last executing test programs:

6.808757623s ago: executing program 0 (id=382):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket(0x10, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842)
write(r7, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)

5.869882944s ago: executing program 0 (id=386):
r0 = socket(0x40000000015, 0x5, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x29, 0x2, 0x8, 0x1, 0x1, @local, @private2, 0x40, 0x20, 0x1, 0x1000}})
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000240)={0x10000000000000, 0x1000000})
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = openat$cdrom(0xffffff9c, &(0x7f00000001c0), 0x200, 0x0)
ioctl$CDROMVOLCTRL(r3, 0x530a, &(0x7f0000000240)={0x1, 0x3, 0x6, 0xc})
r4 = dup(r2)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f00000000c0)={'broute\x00', 0x0, 0x0, 0x0, [0x10001, 0x6, 0xb617, 0x5, 0x9f, 0x6]}, &(0x7f0000000140)=0x50)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r6, 0xc0045540, &(0x7f0000000080)=0xf)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380))
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x4}, 0x64)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r4)
sendmsg$TIPC_NL_BEARER_ADD(r4, &(0x7f0000000600)={&(0x7f0000000200), 0xc, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="40020000", @ANYRES16=r8, @ANYBLOB], 0x240}, 0x1, 0x0, 0x0, 0x8001}, 0x44ea3b8750c01ff9)
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r9, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x325000, 0x800}, 0x1c)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="54000000090601020000000000000000020000000900020073797a310000000005000100070000002c0007800c00018008000140ffffffff0500070084000000060004404e2200000c000280080001407f000000"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
move_pages(0x0, 0x6, &(0x7f0000000080)=[&(0x7f0000008000/0x1000)=nil, &(0x7f0000007000/0x2000)=nil, &(0x7f0000003000/0x1000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil], 0x0, &(0x7f0000000600), 0x0)

5.486156182s ago: executing program 0 (id=392):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x5, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0)
wait4(r0, 0x0, 0x2, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = syz_io_uring_setup(0x5981, &(0x7f0000000000)={0x0, 0xef34, 0x2, 0x0, 0x325}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_enter(r4, 0x56a1, 0x1dc1, 0x1e, &(0x7f0000000180)={[0x9, 0x100]}, 0x8)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
socket$inet(0x2, 0x4000000805, 0x0)

4.829814481s ago: executing program 2 (id=393):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = openat$mice(0xffffffffffffff9c, 0x0, 0x82)
write$P9_RCREATE(r0, &(0x7f0000000180)={0x18, 0x73, 0x2, {{0x8, 0x2, 0x7}, 0x6}}, 0x18)
ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f00000000c0)={0x7, "0a43b81781ee52fe5d1318dedf595fea476cc6aab722e8ac16406f5b4c42cc1b", 0x2, 0x1, 0x3ff, 0x7, 0x11, 0x1, 0x3ff, 0x7})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={r1, 0xd14, 0xfff, 0xe})
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0x28e, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1a000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00'})
r4 = getpid()
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
sendmsg$NL80211_CMD_ABORT_SCAN(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, r7, 0xd9b2794f6a139537, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x5)
ptrace$cont(0x1f, r4, 0x100, 0x4)
r9 = msgget$private(0x0, 0x0)
msgrcv(r9, 0x0, 0x0, 0x0, 0x0)
msgsnd(r9, &(0x7f0000000380)=ANY=[], 0xe, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0)

4.109716101s ago: executing program 0 (id=397):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)

3.986354556s ago: executing program 0 (id=399):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7f, 0x0, &(0x7f0000001180))
syz_emit_ethernet(0x85, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaa0a884800000200000f0e0000000000004c21e92a076b5eec8cebb498146fae248666abab0aa3fc763ee544652a2e26fcee1d76c4094c77361527677623