16590]  ? __pfx_____sys_sendmsg+0x10/0x10
[  487.315611][T16590]  ___sys_sendmsg+0x134/0x1d0
[  487.315622][T16590]  ? __pfx____sys_sendmsg+0x10/0x10
[  487.315650][T16590]  __sys_sendmsg+0x16d/0x220
[  487.315660][T16590]  ? __pfx___sys_sendmsg+0x10/0x10
[  487.315679][T16590]  do_syscall_64+0xcd/0x260
[  487.315694][T16590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.315705][T16590] RIP: 0033:0x7fc5ddf8e969
[  487.315714][T16590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.315724][T16590] RSP: 002b:00007fc5ded1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  487.315734][T16590] RAX: ffffffffffffffda RBX: 00007fc5de1b5fa0 RCX: 00007fc5ddf8e969
[  487.315741][T16590] RDX: 0000000000000050 RSI: 0000200000001940 RDI: 0000000000000003
[  487.315747][T16590] RBP: 00007fc5ded1f090 R08: 0000000000000000 R09: 0000000000000000
[  487.315752][T16590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  487.315758][T16590] R13: 0000000000000000 R14: 00007fc5de1b5fa0 R15: 00007ffe8737c518
[  487.315771][T16590]  </TASK>
[  487.717260][   T40] audit: type=1400 audit(1746966166.201:1472): avc:  denied  { setattr } for  pid=16598 comm="syz.1.3871" name="seq" dev="devtmpfs" ino=1304 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  487.883651][T16613] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3876'.
[  487.894990][T16615] FAULT_INJECTION: forcing a failure.
[  487.894990][T16615] name failslab, interval 1, probability 0, space 0, times 0
[  487.900230][T16615] CPU: 0 UID: 0 PID: 16615 Comm: syz.0.3877 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  487.900246][T16615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  487.900252][T16615] Call Trace:
[  487.900257][T16615]  <TASK>
[  487.900261][T16615]  dump_stack_lvl+0x16c/0x1f0
[  487.900279][T16615]  should_fail_ex+0x512/0x640
[  487.900294][T16615]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  487.900312][T16615]  should_failslab+0xc2/0x120
[  487.900324][T16615]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  487.900345][T16615]  ? __alloc_skb+0x2b2/0x380
[  487.900358][T16615]  __alloc_skb+0x2b2/0x380
[  487.900368][T16615]  ? __pfx___alloc_skb+0x10/0x10
[  487.900383][T16615]  mgmt_cmd_complete+0x4f/0x550
[  487.900401][T16615]  get_conn_info+0x3d1/0x930
[  487.900416][T16615]  ? find_held_lock+0x2b/0x80
[  487.900429][T16615]  ? __pfx_get_conn_info+0x10/0x10
[  487.900443][T16615]  ? hci_dev_get+0xf0/0x1e0
[  487.900453][T16615]  ? do_raw_read_unlock+0x44/0xe0
[  487.900464][T16615]  ? _raw_read_unlock+0x28/0x50
[  487.900477][T16615]  ? __pfx_mgmt_init_hdev+0x10/0x10
[  487.900488][T16615]  hci_sock_sendmsg+0x151f/0x25e0
[  487.900506][T16615]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  487.900526][T16615]  sock_write_iter+0x4fc/0x5b0
[  487.900540][T16615]  ? __pfx_sock_write_iter+0x10/0x10
[  487.900558][T16615]  ? bpf_lsm_file_permission+0x9/0x10
[  487.900572][T16615]  ? security_file_permission+0x71/0x210
[  487.900590][T16615]  ? rw_verify_area+0xcf/0x680
[  487.900604][T16615]  vfs_write+0x5ba/0x1180
[  487.900619][T16615]  ? __pfx_sock_write_iter+0x10/0x10
[  487.900634][T16615]  ? __pfx_vfs_write+0x10/0x10
[  487.900647][T16615]  ? find_held_lock+0x2b/0x80
[  487.900667][T16615]  ksys_write+0x205/0x240
[  487.900682][T16615]  ? __pfx_ksys_write+0x10/0x10
[  487.900700][T16615]  do_syscall_64+0xcd/0x260
[  487.900715][T16615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.900726][T16615] RIP: 0033:0x7fc291d8e969
[  487.900735][T16615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.900745][T16615] RSP: 002b:00007fc292ba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  487.900755][T16615] RAX: ffffffffffffffda RBX: 00007fc291fb5fa0 RCX: 00007fc291d8e969
[  487.900762][T16615] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  487.900767][T16615] RBP: 00007fc292ba9090 R08: 0000000000000000 R09: 0000000000000000
[  487.900773][T16615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  487.900792][T16615] R13: 0000000000000000 R14: 00007fc291fb5fa0 R15: 00007ffd98445198
[  487.900808][T16615]  </TASK>
[  488.219592][T16633] fuse: Unknown parameter '0x0000000000000003'
[  488.230753][T16635] all: renamed from ip_vti0 (while UP)
[  488.252540][T16637] FAULT_INJECTION: forcing a failure.
[  488.252540][T16637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  488.256655][T16637] CPU: 2 UID: 0 PID: 16637 Comm: syz.0.3887 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  488.256670][T16637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  488.256677][T16637] Call Trace:
[  488.256681][T16637]  <TASK>
[  488.256685][T16637]  dump_stack_lvl+0x16c/0x1f0
[  488.256703][T16637]  should_fail_ex+0x512/0x640
[  488.256719][T16637]  _copy_to_user+0x32/0xd0
[  488.256734][T16637]  simple_read_from_buffer+0xcb/0x170
[  488.256752][T16637]  proc_fail_nth_read+0x197/0x270
[  488.256767][T16637]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  488.256783][T16637]  ? rw_verify_area+0xcf/0x680
[  488.256796][T16637]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  488.256810][T16637]  vfs_read+0x1de/0xc70
[  488.256826][T16637]  ? __pfx___mutex_lock+0x10/0x10
[  488.256841][T16637]  ? __pfx_vfs_read+0x10/0x10
[  488.256859][T16637]  ? __fget_files+0x20e/0x3c0
[  488.256878][T16637]  ksys_read+0x12a/0x240
[  488.256892][T16637]  ? __pfx_ksys_read+0x10/0x10
[  488.256910][T16637]  do_syscall_64+0xcd/0x260
[  488.256925][T16637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.256935][T16637] RIP: 0033:0x7fc291d8d37c
[  488.256944][T16637] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  488.256954][T16637] RSP: 002b:00007fc292ba9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  488.256963][T16637] RAX: ffffffffffffffda RBX: 00007fc291fb5fa0 RCX: 00007fc291d8d37c
[  488.256969][T16637] RDX: 000000000000000f RSI: 00007fc292ba90a0 RDI: 0000000000000004
[  488.256975][T16637] RBP: 00007fc292ba9090 R08: 0000000000000000 R09: 0000000000000000
[  488.256981][T16637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  488.256986][T16637] R13: 0000000000000000 R14: 00007fc291fb5fa0 R15: 00007ffd98445198
[  488.256998][T16637]  </TASK>
[  488.333371][ T5289] Bluetooth: Frame is too long (len 18, expected len 4)
[  488.347922][T16643] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3889'.
[  488.511567][   T57] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  488.586544][T16657] nbd: must specify an index to disconnect
[  488.671451][   T57] usb 9-1: Using ep0 maxpacket: 16
[  488.674109][   T57] usb 9-1: too many configurations: 123, using maximum allowed: 8
[  488.677497][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.682683][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.689357][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.699700][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.704946][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.709613][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.714876][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.718770][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  488.724111][   T57] usb 9-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  488.727397][   T57] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  488.730639][   T57] usb 9-1: SerialNumber: syz
[  488.738864][   T57] usb 9-1: config 0 descriptor??
[  488.743748][   T57] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input45
[  489.002088][   T65] usb 9-1: USB disconnect, device number 2
[  489.002432][ T5334] bcm5974 9-1:0.0: could not read from device
[  489.532163][T16676] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  489.557823][T16678] 9pnet_fd: p9_fd_create_unix (16678): problem connecting socket: ./file2: -2
[  489.585418][T16682] fuse: Unknown parameter '0x0000000000000003'
[  489.612753][   T40] audit: type=1400 audit(1746966168.101:1473): avc:  denied  { bind } for  pid=16685 comm="syz.4.3907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  489.896122][T16697] netdevsim netdevsim4: Firmware load for './cgroup/../file0' refused, path contains '..' component
[  490.107939][T16714] fuse: Unknown parameter '0x0000000000000003'
[  490.136181][T16716] binder: 16715:16716 ioctl c0306201 2000000003c0 returned -14
[  490.138050][T16718] netlink: 112 bytes leftover after parsing attributes in process `syz.4.3919'.
[  490.214494][T16721] FAULT_INJECTION: forcing a failure.
[  490.214494][T16721] name failslab, interval 1, probability 0, space 0, times 0
[  490.218531][T16721] CPU: 3 UID: 0 PID: 16721 Comm: syz.1.3920 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  490.218546][T16721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  490.218552][T16721] Call Trace:
[  490.218556][T16721]  <TASK>
[  490.218561][T16721]  dump_stack_lvl+0x16c/0x1f0
[  490.218578][T16721]  should_fail_ex+0x512/0x640
[  490.218594][T16721]  should_failslab+0xc2/0x120
[  490.218606][T16721]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  490.218623][T16721]  ? __alloc_skb+0x2b2/0x380
[  490.218636][T16721]  __alloc_skb+0x2b2/0x380
[  490.218645][T16721]  ? __pfx___alloc_skb+0x10/0x10
[  490.218655][T16721]  ? __alloc_skb+0x200/0x380
[  490.218664][T16721]  ? __pfx___alloc_skb+0x10/0x10
[  490.218676][T16721]  create_monitor_ctrl_event+0x3b/0x450
[  490.218694][T16721]  mgmt_cmd_complete+0x2de/0x550
[  490.218711][T16721]  get_conn_info+0x3d1/0x930
[  490.218726][T16721]  ? find_held_lock+0x2b/0x80
[  490.218738][T16721]  ? __pfx_get_conn_info+0x10/0x10
[  490.218752][T16721]  ? hci_dev_get+0xf0/0x1e0
[  490.218763][T16721]  ? do_raw_read_unlock+0x44/0xe0
[  490.218774][T16721]  ? _raw_read_unlock+0x28/0x50
[  490.218786][T16721]  ? __pfx_mgmt_init_hdev+0x10/0x10
[  490.218797][T16721]  hci_sock_sendmsg+0x151f/0x25e0
[  490.218815][T16721]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  490.218834][T16721]  sock_write_iter+0x4fc/0x5b0
[  490.218848][T16721]  ? __pfx_sock_write_iter+0x10/0x10
[  490.218866][T16721]  ? bpf_lsm_file_permission+0x9/0x10
[  490.218880][T16721]  ? security_file_permission+0x71/0x210
[  490.218896][T16721]  ? rw_verify_area+0xcf/0x680
[  490.218910][T16721]  vfs_write+0x5ba/0x1180
[  490.218925][T16721]  ? __pfx_sock_write_iter+0x10/0x10
[  490.218940][T16721]  ? __pfx_vfs_write+0x10/0x10
[  490.218953][T16721]  ? find_held_lock+0x2b/0x80
[  490.218973][T16721]  ksys_write+0x205/0x240
[  490.218987][T16721]  ? __pfx_ksys_write+0x10/0x10
[  490.219006][T16721]  do_syscall_64+0xcd/0x260
[  490.219021][T16721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.219032][T16721] RIP: 0033:0x7f47e5b8e969
[  490.219040][T16721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.219083][T16721] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  490.219098][T16721] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  490.219106][T16721] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  490.219112][T16721] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  490.219118][T16721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  490.219123][T16721] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  490.219137][T16721]  </TASK>
[  490.337644][  T835] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[  490.345001][  T835] hid-generic 0000:0000:0000.0014: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  490.431482][T15631] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  490.585186][T15631] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  490.590204][T15631] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  490.594285][T15631] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  490.599570][T15631] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  490.601192][ T1337] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  490.603363][T15631] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  490.605946][T15631] usb 9-1: config 0 descriptor??
[  490.609394][T16728] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  490.615630][T16728] FAULT_INJECTION: forcing a failure.
[  490.615630][T16728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  490.619721][T16728] CPU: 1 UID: 0 PID: 16728 Comm: syz.1.3923 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  490.619736][T16728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  490.619742][T16728] Call Trace:
[  490.619747][T16728]  <TASK>
[  490.619751][T16728]  dump_stack_lvl+0x16c/0x1f0
[  490.619769][T16728]  should_fail_ex+0x512/0x640
[  490.619784][T16728]  _copy_to_user+0x32/0xd0
[  490.619800][T16728]  simple_read_from_buffer+0xcb/0x170
[  490.619816][T16728]  proc_fail_nth_read+0x197/0x270
[  490.619832][T16728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  490.619847][T16728]  ? rw_verify_area+0xcf/0x680
[  490.619860][T16728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  490.619875][T16728]  vfs_read+0x1de/0xc70
[  490.619891][T16728]  ? __pfx___mutex_lock+0x10/0x10
[  490.619905][T16728]  ? __pfx_vfs_read+0x10/0x10
[  490.619923][T16728]  ? __fget_files+0x20e/0x3c0
[  490.619942][T16728]  ksys_read+0x12a/0x240
[  490.619956][T16728]  ? __pfx_ksys_read+0x10/0x10
[  490.619974][T16728]  do_syscall_64+0xcd/0x260
[  490.619989][T16728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.620000][T16728] RIP: 0033:0x7f47e5b8d37c
[  490.620009][T16728] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  490.620019][T16728] RSP: 002b:00007f47e6936030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  490.620029][T16728] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8d37c
[  490.620036][T16728] RDX: 000000000000000f RSI: 00007f47e69360a0 RDI: 0000000000000004
[  490.620042][T16728] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  490.620047][T16728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  490.620053][T16728] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  490.620065][T16728]  </TASK>
[  490.751566][ T1337] usb 5-1: Using ep0 maxpacket: 16
[  490.753964][ T1337] usb 5-1: too many configurations: 123, using maximum allowed: 8
[  490.755227][T16734] fuse: Unknown parameter '0x0000000000000003'
[  490.757293][ T1337] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  490.763131][ T1337] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  490.766989][ T1337] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  490.778223][ T1337] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  490.783470][ T1337] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  490.787743][ T1337] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  490.792684][ T1337] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  490.797120][ T1337] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  490.801333][ T1337] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  490.804220][ T1337] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  490.806763][ T1337] usb 5-1: SerialNumber: syz
[  490.809519][ T1337] usb 5-1: config 0 descriptor??
[  490.814661][ T1337] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input46
[  491.017561][T15631] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving
[  491.021785][T15631] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  491.026116][ T5334] bcm5974 5-1:0.0: could not read from device
[  491.074083][ T1337] usb 5-1: USB disconnect, device number 57
[  491.275582][T15631] usb 9-1: USB disconnect, device number 3
[  491.557051][T16738] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  491.688107][T16748] FAULT_INJECTION: forcing a failure.
[  491.688107][T16748] name failslab, interval 1, probability 0, space 0, times 0
[  491.692219][T16748] CPU: 2 UID: 0 PID: 16748 Comm: syz.0.3931 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  491.692234][T16748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  491.692241][T16748] Call Trace:
[  491.692244][T16748]  <TASK>
[  491.692248][T16748]  dump_stack_lvl+0x16c/0x1f0
[  491.692265][T16748]  should_fail_ex+0x512/0x640
[  491.692278][T16748]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  491.692291][T16748]  should_failslab+0xc2/0x120
[  491.692302][T16748]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  491.692312][T16748]  ? xprt_switch_alloc+0x28e/0x3c0
[  491.692324][T16748]  ? rpc_create_xprt+0x2dc/0x440
[  491.692337][T16748]  ? rpc_create+0x469/0x7f0
[  491.692349][T16748]  ? kstrdup_const+0x63/0x80
[  491.692362][T16748]  kstrdup+0x53/0x100
[  491.692373][T16748]  kstrdup_const+0x63/0x80
[  491.692383][T16748]  __kernfs_new_node+0x9b/0x8a0
[  491.692394][T16748]  ? __pfx_number+0x10/0x10
[  491.692403][T16748]  ? __pfx___kernfs_new_node+0x10/0x10
[  491.692417][T16748]  ? find_held_lock+0x2b/0x80
[  491.692429][T16748]  ? kernfs_root+0xee/0x2a0
[  491.692441][T16748]  kernfs_new_node+0x13c/0x1e0
[  491.692455][T16748]  kernfs_create_dir_ns+0x4c/0x1a0
[  491.692468][T16748]  sysfs_create_dir_ns+0x13a/0x2b0
[  491.692484][T16748]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  491.692504][T16748]  ? find_held_lock+0x2b/0x80
[  491.692518][T16748]  ? rpc_sysfs_xprt_switch_namespace+0xd/0x40
[  491.692535][T16748]  kobject_add_internal+0x2c4/0x9b0
[  491.692553][T16748]  kobject_init_and_add+0x11b/0x190
[  491.692569][T16748]  ? __pfx_kobject_init_and_add+0x10/0x10
[  491.692592][T16748]  rpc_sysfs_xprt_switch_setup+0x189/0x370
[  491.692610][T16748]  xprt_switch_alloc+0x28e/0x3c0
[  491.692623][T16748]  rpc_create_xprt+0x2dc/0x440
[  491.692636][T16748]  rpc_create+0x469/0x7f0
[  491.692650][T16748]  ? __pfx_rpc_create+0x10/0x10
[  491.692666][T16748]  ? __lock_acquire+0xaa4/0x1ba0
[  491.692693][T16748]  ? __pfx___might_resched+0x10/0x10
[  491.692710][T16748]  rpcb_create_af_local+0x11b/0x310
[  491.692721][T16748]  ? __pfx_rpcb_create_af_local+0x10/0x10
[  491.692737][T16748]  ? find_held_lock+0x2b/0x80
[  491.692749][T16748]  ? rpcb_create_local+0x1da/0x270
[  491.692761][T16748]  rpcb_create_local+0x1ee/0x270
[  491.692773][T16748]  svc_bind+0x1e8/0x260
[  491.692785][T16748]  nfsd_create_serv+0x2d2/0x480
[  491.692801][T16748]  ? __pfx_nfsd_create_serv+0x10/0x10
[  491.692820][T16748]  nfsd_nl_listener_set_doit+0xe5/0x1a40
[  491.692836][T16748]  ? rcu_is_watching+0x12/0xc0
[  491.692848][T16748]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  491.692860][T16748]  ? __nla_parse+0x40/0x60
[  491.692877][T16748]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  491.692892][T16748]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  491.692910][T16748]  genl_family_rcv_msg_doit+0x206/0x2f0
[  491.692925][T16748]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  491.692956][T16748]  ? bpf_lsm_capable+0x9/0x10
[  491.692966][T16748]  ? security_capable+0x7e/0x260
[  491.692982][T16748]  genl_rcv_msg+0x55c/0x800
[  491.692997][T16748]  ? __pfx_genl_rcv_msg+0x10/0x10
[  491.693011][T16748]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  491.693024][T16748]  ? __lock_acquire+0xaa4/0x1ba0
[  491.693042][T16748]  netlink_rcv_skb+0x16a/0x440
[  491.693053][T16748]  ? __pfx_genl_rcv_msg+0x10/0x10
[  491.693068][T16748]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  491.693087][T16748]  ? __pfx_down_read+0x10/0x10
[  491.693103][T16748]  ? netlink_deliver_tap+0x1ae/0xd30
[  491.693116][T16748]  genl_rcv+0x28/0x40
[  491.693128][T16748]  netlink_unicast+0x53a/0x7f0
[  491.693142][T16748]  ? __pfx_netlink_unicast+0x10/0x10
[  491.693158][T16748]  netlink_sendmsg+0x8d1/0xdd0
[  491.693172][T16748]  ? __pfx_netlink_sendmsg+0x10/0x10
[  491.693190][T16748]  ____sys_sendmsg+0xa95/0xc70
[  491.693204][T16748]  ? copy_msghdr_from_user+0x10a/0x160
[  491.693214][T16748]  ? __pfx_____sys_sendmsg+0x10/0x10
[  491.693234][T16748]  ___sys_sendmsg+0x134/0x1d0
[  491.693245][T16748]  ? __pfx____sys_sendmsg+0x10/0x10
[  491.693274][T16748]  __sys_sendmsg+0x16d/0x220
[  491.693284][T16748]  ? __pfx___sys_sendmsg+0x10/0x10
[  491.693299][T16748]  ? rcu_is_watching+0x12/0xc0
[  491.693314][T16748]  do_syscall_64+0xcd/0x260
[  491.693329][T16748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.693339][T16748] RIP: 0033:0x7fc291d8e969
[  491.693349][T16748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.693359][T16748] RSP: 002b:00007fc292ba9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  491.693368][T16748] RAX: ffffffffffffffda RBX: 00007fc291fb5fa0 RCX: 00007fc291d8e969
[  491.693375][T16748] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000004
[  491.693381][T16748] RBP: 00007fc292ba9090 R08: 0000000000000000 R09: 0000000000000000
[  491.693387][T16748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  491.693392][T16748] R13: 0000000000000000 R14: 00007fc291fb5fa0 R15: 00007ffd98445198
[  491.693405][T16748]  </TASK>
[  491.693423][T16748] kobject: kobject_add_internal failed for switch-0 (error: -12 parent: xprt-switches)
[  491.814825][T16757] fuse: Unknown parameter '0x0000000000000003'
[  492.014868][T16770] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3939'.
[  492.058712][T16769] lo speed is unknown, defaulting to 1000
[  492.062572][T16769] lo speed is unknown, defaulting to 1000
[  492.286712][T16779] syz.1.3942 (16779): drop_caches: 2
[  492.288629][T16779] syz.1.3942 (16779): drop_caches: 2
[  492.396189][T16785] FAULT_INJECTION: forcing a failure.
[  492.396189][T16785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  492.401873][T16785] CPU: 0 UID: 0 PID: 16785 Comm: syz.1.3945 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  492.401890][T16785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  492.401897][T16785] Call Trace:
[  492.401901][T16785]  <TASK>
[  492.401905][T16785]  dump_stack_lvl+0x16c/0x1f0
[  492.401922][T16785]  should_fail_ex+0x512/0x640
[  492.401938][T16785]  _copy_from_user+0x2e/0xd0
[  492.401953][T16785]  __x64_sys_sendfile64+0x120/0x220
[  492.401964][T16785]  ? ksys_write+0x1b9/0x240
[  492.401978][T16785]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  492.401988][T16785]  ? rcu_is_watching+0x12/0xc0
[  492.402005][T16785]  do_syscall_64+0xcd/0x260
[  492.402020][T16785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.402031][T16785] RIP: 0033:0x7f47e5b8e969
[  492.402039][T16785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.402050][T16785] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  492.402060][T16785] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  492.402066][T16785] RDX: 0000200000002080 RSI: 0000000000000006 RDI: 0000000000000007
[  492.402072][T16785] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  492.402078][T16785] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001
[  492.402083][T16785] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  492.402096][T16785]  </TASK>
[  492.423731][T16787] fuse: Unknown parameter 'fd0x0000000000000003'
[  492.432058][T16789] syz.1.3947 (16789): drop_caches: 2
[  492.463939][T16789] syz.1.3947 (16789): drop_caches: 2
[  492.494795][   T40] audit: type=1400 audit(1746966170.981:1474): avc:  denied  { write } for  pid=16792 comm="syz.1.3949" lport=34248 faddr=fc00::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  492.762906][   T40] audit: type=1400 audit(1746966171.251:1475): avc:  denied  { ioctl } for  pid=16801 comm="syz.4.3952" path="socket:[65266]" dev="sockfs" ino=65266 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  492.769388][T16804] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3953'.
[  492.815946][T16804] veth19: entered promiscuous mode
[  492.860102][T16811] fuse: Unknown parameter 'fd0x0000000000000003'
[  492.924332][T16819] netlink: 277 bytes leftover after parsing attributes in process `syz.1.3960'.
[  493.075917][T16833] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3965'.
[  493.091577][T13084] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  493.104360][T16833] veth21: entered promiscuous mode
[  493.161969][T16837] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3967'.
[  493.189956][T16841] program syz.1.3968 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  493.264232][T13084] usb 5-1: unable to read config index 0 descriptor/start: -61
[  493.266863][T13084] usb 5-1: can't read configurations, error -61
[  493.402112][T13084] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  493.481837][ T1337] usb 6-1: new full-speed USB device number 39 using dummy_hcd
[  493.582968][T13084] usb 5-1: unable to read config index 0 descriptor/start: -61
[  493.585864][T13084] usb 5-1: can't read configurations, error -61
[  493.588067][T13084] usb usb5-port1: attempt power cycle
[  493.621878][ T1337] usb 6-1: device descriptor read/64, error -71
[  493.861913][ T1337] usb 6-1: new full-speed USB device number 40 using dummy_hcd
[  493.921480][T13084] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  493.954504][T13084] usb 5-1: unable to read config index 0 descriptor/start: -61
[  493.957005][T13084] usb 5-1: can't read configurations, error -61
[  494.001528][ T1337] usb 6-1: device descriptor read/64, error -71
[  494.021979][T16855] binder: BINDER_SET_CONTEXT_MGR already set
[  494.023897][T16855] binder: 16854:16855 ioctl 4018620d 200000000040 returned -16
[  494.027469][T16857] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3974'.
[  494.031337][T16855] syz.3.3973 (16855): drop_caches: 2
[  494.034933][T16855] syz.3.3973 (16855): drop_caches: 2
[  494.039744][T16857] bridge2: port 1(ip6gretap1) entered blocking state
[  494.041808][T16857] bridge2: port 1(ip6gretap1) entered disabled state
[  494.043732][T16857] ip6gretap1: entered allmulticast mode
[  494.046165][T16857] ip6gretap1: entered promiscuous mode
[  494.069652][T16857] veth3: entered promiscuous mode
[  494.081667][T13084] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  494.115099][T13084] usb 5-1: unable to read config index 0 descriptor/start: -61
[  494.118074][T13084] usb 5-1: can't read configurations, error -61
[  494.120767][T13084] usb usb5-port1: unable to enumerate USB device
[  494.122997][ T1337] usb usb6-port1: attempt power cycle
[  494.196388][T16868] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3978'.
[  494.247380][T16866] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3978'.
[  494.471484][ T1337] usb 6-1: new full-speed USB device number 41 using dummy_hcd
[  494.492055][ T1337] usb 6-1: device descriptor read/8, error -71
[  494.754310][ T1337] usb 6-1: new full-speed USB device number 42 using dummy_hcd
[  494.772630][ T1337] usb 6-1: device descriptor read/8, error -71
[  494.882977][ T1337] usb usb6-port1: unable to enumerate USB device
[  495.437414][T16883] FAULT_INJECTION: forcing a failure.
[  495.437414][T16883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  495.441873][T16883] CPU: 2 UID: 0 PID: 16883 Comm: syz.4.3984 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  495.441888][T16883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  495.441894][T16883] Call Trace:
[  495.441898][T16883]  <TASK>
[  495.441902][T16883]  dump_stack_lvl+0x16c/0x1f0
[  495.441922][T16883]  should_fail_ex+0x512/0x640
[  495.441943][T16883]  _copy_to_user+0x32/0xd0
[  495.441965][T16883]  simple_read_from_buffer+0xcb/0x170
[  495.441992][T16883]  proc_fail_nth_read+0x197/0x270
[  495.442017][T16883]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  495.442041][T16883]  ? rw_verify_area+0xcf/0x680
[  495.442062][T16883]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  495.442081][T16883]  vfs_read+0x1de/0xc70
[  495.442097][T16883]  ? __pfx___mutex_lock+0x10/0x10
[  495.442112][T16883]  ? __pfx_vfs_read+0x10/0x10
[  495.442130][T16883]  ? __fget_files+0x20e/0x3c0
[  495.442149][T16883]  ksys_read+0x12a/0x240
[  495.442163][T16883]  ? __pfx_ksys_read+0x10/0x10
[  495.442181][T16883]  do_syscall_64+0xcd/0x260
[  495.442197][T16883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.442207][T16883] RIP: 0033:0x7fea90d8d37c
[  495.442217][T16883] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  495.442228][T16883] RSP: 002b:00007fea91b17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  495.442238][T16883] RAX: ffffffffffffffda RBX: 00007fea90fb5fa0 RCX: 00007fea90d8d37c
[  495.442244][T16883] RDX: 000000000000000f RSI: 00007fea91b170a0 RDI: 0000000000000003
[  495.442250][T16883] RBP: 00007fea91b17090 R08: 0000000000000000 R09: 0000000000000000
[  495.442256][T16883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  495.442262][T16883] R13: 0000000000000000 R14: 00007fea90fb5fa0 R15: 00007ffc88038508
[  495.442274][T16883]  </TASK>
[  495.468646][T16885] vxcan1: entered allmulticast mode
[  495.514424][T16885] vxcan1: left allmulticast mode
[  495.516338][   T40] audit: type=1400 audit(1746966174.001:1476): avc:  denied  { map } for  pid=16884 comm="syz.4.3985" path="socket:[65341]" dev="sockfs" ino=65341 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  495.541032][T16887] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3986'.
[  496.285804][T16907] kvm: MONITOR instruction emulated as NOP!
[  496.325361][T16912] Can't find a SQUASHFS superblock on nullb0
[  496.378796][T16914] @: renamed from vlan0 (while UP)
[  496.511217][T16923] IPVS: Scheduler module ip_vs_sip not found
[  496.567230][T16926] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  496.618599][T16930] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4002'.
[  496.622678][   T40] audit: type=1400 audit(1746966175.111:1477): avc:  denied  { setopt } for  pid=16932 comm="syz.3.4003" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  496.628886][T16930] macsec1: entered promiscuous mode
[  496.635809][T16930] macsec1: entered allmulticast mode
[  496.723546][T16936] netlink: 57 bytes leftover after parsing attributes in process `syz.3.4004'.
[  496.723547][T16937] netlink: 57 bytes leftover after parsing attributes in process `syz.3.4004'.
[  496.927905][T16947] FAULT_INJECTION: forcing a failure.
[  496.927905][T16947] name failslab, interval 1, probability 0, space 0, times 0
[  496.931882][T16947] CPU: 3 UID: 0 PID: 16947 Comm: syz.0.4008 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  496.931898][T16947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  496.931904][T16947] Call Trace:
[  496.931908][T16947]  <TASK>
[  496.931913][T16947]  dump_stack_lvl+0x16c/0x1f0
[  496.931947][T16947]  should_fail_ex+0x512/0x640
[  496.931964][T16947]  ? __kmalloc_noprof+0xbf/0x510
[  496.931982][T16947]  ? constrain_params_by_rules+0x175/0xca0
[  496.931996][T16947]  should_failslab+0xc2/0x120
[  496.932007][T16947]  __kmalloc_noprof+0xd2/0x510
[  496.932022][T16947]  ? kasan_quarantine_put+0x10a/0x240
[  496.932037][T16947]  ? constrain_params_by_rules+0xa09/0xca0
[  496.932052][T16947]  constrain_params_by_rules+0x175/0xca0
[  496.932071][T16947]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  496.932088][T16947]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  496.932101][T16947]  ? __lock_acquire+0xaa4/0x1ba0
[  496.932121][T16947]  ? snd_interval_refine+0x2fa/0x580
[  496.932133][T16947]  snd_pcm_hw_refine+0x7de/0xad0
[  496.932149][T16947]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  496.932165][T16947]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  496.932181][T16947]  ? snd_pcm_hw_param_value+0x266/0x5b0
[  496.932195][T16947]  snd_pcm_hw_param_first+0x334/0x6f0
[  496.932211][T16947]  snd_pcm_hw_params+0x5ad/0x1b40
[  496.932229][T16947]  ? __pfx_snd_pcm_hw_params+0x10/0x10
[  496.932244][T16947]  ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0
[  496.932260][T16947]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  496.932274][T16947]  ? __asan_memset+0x23/0x50
[  496.932289][T16947]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  496.932306][T16947]  snd_pcm_oss_change_params_locked+0x1432/0x3b40
[  496.932326][T16947]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  496.932341][T16947]  ? snd_pcm_oss_write+0x4a2/0xa10
[  496.932359][T16947]  ? find_held_lock+0x2b/0x80
[  496.932373][T16947]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  496.932388][T16947]  snd_pcm_oss_write+0x4c3/0xa10
[  496.932403][T16947]  ? bpf_lsm_file_permission+0x9/0x10
[  496.932421][T16947]  ? security_file_permission+0x71/0x210
[  496.932439][T16947]  vfs_write+0x25c/0x1180
[  496.932454][T16947]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  496.932470][T16947]  ? __pfx_vfs_write+0x10/0x10
[  496.932484][T16947]  ? find_held_lock+0x2b/0x80
[  496.932495][T16947]  ? __fget_files+0x204/0x3c0
[  496.932513][T16947]  ? __fget_files+0x20e/0x3c0
[  496.932532][T16947]  ksys_write+0x12a/0x240
[  496.932546][T16947]  ? __pfx_ksys_write+0x10/0x10
[  496.932564][T16947]  do_syscall_64+0xcd/0x260
[  496.932580][T16947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.932590][T16947] RIP: 0033:0x7fc291d8e969
[  496.932599][T16947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.932609][T16947] RSP: 002b:00007fc292b88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  496.932619][T16947] RAX: ffffffffffffffda RBX: 00007fc291fb6080 RCX: 00007fc291d8e969
[  496.932625][T16947] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  496.932631][T16947] RBP: 00007fc292b88090 R08: 0000000000000000 R09: 0000000000000000
[  496.932637][T16947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  496.932642][T16947] R13: 0000000000000000 R14: 00007fc291fb6080 R15: 00007ffd98445198
[  496.932655][T16947]  </TASK>
[  497.109677][   T40] audit: type=1400 audit(1746966175.591:1478): avc:  denied  { setattr } for  pid=16948 comm="syz.3.4009" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  497.140427][T16951] syz.3.4010 (16951): drop_caches: 2
[  497.142483][T16951] syz.3.4010 (16951): drop_caches: 2
[  497.921096][T16981] smc: net device bond0 erased user defined pnetid SYZ2
[  498.067915][   T40] audit: type=1400 audit(1746966176.551:1479): avc:  denied  { accept } for  pid=16988 comm="syz.3.4025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  498.169372][T16997] binder: 16993:16997 ioctl 8933 2000000002c0 returned -22
[  498.174826][T16997] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4027'.
[  498.192942][T16997] binder: 16993:16997 ioctl 89f3 200000000300 returned -22
[  498.196330][T16997] binder: 16993:16997 ioctl 89f1 200000000580 returned -22
[  498.204676][T16997] syz.1.4027 (16997): drop_caches: 2
[  498.206637][T16997] syz.1.4027 (16997): drop_caches: 2
[  498.343582][T17001] overlayfs: failed to resolve './file0': -2
[  498.348335][T17001] netlink: 'syz.4.4029': attribute type 2 has an invalid length.
[  498.361520][ T6097] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  498.513241][ T6097] usb 5-1: config 1 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  498.517354][ T6097] usb 5-1: config 1 interface 0 has no altsetting 0
[  498.520285][ T6097] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  498.523304][ T6097] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  498.525992][ T6097] usb 5-1: SerialNumber: syz
[  498.702328][ T1337] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  498.734959][ T6097] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[  498.740248][ T6097] usb 5-1: USB disconnect, device number 62
[  498.861723][ T1337] usb 6-1: Using ep0 maxpacket: 16
[  498.863831][ T1337] usb 6-1: too many configurations: 123, using maximum allowed: 8
[  498.867826][ T1337] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.871802][ T1337] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.875608][ T1337] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.879435][ T1337] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.885390][ T1337] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.890088][ T1337] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.894295][ T1337] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.898190][ T1337] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.902576][ T1337] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  498.905559][ T1337] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  498.908081][ T1337] usb 6-1: SerialNumber: syz
[  498.910857][ T1337] usb 6-1: config 0 descriptor??
[  498.914760][ T1337] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input47
[  499.121115][   T65] usb 6-1: USB disconnect, device number 43
[  499.121899][ T5334] bcm5974 6-1:0.0: could not read from device
[  499.182242][T17010] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4033'.
[  499.267519][T17013] FAULT_INJECTION: forcing a failure.
[  499.267519][T17013] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  499.274300][T17013] CPU: 0 UID: 0 PID: 17013 Comm: syz.0.4034 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  499.274325][T17013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  499.274336][T17013] Call Trace:
[  499.274342][T17013]  <TASK>
[  499.274350][T17013]  dump_stack_lvl+0x16c/0x1f0
[  499.274376][T17013]  should_fail_ex+0x512/0x640
[  499.274402][T17013]  should_fail_alloc_page+0xe7/0x130
[  499.274423][T17013]  prepare_alloc_pages+0x3c2/0x610
[  499.274446][T17013]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  499.274480][T17013]  ? copy_splice_read+0x1a8/0xba0
[  499.274503][T17013]  ? stack_trace_save+0x8e/0xc0
[  499.274525][T17013]  ? __pfx_stack_trace_save+0x10/0x10
[  499.274544][T17013]  ? stack_depot_save_flags+0x28/0xa50
[  499.274566][T17013]  ? bpf_ksym_find+0x127/0x1c0
[  499.274588][T17013]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  499.274613][T17013]  ? kasan_save_stack+0x33/0x60
[  499.274637][T17013]  ? __kasan_kmalloc+0xaa/0xb0
[  499.274660][T17013]  ? copy_splice_read+0x1a8/0xba0
[  499.274681][T17013]  ? do_splice_read+0x282/0x370
[  499.274700][T17013]  ? splice_direct_to_actor+0x2a1/0xa30
[  499.274721][T17013]  ? do_splice_direct+0x174/0x240
[  499.274743][T17013]  ? do_sendfile+0xafd/0xe50
[  499.274764][T17013]  ? __x64_sys_sendfile64+0x154/0x220
[  499.274778][T17013]  ? do_syscall_64+0xcd/0x260
[  499.274817][T17013]  alloc_pages_bulk_noprof+0x703/0x13b0
[  499.274842][T17013]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  499.274862][T17013]  ? trace_kmalloc+0x2b/0xd0
[  499.274881][T17013]  ? __kmalloc_noprof+0x242/0x510
[  499.274910][T17013]  copy_splice_read+0x1e1/0xba0
[  499.274938][T17013]  ? __pfx_copy_splice_read+0x10/0x10
[  499.274980][T17013]  ? look_up_lock_class+0x6b/0x150
[  499.275008][T17013]  ? lockdep_init_map_type+0x5c/0x280
[  499.275035][T17013]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  499.275061][T17013]  ? __pfx_copy_splice_read+0x10/0x10
[  499.275084][T17013]  do_splice_read+0x282/0x370
[  499.275109][T17013]  splice_direct_to_actor+0x2a1/0xa30
[  499.275133][T17013]  ? __pfx_direct_splice_actor+0x10/0x10
[  499.275163][T17013]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  499.275188][T17013]  ? __pfx___might_resched+0x10/0x10
[  499.275213][T17013]  do_splice_direct+0x174/0x240
[  499.275236][T17013]  ? __pfx_do_splice_direct+0x10/0x10
[  499.275260][T17013]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  499.275286][T17013]  ? rw_verify_area+0xcf/0x680
[  499.275309][T17013]  do_sendfile+0xafd/0xe50
[  499.275336][T17013]  ? __pfx_do_sendfile+0x10/0x10
[  499.275367][T17013]  __x64_sys_sendfile64+0x154/0x220
[  499.275385][T17013]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  499.275408][T17013]  do_syscall_64+0xcd/0x260
[  499.275433][T17013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.275450][T17013] RIP: 0033:0x7fc291d8e969
[  499.275468][T17013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.275484][T17013] RSP: 002b:00007fc292ba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  499.275500][T17013] RAX: ffffffffffffffda RBX: 00007fc291fb5fa0 RCX: 00007fc291d8e969
[  499.275511][T17013] RDX: 0000200000002080 RSI: 0000000000000006 RDI: 0000000000000007
[  499.275521][T17013] RBP: 00007fc292ba9090 R08: 0000000000000000 R09: 0000000000000000
[  499.275531][T17013] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001
[  499.275540][T17013] R13: 0000000000000000 R14: 00007fc291fb5fa0 R15: 00007ffd98445198
[  499.275562][T17013]  </TASK>
[  499.469642][   T40] audit: type=1400 audit(1746966177.951:1480): avc:  denied  { write } for  pid=17019 comm="syz.0.4036" path="socket:[67144]" dev="sockfs" ino=67144 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  499.821900][   T40] audit: type=1400 audit(1746966178.311:1481): avc:  denied  { listen } for  pid=17033 comm="syz.0.4041" lport=53054 faddr=::ffff:100.1.1.1 fport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  499.829177][   T40] audit: type=1400 audit(1746966178.311:1482): avc:  denied  { accept } for  pid=17033 comm="syz.0.4041" lport=53054 faddr=::ffff:100.1.1.1 fport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  499.837046][   T40] audit: type=1400 audit(1746966178.311:1483): avc:  denied  { setopt } for  pid=17033 comm="syz.0.4041" lport=53054 faddr=::ffff:100.1.1.1 fport=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  500.048292][T17044] xt_hashlimit: size too large, truncated to 1048576
[  500.552190][   T64] wlan1: Trigger new scan to find an IBSS to join
[  500.560458][T17054] binder: 17053:17054 ioctl c0306201 200000000080 returned -22
[  500.597472][T17054] syz.4.4048 (17054): drop_caches: 2
[  500.599436][T17054] syz.4.4048 (17054): drop_caches: 2
[  500.812651][T17068] SET target dimension over the limit!
[  501.146130][T17076] FAULT_INJECTION: forcing a failure.
[  501.146130][T17076] name failslab, interval 1, probability 0, space 0, times 0
[  501.150394][T17076] CPU: 0 UID: 0 PID: 17076 Comm: syz.1.4057 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  501.150409][T17076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  501.150415][T17076] Call Trace:
[  501.150424][T17076]  <TASK>
[  501.150428][T17076]  dump_stack_lvl+0x16c/0x1f0
[  501.150457][T17076]  should_fail_ex+0x512/0x640
[  501.150473][T17076]  ? __kvmalloc_node_noprof+0x122/0x600
[  501.150490][T17076]  should_failslab+0xc2/0x120
[  501.150501][T17076]  __kvmalloc_node_noprof+0x135/0x600
[  501.150516][T17076]  ? __pfx___mutex_lock+0x10/0x10
[  501.150530][T17076]  ? traverse.part.0.constprop.0+0x392/0x640
[  501.150547][T17076]  ? traverse.part.0.constprop.0+0x392/0x640
[  501.150561][T17076]  ? alloc_pages_bulk_noprof+0xa4e/0x13b0
[  501.150571][T17076]  traverse.part.0.constprop.0+0x392/0x640
[  501.150589][T17076]  seq_read_iter+0x932/0x12c0
[  501.150608][T17076]  proc_reg_read_iter+0x21d/0x310
[  501.150620][T17076]  copy_splice_read+0x615/0xba0
[  501.150638][T17076]  ? __pfx_copy_splice_read+0x10/0x10
[  501.150654][T17076]  ? look_up_lock_class+0x6b/0x150
[  501.150669][T17076]  ? lockdep_init_map_type+0x5c/0x280
[  501.150686][T17076]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  501.150703][T17076]  ? __pfx_copy_splice_read+0x10/0x10
[  501.150716][T17076]  do_splice_read+0x282/0x370
[  501.150735][T17076]  splice_direct_to_actor+0x2a1/0xa30
[  501.150751][T17076]  ? __pfx_direct_splice_actor+0x10/0x10
[  501.150768][T17076]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  501.150783][T17076]  ? __pfx___might_resched+0x10/0x10
[  501.150799][T17076]  do_splice_direct+0x174/0x240
[  501.150814][T17076]  ? __pfx_do_splice_direct+0x10/0x10
[  501.150828][T17076]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  501.150845][T17076]  ? rw_verify_area+0xcf/0x680
[  501.150859][T17076]  do_sendfile+0xafd/0xe50
[  501.150875][T17076]  ? __pfx_do_sendfile+0x10/0x10
[  501.150894][T17076]  __x64_sys_sendfile64+0x154/0x220
[  501.150905][T17076]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  501.150919][T17076]  do_syscall_64+0xcd/0x260
[  501.150934][T17076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.150962][T17076] RIP: 0033:0x7f47e5b8e969
[  501.150971][T17076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.150981][T17076] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  501.150992][T17076] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  501.150998][T17076] RDX: 0000200000002080 RSI: 0000000000000006 RDI: 0000000000000007
[  501.151004][T17076] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  501.151010][T17076] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001
[  501.151015][T17076] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  501.151028][T17076]  </TASK>
[  501.204577][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  501.259900][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  501.393910][   T40] audit: type=1400 audit(1746966179.881:1484): avc:  denied  { map } for  pid=17079 comm="syz.3.4059" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  501.674563][T17095] tun0: tun_chr_ioctl cmd 1074025675
[  501.676881][T17095] tun0: persist enabled
[  501.678655][T17095] tun0: tun_chr_ioctl cmd 1074025675
[  501.680591][T17095] tun0: persist disabled
[  501.859393][T17099] binder: 17098:17099 ioctl c0306201 2000000003c0 returned -14
[  501.863311][T17099] binder: 17098:17099 unknown command 0
[  501.865868][T17099] binder: 17098:17099 ioctl c0306201 2000000001c0 returned -22
[  502.243839][T17112] syz.1.4071 (17112): drop_caches: 2
[  502.246497][T17112] syz.1.4071 (17112): drop_caches: 2
[  502.765431][T17123] QAT: Stopping all acceleration devices.
[  502.895269][T17132] FAULT_INJECTION: forcing a failure.
[  502.895269][T17132] name failslab, interval 1, probability 0, space 0, times 0
[  502.900167][T17132] CPU: 1 UID: 0 PID: 17132 Comm: syz.0.4078 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  502.900190][T17132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  502.900199][T17132] Call Trace:
[  502.900215][T17132]  <TASK>
[  502.900222][T17132]  dump_stack_lvl+0x16c/0x1f0
[  502.900263][T17132]  should_fail_ex+0x512/0x640
[  502.900289][T17132]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  502.900314][T17132]  should_failslab+0xc2/0x120
[  502.900334][T17132]  __kmalloc_cache_noprof+0x6a/0x3e0
[  502.900355][T17132]  ? trace_kmalloc+0x2b/0xd0
[  502.900372][T17132]  ? disk_seqf_start+0x68/0x180
[  502.900394][T17132]  disk_seqf_start+0x68/0x180
[  502.900418][T17132]  show_partition_start+0x1e/0xc0
[  502.900439][T17132]  traverse.part.0.constprop.0+0xac/0x640
[  502.900469][T17132]  seq_read_iter+0x932/0x12c0
[  502.900502][T17132]  proc_reg_read_iter+0x21d/0x310
[  502.900521][T17132]  copy_splice_read+0x615/0xba0
[  502.900550][T17132]  ? __pfx_copy_splice_read+0x10/0x10
[  502.900573][T17132]  ? look_up_lock_class+0x6b/0x150
[  502.900599][T17132]  ? lockdep_init_map_type+0x5c/0x280
[  502.900624][T17132]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  502.900649][T17132]  ? __pfx_copy_splice_read+0x10/0x10
[  502.900670][T17132]  do_splice_read+0x282/0x370
[  502.900695][T17132]  splice_direct_to_actor+0x2a1/0xa30
[  502.900722][T17132]  ? __pfx_direct_splice_actor+0x10/0x10
[  502.900750][T17132]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  502.900773][T17132]  ? __pfx___might_resched+0x10/0x10
[  502.900798][T17132]  do_splice_direct+0x174/0x240
[  502.900820][T17132]  ? __pfx_do_splice_direct+0x10/0x10
[  502.900844][T17132]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  502.900869][T17132]  ? rw_verify_area+0xcf/0x680
[  502.900892][T17132]  do_sendfile+0xafd/0xe50
[  502.900918][T17132]  ? __pfx_do_sendfile+0x10/0x10
[  502.900948][T17132]  __x64_sys_sendfile64+0x154/0x220
[  502.900965][T17132]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  502.900990][T17132]  do_syscall_64+0xcd/0x260
[  502.901013][T17132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.901029][T17132] RIP: 0033:0x7fc291d8e969
[  502.901044][T17132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.901058][T17132] RSP: 002b:00007fc292ba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  502.901073][T17132] RAX: ffffffffffffffda RBX: 00007fc291fb5fa0 RCX: 00007fc291d8e969
[  502.901083][T17132] RDX: 0000200000002080 RSI: 0000000000000006 RDI: 0000000000000007
[  502.901094][T17132] RBP: 00007fc292ba9090 R08: 0000000000000000 R09: 0000000000000000
[  502.901103][T17132] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001
[  502.901112][T17132] R13: 0000000000000000 R14: 00007fc291fb5fa0 R15: 00007ffd98445198
[  502.901135][T17132]  </TASK>
[  503.011836][    C1] vkms_vblank_simulate: vblank timer overrun
[  503.077832][T17136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4080'.
[  503.083636][T17136] bridge0: port 2(bridge_slave_1) entered disabled state
[  503.087694][T17136] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.601750][T13837] wlan1: Trigger new scan to find an IBSS to join
[  504.180993][T17166] binder: 17165:17166 ioctl c0306201 200000000180 returned -14
[  504.271417][T17168] netpci0: tun_chr_ioctl cmd 1074025672
[  504.273200][T17168] netpci0: ignored: set checksum disabled
[  504.552520][T17179] FAULT_INJECTION: forcing a failure.
[  504.552520][T17179] name failslab, interval 1, probability 0, space 0, times 0
[  504.556153][T17179] CPU: 3 UID: 0 PID: 17179 Comm: syz.1.4094 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  504.556168][T17179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  504.556174][T17179] Call Trace:
[  504.556178][T17179]  <TASK>
[  504.556183][T17179]  dump_stack_lvl+0x16c/0x1f0
[  504.556225][T17179]  should_fail_ex+0x512/0x640
[  504.556242][T17179]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  504.556259][T17179]  should_failslab+0xc2/0x120
[  504.556270][T17179]  __kmalloc_cache_noprof+0x6a/0x3e0
[  504.556284][T17179]  ? disk_seqf_stop+0x4f/0x90
[  504.556295][T17179]  ? disk_seqf_start+0x68/0x180
[  504.556308][T17179]  disk_seqf_start+0x68/0x180
[  504.556321][T17179]  show_partition_start+0x1e/0xc0
[  504.556333][T17179]  seq_read_iter+0x2be/0x12c0
[  504.556354][T17179]  proc_reg_read_iter+0x21d/0x310
[  504.556366][T17179]  copy_splice_read+0x615/0xba0
[  504.556384][T17179]  ? __pfx_copy_splice_read+0x10/0x10
[  504.556399][T17179]  ? look_up_lock_class+0x6b/0x150
[  504.556415][T17179]  ? lockdep_init_map_type+0x5c/0x280
[  504.556431][T17179]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  504.556447][T17179]  ? __pfx_copy_splice_read+0x10/0x10
[  504.556461][T17179]  do_splice_read+0x282/0x370
[  504.556477][T17179]  splice_direct_to_actor+0x2a1/0xa30
[  504.556492][T17179]  ? __pfx_direct_splice_actor+0x10/0x10
[  504.556509][T17179]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  504.556525][T17179]  ? __pfx___might_resched+0x10/0x10
[  504.556540][T17179]  do_splice_direct+0x174/0x240
[  504.556555][T17179]  ? __pfx_do_splice_direct+0x10/0x10
[  504.556570][T17179]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  504.556586][T17179]  ? rw_verify_area+0xcf/0x680
[  504.556600][T17179]  do_sendfile+0xafd/0xe50
[  504.556617][T17179]  ? __pfx_do_sendfile+0x10/0x10
[  504.556635][T17179]  __x64_sys_sendfile64+0x154/0x220
[  504.556646][T17179]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  504.556656][T17179]  ? rcu_is_watching+0x12/0xc0
[  504.556672][T17179]  do_syscall_64+0xcd/0x260
[  504.556687][T17179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.556697][T17179] RIP: 0033:0x7f47e5b8e969
[  504.556706][T17179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.556716][T17179] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  504.556726][T17179] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  504.556732][T17179] RDX: 0000200000002080 RSI: 0000000000000006 RDI: 0000000000000007
[  504.556738][T17179] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  504.556744][T17179] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001
[  504.556749][T17179] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  504.556762][T17179]  </TASK>
[  504.573506][T17182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4096'.
[  504.573987][T17179] syz.1.4094 (17179): drop_caches: 2
[  504.628420][T17185] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4096'.
[  504.629159][T17179] syz.1.4094 (17179): drop_caches: 2
[  504.633060][T17185] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4096'.
[  504.635941][T17179] syz.1.4094 (17179): drop_caches: 2
[  505.438343][T17218] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4108'.
[  505.574519][T17225] FAULT_INJECTION: forcing a failure.
[  505.574519][T17225] name failslab, interval 1, probability 0, space 0, times 0
[  505.578450][T17225] CPU: 2 UID: 0 PID: 17225 Comm: syz.1.4111 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  505.578465][T17225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  505.578471][T17225] Call Trace:
[  505.578476][T17225]  <TASK>
[  505.578480][T17225]  dump_stack_lvl+0x16c/0x1f0
[  505.578497][T17225]  should_fail_ex+0x512/0x640
[  505.578511][T17225]  ? __kmalloc_noprof+0xbf/0x510
[  505.578528][T17225]  ? iter_file_splice_write+0x1cc/0x1150
[  505.578544][T17225]  should_failslab+0xc2/0x120
[  505.578555][T17225]  __kmalloc_noprof+0xd2/0x510
[  505.578573][T17225]  iter_file_splice_write+0x1cc/0x1150
[  505.578591][T17225]  ? kfree+0x2b6/0x4d0
[  505.578604][T17225]  ? copy_splice_read+0x897/0xba0
[  505.578621][T17225]  ? __pfx_iter_file_splice_write+0x10/0x10
[  505.578636][T17225]  ? __lock_acquire+0xaa4/0x1ba0
[  505.578653][T17225]  ? __pfx_copy_splice_read+0x10/0x10
[  505.578675][T17225]  ? __pfx_iter_file_splice_write+0x10/0x10
[  505.578691][T17225]  direct_splice_actor+0x18f/0x6c0
[  505.578707][T17225]  splice_direct_to_actor+0x342/0xa30
[  505.578723][T17225]  ? __pfx_direct_splice_actor+0x10/0x10
[  505.578740][T17225]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  505.578755][T17225]  ? __pfx___might_resched+0x10/0x10
[  505.578771][T17225]  do_splice_direct+0x174/0x240
[  505.578786][T17225]  ? __pfx_do_splice_direct+0x10/0x10
[  505.578800][T17225]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  505.578817][T17225]  ? rw_verify_area+0xcf/0x680
[  505.578832][T17225]  do_sendfile+0xafd/0xe50
[  505.578848][T17225]  ? __pfx_do_sendfile+0x10/0x10
[  505.578866][T17225]  __x64_sys_sendfile64+0x154/0x220
[  505.578877][T17225]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  505.578892][T17225]  do_syscall_64+0xcd/0x260
[  505.578923][T17225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.578934][T17225] RIP: 0033:0x7f47e5b8e969
[  505.578943][T17225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.578953][T17225] RSP: 002b:00007f47e6936038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  505.578963][T17225] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8e969
[  505.578970][T17225] RDX: 0000200000002080 RSI: 0000000000000006 RDI: 0000000000000007
[  505.578975][T17225] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  505.578981][T17225] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001
[  505.578987][T17225] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  505.578999][T17225]  </TASK>
[  505.721511][   T57] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  505.881430][   T57] usb 9-1: Using ep0 maxpacket: 16
[  505.884270][   T57] usb 9-1: too many configurations: 123, using maximum allowed: 8
[  505.888477][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  505.893967][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  505.898270][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  505.902445][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  505.907352][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  505.912374][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  505.922992][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  505.932043][   T57] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  505.937128][   T57] usb 9-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  505.940869][   T57] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  505.945436][   T57] usb 9-1: SerialNumber: syz
[  505.948154][   T57] usb 9-1: config 0 descriptor??
[  505.956182][   T57] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input48
[  505.961010][T17233] syz.0.4114 (17233): drop_caches: 2
[  505.963832][T17233] syz.0.4114 (17233): drop_caches: 2
[  506.108453][T17242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4116'.
[  506.207902][T17243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4110'.
[  506.471974][T13811] wlan1: Creating new IBSS network, BSSID d6:0f:fc:06:40:9c
[  506.863925][T17242] bond0: (slave bond_slave_0): Releasing backup interface
[  506.912171][T17242] bond_slave_0 (unregistering): left allmulticast mode
[  506.928194][ T5334] bcm5974 9-1:0.0: could not read from device
[  506.930460][ T1337] usb 9-1: USB disconnect, device number 4
[  506.938463][T17270] pim6reg0: tun_chr_ioctl cmd 1074025676
[  506.940443][T17270] pim6reg0: owner set to 1
[  506.996740][T17299] ata1.00: invalid multi_count 1 ignored
[  507.067710][T17303] nvme_fabrics: missing parameter 'transport=%s'
[  507.070959][T17303] nvme_fabrics: missing parameter 'nqn=%s'
[  507.155916][T17313] FAULT_INJECTION: forcing a failure.
[  507.155916][T17313] name failslab, interval 1, probability 0, space 0, times 0
[  507.159530][T17313] CPU: 3 UID: 0 PID: 17313 Comm: syz.0.4125 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  507.159545][T17313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  507.159551][T17313] Call Trace:
[  507.159555][T17313]  <TASK>
[  507.159559][T17313]  dump_stack_lvl+0x16c/0x1f0
[  507.159577][T17313]  should_fail_ex+0x512/0x640
[  507.159591][T17313]  ? __kvmalloc_node_noprof+0x122/0x600
[  507.159608][T17313]  should_failslab+0xc2/0x120
[  507.159619][T17313]  __kvmalloc_node_noprof+0x135/0x600
[  507.159634][T17313]  ? sysctl_head_grab+0x51/0x70
[  507.159645][T17313]  ? proc_sys_call_handler+0x2a6/0x5c0
[  507.159658][T17313]  ? proc_sys_call_handler+0x2a6/0x5c0
[  507.159668][T17313]  proc_sys_call_handler+0x2a6/0x5c0
[  507.159681][T17313]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  507.159692][T17313]  ? rcu_is_watching+0x12/0xc0
[  507.159706][T17313]  ? splice_from_pipe_next+0x1f8/0x5d0
[  507.159725][T17313]  iter_file_splice_write+0x91c/0x1150
[  507.159748][T17313]  ? __pfx_iter_file_splice_write+0x10/0x10
[  507.159765][T17313]  ? __pfx_copy_splice_read+0x10/0x10
[  507.159786][T17313]  ? __pfx_iter_file_splice_write+0x10/0x10
[  507.159802][T17313]  direct_splice_actor+0x18f/0x6c0
[  507.159819][T17313]  splice_direct_to_actor+0x342/0xa30
[  507.159834][T17313]  ? __pfx_direct_splice_actor+0x10/0x10
[  507.159851][T17313]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  507.159868][T17313]  ? __pfx___might_resched+0x10/0x10
[  507.159883][T17313]  do_splice_direct+0x174/0x240
[  507.159898][T17313]  ? __pfx_do_splice_direct+0x10/0x10
[  507.159913][T17313]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  507.159929][T17313]  ? rw_verify_area+0xcf/0x680
[  507.159944][T17313]  do_sendfile+0xafd/0xe50
[  507.159960][T17313]  ? __pfx_do_sendfile+0x10/0x10
[  507.159979][T17313]  __x64_sys_sendfile64+0x154/0x220
[  507.159990][T17313]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  507.160004][T17313]  do_syscall_64+0xcd/0x260
[  507.160020][T17313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.160031][T17313] RIP: 0033:0x7fc291d8e969
[  507.160039][T17313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  507.160049][T17313] RSP: 002b:00007fc292ba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  507.160059][T17313] RAX: ffffffffffffffda RBX: 00007fc291fb5fa0 RCX: 00007fc291d8e969
[  507.160065][T17313] RDX: 0000200000002080 RSI: 0000000000000006 RDI: 0000000000000007
[  507.160071][T17313] RBP: 00007fc292ba9090 R08: 0000000000000000 R09: 0000000000000000
[  507.160077][T17313] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000002
[  507.160082][T17313] R13: 0000000000000000 R14: 00007fc291fb5fa0 R15: 00007ffd98445198
[  507.160095][T17313]  </TASK>
[  507.293344][   T40] audit: type=1400 audit(1746966185.781:1485): avc:  denied  { setattr } for  pid=17317 comm="syz.0.4126" path="/dev/input/event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  507.419191][T17334] syz.1.4128 (17334): drop_caches: 2
[  507.421220][T17334] syz.1.4128 (17334): drop_caches: 2
[  507.486212][T17338] netlink: 'syz.4.4132': attribute type 58 has an invalid length.
[  507.489404][T17338] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4132'.
[  507.627550][   T40] audit: type=1400 audit(1746966186.111:1486): avc:  denied  { unmount } for  pid=12848 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  507.648951][   T40] audit: type=1400 audit(1746966186.131:1487): avc:  denied  { map } for  pid=17343 comm="syz.4.4133" path="socket:[71688]" dev="sockfs" ino=71688 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  507.921524][T17355] netlink: 'syz.4.4136': attribute type 1 has an invalid length.
[  507.934248][T17355] bond2: entered promiscuous mode
[  507.936250][T17355] bond2: entered allmulticast mode
[  507.948531][T17355] bond2: (slave ip6gretap2): making interface the new active one
[  507.951096][T17355] ip6gretap2: entered promiscuous mode
[  507.952966][T17355] ip6gretap2: entered allmulticast mode
[  507.955237][T17355] bond2: (slave ip6gretap2): Enslaving as an active interface with an up link
[  508.157139][T17360] input: syz0 as /devices/virtual/input/input50
[  508.256161][T17364] syz.4.4140 (17364): drop_caches: 2
[  508.258517][T17364] FAULT_INJECTION: forcing a failure.
[  508.258517][T17364] name failslab, interval 1, probability 0, space 0, times 0
[  508.264117][T17364] CPU: 2 UID: 0 PID: 17364 Comm: syz.4.4140 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  508.264141][T17364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  508.264156][T17364] Call Trace:
[  508.264163][T17364]  <TASK>
[  508.264170][T17364]  dump_stack_lvl+0x16c/0x1f0
[  508.264196][T17364]  should_fail_ex+0x512/0x640
[  508.264216][T17364]  ? __kvmalloc_node_noprof+0x122/0x600
[  508.264242][T17364]  should_failslab+0xc2/0x120
[  508.264260][T17364]  __kvmalloc_node_noprof+0x135/0x600
[  508.264283][T17364]  ? sysctl_head_grab+0x51/0x70
[  508.264300][T17364]  ? proc_sys_call_handler+0x2a6/0x5c0
[  508.264323][T17364]  ? proc_sys_call_handler+0x2a6/0x5c0
[  508.264340][T17364]  proc_sys_call_handler+0x2a6/0x5c0
[  508.264359][T17364]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  508.264377][T17364]  ? rcu_is_watching+0x12/0xc0
[  508.264397][T17364]  ? splice_from_pipe_next+0x1f8/0x5d0
[  508.264425][T17364]  iter_file_splice_write+0x91c/0x1150
[  508.264463][T17364]  ? __pfx_iter_file_splice_write+0x10/0x10
[  508.264491][T17364]  ? __pfx_copy_splice_read+0x10/0x10
[  508.264527][T17364]  ? __pfx_iter_file_splice_write+0x10/0x10
[  508.264552][T17364]  direct_splice_actor+0x18f/0x6c0
[  508.264577][T17364]  splice_direct_to_actor+0x342/0xa30
[  508.264601][T17364]  ? __pfx_direct_splice_actor+0x10/0x10
[  508.264628][T17364]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  508.264653][T17364]  ? __pfx___might_resched+0x10/0x10
[  508.264678][T17364]  do_splice_direct+0x174/0x240
[  508.264700][T17364]  ? __pfx_do_splice_direct+0x10/0x10
[  508.264723][T17364]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  508.264750][T17364]  ? rw_verify_area+0xcf/0x680
[  508.264773][T17364]  do_sendfile+0xafd/0xe50
[  508.264799][T17364]  ? __pfx_do_sendfile+0x10/0x10
[  508.264830][T17364]  __x64_sys_sendfile64+0x154/0x220
[  508.264848][T17364]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  508.264863][T17364]  ? rcu_is_watching+0x12/0xc0
[  508.264888][T17364]  do_syscall_64+0xcd/0x260
[  508.264911][T17364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.264927][T17364] RIP: 0033:0x7fea90d8e969
[  508.264941][T17364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.264956][T17364] RSP: 002b:00007fea91b17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  508.264972][T17364] RAX: ffffffffffffffda RBX: 00007fea90fb5fa0 RCX: 00007fea90d8e969
[  508.264983][T17364] RDX: 0000200000002080 RSI: 0000000000000006 RDI: 0000000000000007
[  508.264993][T17364] RBP: 00007fea91b17090 R08: 0000000000000000 R09: 0000000000000000
[  508.265002][T17364] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000002
[  508.265012][T17364] R13: 0000000000000000 R14: 00007fea90fb5fa0 R15: 00007ffc88038508
[  508.265034][T17364]  </TASK>
[  508.661657][    T9] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  508.678001][T17397] binder: 17396:17397 ioctl 4018620d 200000000040 returned -22
[  508.681762][T17397] binder: 17396:17397 ioctl c0306201 2000000003c0 returned -14
[  508.702286][T17397] binder: 17396:17397 ioctl c0306201 200000000180 returned -14
[  508.812682][    T9] usb 6-1: Using ep0 maxpacket: 16
[  508.814999][    T9] usb 6-1: too many configurations: 123, using maximum allowed: 8
[  508.818817][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.823617][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.827390][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.831121][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.835311][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.839129][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.843242][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.847097][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.850965][    T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  508.853907][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  508.856459][    T9] usb 6-1: SerialNumber: syz
[  508.859053][    T9] usb 6-1: config 0 descriptor??
[  508.863384][    T9] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input51
[  509.071531][ T5334] bcm5974 6-1:0.0: could not read from device
[  509.073653][   T65] usb 6-1: USB disconnect, device number 44
[  509.489719][ T5942] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  509.493335][ T5942] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  509.497373][ T5942] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  509.501116][ T5942] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  509.508570][ T5942] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  509.614854][T13837] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  509.630377][T17406] lo speed is unknown, defaulting to 1000
[  509.633327][T17406] lo speed is unknown, defaulting to 1000
[  509.745919][T13837] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  509.756925][T17406] chnl_net:caif_netlink_parms(): no params data found
[  509.819743][T17418] syz.1.4157 (17418): drop_caches: 2
[  509.821009][T17406] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.823620][T17406] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.825090][T17418] syz.1.4157 (17418): drop_caches: 2
[  509.825705][T17406] bridge_slave_0: entered allmulticast mode
[  509.827348][T17418] FAULT_INJECTION: forcing a failure.
[  509.827348][T17418] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  509.829752][T17406] bridge_slave_0: entered promiscuous mode
[  509.833382][T17418] CPU: 1 UID: 0 PID: 17418 Comm: syz.1.4157 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  509.833413][T17418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  509.833424][T17418] Call Trace:
[  509.833430][T17418]  <TASK>
[  509.833437][T17418]  dump_stack_lvl+0x16c/0x1f0
[  509.833464][T17418]  should_fail_ex+0x512/0x640
[  509.833489][T17418]  _copy_to_user+0x32/0xd0
[  509.833514][T17418]  simple_read_from_buffer+0xcb/0x170
[  509.833540][T17418]  proc_fail_nth_read+0x197/0x270
[  509.833566][T17418]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  509.833591][T17418]  ? rw_verify_area+0xcf/0x680
[  509.833612][T17418]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  509.833637][T17418]  vfs_read+0x1de/0xc70
[  509.833663][T17418]  ? __pfx___mutex_lock+0x10/0x10
[  509.833686][T17418]  ? __pfx_vfs_read+0x10/0x10
[  509.833712][T17418]  ? __fget_files+0x20e/0x3c0
[  509.833740][T17418]  ksys_read+0x12a/0x240
[  509.833761][T17418]  ? __pfx_ksys_read+0x10/0x10
[  509.833780][T17418]  ? rcu_is_watching+0x12/0xc0
[  509.833805][T17418]  do_syscall_64+0xcd/0x260
[  509.833829][T17418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.833845][T17418] RIP: 0033:0x7f47e5b8d37c
[  509.833860][T17418] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  509.833875][T17418] RSP: 002b:00007f47e6936030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  509.833890][T17418] RAX: ffffffffffffffda RBX: 00007f47e5db5fa0 RCX: 00007f47e5b8d37c
[  509.833900][T17418] RDX: 000000000000000f RSI: 00007f47e69360a0 RDI: 0000000000000008
[  509.833910][T17418] RBP: 00007f47e6936090 R08: 0000000000000000 R09: 0000000000000000
[  509.833920][T17418] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000002
[  509.833930][T17418] R13: 0000000000000000 R14: 00007f47e5db5fa0 R15: 00007ffca2c75fd8
[  509.833953][T17418]  </TASK>
[  509.865829][T17420] xt_l2tp: v2 sid > 0xffff: 150994944
[  509.955132][T13837] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  509.966491][T17406] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.969340][T17406] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.972519][T17406] bridge_slave_1: entered allmulticast mode
[  509.976298][T17406] bridge_slave_1: entered promiscuous mode
[  510.052831][T13837] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  510.083919][T17406] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  510.090539][T17406] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  510.130113][T17406] team0: Port device team_slave_0 added
[  510.136058][T17406] team0: Port device team_slave_1 added
[  510.185190][T17406] batman_adv: batadv0: Adding interface: batadv_slave_0
[  510.188165][T17406] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  510.200410][T17406] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  510.206465][T17406] batman_adv: batadv0: Adding interface: batadv_slave_1
[  510.209372][T17406] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  510.219949][T17406] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  510.269419][T17406] hsr_slave_0: entered promiscuous mode
[  510.271466][  T836] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  510.274260][T17406] hsr_slave_1: entered promiscuous mode
[  510.276639][T17406] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  510.279339][T17406] Cannot create hsr debugfs directory
[  510.370193][T13837] bridge_slave_1: left allmulticast mode
[  510.372149][T13837] bridge_slave_1: left promiscuous mode
[  510.374123][T13837] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.379889][T13837] bridge_slave_0: left allmulticast mode
[  510.382136][T13837] bridge_slave_0: left promiscuous mode
[  510.384083][T13837] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.389794][T13837] ip6gretap1: left allmulticast mode
[  510.391576][T13837] ip6gretap1: left promiscuous mode
[  510.393292][T13837] bridge2: port 1(ip6gretap1) entered disabled state
[  510.441491][  T836] usb 6-1: Using ep0 maxpacket: 32
[  510.444522][  T836] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  510.448064][  T836] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  510.451522][  T836] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  510.457429][  T836] usb 6-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  510.460291][  T836] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  510.462925][  T836] usb 6-1: Product: syz
[  510.464249][  T836] usb 6-1: Manufacturer: syz
[  510.465729][  T836] usb 6-1: SerialNumber: syz
[  510.470746][  T836] input: appletouch as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/input/input52
[  510.683299][T13837] bond2 (unregistering): (slave ip6gretap2): Releasing active interface
[  510.686377][T13837] ip6gretap2 (unregistering): left promiscuous mode
[  510.688529][T13837] ip6gretap2 (unregistering): left allmulticast mode
[  510.702246][ T1337] usb 6-1: USB disconnect, device number 45
[  510.704292][    C0] appletouch 6-1:1.0: atp_complete: usb_submit_urb failed with result -19
[  510.783800][ T1337] appletouch 6-1:1.0: input: appletouch disconnected
[  511.237320][T17439] new mount options do not match the existing superblock, will be ignored
[  511.242318][   T40] audit: type=1400 audit(1746966190.734:1488): avc:  denied  { remount } for  pid=17438 comm="syz.1.4165" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  511.242794][T17439] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  511.591535][ T5942] Bluetooth: hci2: command tx timeout
[  511.641528][  T836] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  511.801493][  T836] usb 6-1: Using ep0 maxpacket: 16
[  511.804935][  T836] usb 6-1: too many configurations: 123, using maximum allowed: 8
[  511.809104][  T836] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  511.814408][  T836] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  511.819530][  T836] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  511.824912][  T836] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  511.830271][  T836] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  511.836823][  T836] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  511.842016][  T836] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  511.847193][  T836] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  511.851927][  T836] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  511.855607][  T836] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  511.858894][  T836] usb 6-1: SerialNumber: syz
[  511.869940][  T836] usb 6-1: config 0 descriptor??
[  511.876052][  T836] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input53
[  512.584970][T13837] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  512.624143][T13837] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  512.673331][T13837] bond0 (unregistering): Released all slaves
[  512.680851][T13837] bond1 (unregistering): Released all slaves
[  512.687607][T13837] bond2 (unregistering): Released all slaves
[  512.697693][T17434] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4163'.
[  512.716887][ T5334] bcm5974 6-1:0.0: could not read from device
[  512.758314][  T836] usb 6-1: USB disconnect, device number 46
[  512.762005][T17406] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  512.768057][T17406] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  512.772532][T17406] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  512.777192][T17406] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  512.817942][T17406] 8021q: adding VLAN 0 to HW filter on device bond0
[  512.833070][T17406] 8021q: adding VLAN 0 to HW filter on device team0
[  512.839744][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.843111][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.858313][T13862] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.860865][T13862] bridge0: port 2(bridge_slave_1) entered forwarding state
[  513.202594][T17406] 8021q: adding VLAN 0 to HW filter on device batadv0
[  513.360908][T17471] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967291 (274877906624 ns) > initial count (30400 ns). Using initial count to start timer.
[  513.429549][T17469] lo speed is unknown, defaulting to 1000
[  513.432198][T17469] lo speed is unknown, defaulting to 1000
[  513.525392][T13837] hsr_slave_0: left promiscuous mode
[  513.527675][T13837] hsr_slave_1: left promiscuous mode
[  513.529956][T13837] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  513.532448][T13837] batman_adv: batadv0: Removing interface: batadv_slave_0
[  513.535888][T13837] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  513.538619][T13837] batman_adv: batadv0: Removing interface: batadv_slave_1
[  513.562743][T13837] veth1_macvtap: left promiscuous mode
[  513.564727][T13837] veth0_macvtap: left promiscuous mode
[  513.566614][T13837] veth1_vlan: left promiscuous mode
[  513.568375][T13837] veth0_vlan: left promiscuous mode
[  513.671542][ T5942] Bluetooth: hci2: command tx timeout
[  514.152224][T17482] syz.3.4175 (17482): drop_caches: 2
[  514.154338][T17482] syz.3.4175 (17482): drop_caches: 2
[  514.374660][T17484] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  515.666361][   T40] audit: type=1326 audit(1746966195.154:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17497 comm="syz.0.4179" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc291d8e969 code=0x7fc00000
[  515.751484][ T5942] Bluetooth: hci2: command tx timeout
[  517.841514][ T5942] Bluetooth: hci2: command tx timeout
[  520.135902][T13837] team0 (unregistering): Port device team_slave_1 removed
[  521.013056][T13837] team0 (unregistering): Port device team_slave_0 removed
[  527.213027][T17501] lo speed is unknown, defaulting to 1000
[  527.216766][T17501] lo speed is unknown, defaulting to 1000
[  527.217335][T17406] veth0_vlan: entered promiscuous mode
[  527.251101][T17406] veth1_vlan: entered promiscuous mode
[  527.328144][T17406] veth0_macvtap: entered promiscuous mode
[  527.335492][T17406] veth1_macvtap: entered promiscuous mode
[  527.355594][T17406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  527.359622][T17406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.365019][T17406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  527.369308][T17406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.373438][T17406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  527.377729][T17406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.381621][T17406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  527.385916][T17406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.392786][T17406] batman_adv: batadv0: Interface activated: batadv_slave_0
[  527.402114][T17406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  527.405369][T17406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.408355][T17406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  527.411592][T17406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.414561][T17406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  527.417682][T17406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.420597][T17406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  527.423823][T17406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  527.427785][T17406] batman_adv: batadv0: Interface activated: batadv_slave_1
[  527.437105][T17406] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  527.439969][T17406] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  527.442995][T17406] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  527.445595][T17406] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  527.521818][T13820] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  527.524226][T13820] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  527.585748][T13862] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  527.588853][T13862] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  527.599805][T17406] ==================================================================
[  527.602359][T17406] BUG: KASAN: slab-use-after-free in binder_add_device+0xa4/0xb0
[  527.605481][T17406] Write of size 8 at addr ffff888025ccb008 by task syz-executor/17406
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  527.610863][T17406] 
[  527.612060][T17406] CPU: 0 UID: 0 PID: 17406 Comm: syz-executor Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  527.612083][T17406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  527.612094][T17406] Call Trace:
[  527.612102][T17406]  <TASK>
[  527.612109][T17406]  dump_stack_lvl+0x116/0x1f0
[  527.612134][T17406]  print_report+0xc3/0x670
[  527.612151][T17406]  ? __virt_addr_valid+0x5e/0x590
[  527.612173][T17406]  ? __phys_addr+0xc6/0x150
[  527.612195][T17406]  ? binder_add_device+0xa4/0xb0
[  527.612216][T17406]  kasan_report+0xe0/0x110
[  527.612233][T17406]  ? binder_add_device+0xa4/0xb0
[  527.612261][T17406]  binder_add_device+0xa4/0xb0
[  527.612280][T17406]  binderfs_binder_device_create.isra.0+0x95f/0xb70
[  527.612309][T17406]  binderfs_fill_super+0x8d4/0x1360
[  527.612336][T17406]  ? __pfx_binderfs_fill_super+0x10/0x10
[  527.612369][T17406]  ? shrinker_register+0x1a8/0x260
[  527.612389][T17406]  ? sget_fc+0x808/0xc20
[  527.612411][T17406]  ? __pfx_set_anon_super_fc+0x10/0x10
[  527.612433][T17406]  ? __pfx_binderfs_fill_super+0x10/0x10
[  527.612458][T17406]  get_tree_nodev+0xda/0x190
[  527.612481][T17406]  vfs_get_tree+0x8b/0x340
[  527.612500][T17406]  path_mount+0x14d4/0x1f20
[  527.612518][T17406]  ? kmem_cache_free+0x2d4/0x4d0
[  527.612541][T17406]  ? __pfx_path_mount+0x10/0x10
[  527.612561][T17406]  ? putname+0x154/0x1a0
[  527.612579][T17406]  __x64_sys_mount+0x28d/0x310
[  527.612597][T17406]  ? __pfx___x64_sys_mount+0x10/0x10
[  527.612615][T17406]  ? __pfx___x64_sys_umount+0x10/0x10
[  527.612633][T17406]  do_syscall_64+0xcd/0x260
[  527.612657][T17406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.612675][T17406] RIP: 0033:0x7fce4c99010a
[  527.612689][T17406] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.612705][T17406] RSP: 002b:00007fffc9bfefb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  527.612723][T17406] RAX: ffffffffffffffda RBX: 00007fce4ca10e74 RCX: 00007fce4c99010a
[  527.612735][T17406] RDX: 00007fce4ca208cb RSI: 00007fce4ca10e74 RDI: 00007fce4ca208cb
[  527.612745][T17406] RBP: 00007fce4ca110bd R08: 0000000000000000 R09: 00007fce4cbb6738
[  527.612757][T17406] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fce4c9ec1a8
[  527.612768][T17406] R13: 00007fce4c9ec180 R14: 0000000000000009 R15: 0000000000000000
[  527.612784][T17406]  </TASK>
[  527.612791][T17406] 
[  527.704728][T17406] Allocated by task 17406:
[  527.706148][T17406]  kasan_save_stack+0x33/0x60
[  527.707644][T17406]  kasan_save_track+0x14/0x30
[  527.709129][T17406]  __kasan_kmalloc+0xaa/0xb0
[  527.710586][T17406]  __kmalloc_noprof+0x223/0x510
[  527.712137][T17406]  fib6_info_alloc+0x40/0x160
[  527.713616][T17406]  ip6_route_info_create+0x33f/0x18e0
[  527.715288][T17406]  ip6_route_add+0x26/0x1c0
[  527.716694][T17406]  addrconf_add_mroute+0x1dd/0x350
[  527.718284][T17406]  addrconf_add_dev+0x14e/0x1c0
[  527.719817][T17406]  inet6_addr_add+0xfe/0x960
[  527.721271][T17406]  inet6_rtm_newaddr+0x1619/0x1c70
[  527.722859][T17406]  rtnetlink_rcv_msg+0x95b/0xe90
[  527.724414][T17406]  netlink_rcv_skb+0x16a/0x440
[  527.725933][T17406]  netlink_unicast+0x53a/0x7f0
[  527.727449][T17406]  netlink_sendmsg+0x8d1/0xdd0
[  527.728969][T17406]  __sys_sendto+0x495/0x510
[  527.730412][T17406]  __x64_sys_sendto+0xe0/0x1c0
[  527.732209][T17406]  do_syscall_64+0xcd/0x260
[  527.733788][T17406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.735820][T17406] 
[  527.736681][T17406] Freed by task 0:
[  527.737970][T17406]  kasan_save_stack+0x33/0x60
[  527.739962][T17406]  kasan_save_track+0x14/0x30
[  527.742076][T17406]  kasan_save_free_info+0x3b/0x60
[  527.744311][T17406]  __kasan_slab_free+0x51/0x70
[  527.746141][T17406]  kfree+0x2b6/0x4d0
[  527.747629][T17406]  rcu_core+0x799/0x14e0
[  527.748986][T17406]  handle_softirqs+0x216/0x8e0
[  527.750496][T17406]  __irq_exit_rcu+0x109/0x170
[  527.751989][T17406]  irq_exit_rcu+0x9/0x30
[  527.753328][T17406]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  527.755108][T17406]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  527.756977][T17406] 
[  527.757744][T17406] Last potentially related work creation:
[  527.759516][T17406]  kasan_save_stack+0x33/0x60
[  527.760999][T17406]  kasan_record_aux_stack+0xb8/0xd0
[  527.762627][T17406]  __call_rcu_common.constprop.0+0x9a/0x9f0
[  527.764482][T17406]  ip6_route_info_create+0x14e9/0x18e0
[  527.766191][T17406]  ip6_route_add+0x26/0x1c0
[  527.767634][T17406]  addrconf_add_mroute+0x1dd/0x350
[  527.769250][T17406]  addrconf_add_dev+0x14e/0x1c0
[  527.770782][T17406]  inet6_addr_add+0xfe/0x960
[  527.772229][T17406]  inet6_rtm_newaddr+0x1619/0x1c70
[  527.773816][T17406]  rtnetlink_rcv_msg+0x95b/0xe90
[  527.775349][T17406]  netlink_rcv_skb+0x16a/0x440
[  527.776821][T17406]  netlink_unicast+0x53a/0x7f0
[  527.778298][T17406]  netlink_sendmsg+0x8d1/0xdd0
[  527.779824][T17406]  __sys_sendto+0x495/0x510
[  527.781264][T17406]  __x64_sys_sendto+0xe0/0x1c0
[  527.782783][T17406]  do_syscall_64+0xcd/0x260
[  527.784183][T17406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.786020][T17406] 
[  527.786799][T17406] The buggy address belongs to the object at ffff888025ccb000
[  527.786799][T17406]  which belongs to the cache kmalloc-512 of size 512
[  527.790997][T17406] The buggy address is located 8 bytes inside of
[  527.790997][T17406]  freed 512-byte region [ffff888025ccb000, ffff888025ccb200)
[  527.794978][T17406] 
[  527.795721][T17406] The buggy address belongs to the physical page:
[  527.797646][T17406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x25cc8
[  527.800351][T17406] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  527.802957][T17406] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  527.805426][T17406] page_type: f5(slab)
[  527.806686][T17406] raw: 00fff00000000040 ffff88801b442c80 0000000000000000 dead000000000001
[  527.809230][T17406] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  527.811827][T17406] head: 00fff00000000040 ffff88801b442c80 0000000000000000 dead000000000001
[  527.814493][T17406] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  527.817179][T17406] head: 00fff00000000002 ffffea0000973201 00000000ffffffff 00000000ffffffff
[  527.819850][T17406] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  527.822483][T17406] page dumped because: kasan: bad access detected
[  527.824459][T17406] page_owner tracks the page as allocated
[  527.826246][T17406] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5940, tgid 5940 (syz-executor), ts 54946907783, free_ts 54937816288
[  527.832704][T17406]  post_alloc_hook+0x181/0x1b0
[  527.834210][T17406]  get_page_from_freelist+0x135c/0x3920
[  527.835967][T17406]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  527.837754][T17406]  alloc_pages_mpol+0x1fb/0x550
[  527.839236][T17406]  new_slab+0x244/0x340
[  527.840543][T17406]  ___slab_alloc+0xd9c/0x1940
[  527.842024][T17406]  __slab_alloc.constprop.0+0x56/0xb0
[  527.843709][T17406]  __kmalloc_noprof+0x2f2/0x510
[  527.845249][T17406]  fib6_info_alloc+0x40/0x160
[  527.846733][T17406]  ip6_route_info_create+0x33f/0x18e0
[  527.848417][T17406]  addrconf_f6i_alloc+0x391/0x670
[  527.849956][T17406]  ipv6_add_addr+0x531/0x1fe0
[  527.851420][T17406]  inet6_addr_add+0x256/0x960
[  527.852857][T17406]  inet6_rtm_newaddr+0x1619/0x1c70
[  527.854409][T17406]  rtnetlink_rcv_msg+0x95b/0xe90
[  527.855905][T17406]  netlink_rcv_skb+0x16a/0x440
[  527.857352][T17406] page last free pid 5935 tgid 5935 stack trace:
[  527.859279][T17406]  __free_frozen_pages+0x69d/0xff0
[  527.860797][T17406]  __put_partials+0x16d/0x1c0
[  527.862223][T17406]  qlist_free_all+0x4e/0x120
[  527.863689][T17406]  kasan_quarantine_reduce+0x195/0x1e0
[  527.865335][T17406]  __kasan_slab_alloc+0x69/0x90
[  527.866832][T17406]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  527.868450][T17406]  ref_tracker_alloc+0x18e/0x5b0
[  527.869960][T17406]  sk_alloc+0x206/0xc20
[  527.871235][T17406]  __netlink_create+0x5e/0x2c0
[  527.872679][T17406]  netlink_create+0x39e/0x620
[  527.874119][T17406]  __sock_create+0x335/0x8d0
[  527.875585][T17406]  __sys_socket+0x14d/0x260
[  527.876981][T17406]  __x64_sys_socket+0x72/0xb0
[  527.878437][T17406]  do_syscall_64+0xcd/0x260
[  527.879845][T17406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.881691][T17406] 
[  527.882442][T17406] Memory state around the buggy address:
[  527.884160][T17406]  ffff888025ccaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  527.886618][T17406]  ffff888025ccaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  527.889050][T17406] >ffff888025ccb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  527.891537][T17406]                       ^
[  527.892892][T17406]  ffff888025ccb080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  527.895387][T17406]  ffff888025ccb100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  527.897853][T17406] ==================================================================
[  527.907173][T17406] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  527.909512][T17406] CPU: 3 UID: 0 PID: 17406 Comm: syz-executor Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) 
[  527.913283][T17406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  527.916617][T17406] Call Trace:
[  527.917691][T17406]  <TASK>
[  527.918638][T17406]  dump_stack_lvl+0x3d/0x1f0
[  527.920118][T17406]  panic+0x71c/0x800
[  527.921346][T17406]  ? __pfx_panic+0x10/0x10
[  527.922742][T17406]  ? mark_held_locks+0x49/0x80
[  527.924262][T17406]  ? preempt_schedule_thunk+0x16/0x30
[  527.925957][T17406]  ? binder_add_device+0xa4/0xb0
[  527.927522][T17406]  ? preempt_schedule_common+0x44/0xc0
[  527.929225][T17406]  ? check_panic_on_warn+0x1f/0xb0
[  527.930825][T17406]  ? binder_add_device+0xa4/0xb0
[  527.932385][T17406]  check_panic_on_warn+0xab/0xb0
[  527.933876][T17406]  end_report+0x107/0x170
[  527.935211][T17406]  kasan_report+0xee/0x110
[  527.936579][T17406]  ? binder_add_device+0xa4/0xb0
[  527.938146][T17406]  binder_add_device+0xa4/0xb0
[  527.939646][T17406]  binderfs_binder_device_create.isra.0+0x95f/0xb70
[  527.941702][T17406]  binderfs_fill_super+0x8d4/0x1360
[  527.943354][T17406]  ? __pfx_binderfs_fill_super+0x10/0x10
[  527.945141][T17406]  ? shrinker_register+0x1a8/0x260
[  527.946763][T17406]  ? sget_fc+0x808/0xc20
[  527.948124][T17406]  ? __pfx_set_anon_super_fc+0x10/0x10
[  527.949835][T17406]  ? __pfx_binderfs_fill_super+0x10/0x10
[  527.951615][T17406]  get_tree_nodev+0xda/0x190
[  527.953082][T17406]  vfs_get_tree+0x8b/0x340
[  527.954498][T17406]  path_mount+0x14d4/0x1f20
[  527.955949][T17406]  ? kmem_cache_free+0x2d4/0x4d0
[  527.957481][T17406]  ? __pfx_path_mount+0x10/0x10
[  527.959027][T17406]  ? putname+0x154/0x1a0
[  527.960375][T17406]  __x64_sys_mount+0x28d/0x310
[  527.961893][T17406]  ? __pfx___x64_sys_mount+0x10/0x10
[  527.963580][T17406]  ? __pfx___x64_sys_umount+0x10/0x10
[  527.965274][T17406]  do_syscall_64+0xcd/0x260
[  527.966721][T17406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.968620][T17406] RIP: 0033:0x7fce4c99010a
[  527.970035][T17406] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.976018][T17406] RSP: 002b:00007fffc9bfefb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  527.978547][T17406] RAX: ffffffffffffffda RBX: 00007fce4ca10e74 RCX: 00007fce4c99010a
[  527.981024][T17406] RDX: 00007fce4ca208cb RSI: 00007fce4ca10e74 RDI: 00007fce4ca208cb
[  527.983493][T17406] RBP: 00007fce4ca110bd R08: 0000000000000000 R09: 00007fce4cbb6738
[  527.985933][T17406] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fce4c9ec1a8
[  527.988348][T17406] R13: 00007fce4c9ec180 R14: 0000000000000009 R15: 0000000000000000
[  527.990773][T17406]  </TASK>
[  527.992417][T17406] Kernel Offset: disabled
[  527.993784][T17406] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:14:54  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854f5335 RDI=ffffffff9adf7520 RBP=ffffffff9adf74e0 RSP=ffffc900040ef520
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6335323038387257
R12=0000000000000000 R13=0000000000000066 R14=ffffffff9adf74e0 R15=ffffffff854f52d0
RIP=ffffffff854f535f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000555583b76500 ffffffff 00c00000
GS =0000 ffff8880d69e1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc292b86fb8 CR3=000000005d085000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0c0c0c0 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9bfefd0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9bfef86
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9bfef86 00007fffc9bfef8c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2029706d742d7a79 73287269646b6d00 706d742d7a79732f 2e00303030303031
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 050c554851085f5c 560d574c414e4800 554851085f5c560a 0b00151515151514
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000057a51 RCX=ffffffff822c0754 RDX=ffff888021998000
RSI=ffffffff822c075e RDI=0000000000000005 RBP=ffff88801c700000 RSP=ffffc900039ef298
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81bb22e0 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6ae1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f021c0e7d60 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f021b5836a3 00007f021b5836a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd1b0ac000 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555590ea47a9 0000555590ea4610
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555590ea04a0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555590ebf0b5 0000555590ebc2a0
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02c0030000000000 0000000000000000 0000000000000000 0000007974697275
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0104800402800401 8008000008000108 000a01099601a808 0004800300080003
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a003000800039803 0000000000000000 0000000000000000 0000000001ffffff
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffd70802 f0030c080002e803 1080808090080002 e00305a2080002d8
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0303fff6080002d0 0310080002c80300 080002c003000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000b916f5 RBX=0000000000000002 RCX=ffffffff8b6cd419 RDX=0000000000000000
RSI=ffffffff8dbe1547 RDI=ffffffff8bf483a0 RBP=ffffed1003ad2910 RSP=ffffc90000187df8
R8 =0000000000000001 R9 =ffffed100d4c65bd R10=ffff88806a632deb R11=0000000000000000
R12=0000000000000002 R13=ffff88801d694880 R14=ffffffff9084f610 R15=0000000000000000
RIP=ffffffff8b6cbcaf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6be1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc5de1b7bac CR3=000000005f8af000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000002 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe8737c8a0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5de011a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5de011a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5de011a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5de011aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5de011b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5de011c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000010 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000010 0000000000000000 0000000000000000 0000000000000500
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000a81e67 RBX=0000000000000003 RCX=ffffffff8b6cd419 RDX=0000000000000000
RSI=ffffffff8dbe1547 RDI=ffffffff8bf483a0 RBP=ffffed1003bd5000 RSP=ffffc90000197df8
R8 =0000000000000001 R9 =ffffed100d4e65bd R10=ffff88806a732deb R11=0000000000000000
R12=0000000000000003 R13=ffff88801dea8000 R14=ffffffff9084f610 R15=0000000000000000
RIP=ffffffff8b6cbcaf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6ce1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc5ddf72720 CR3=000000005d085000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000303b37e0 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9bfef86
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc9bfef86 00007fffc9bfef8c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fce4ca11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 673800007fce4cbb 5f40ff77ff00736e 6f69000000000000 000600007fffc9bf
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ef8600007fffc9bf ef8c000000010000 096c000003000000 000000316e616c77
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000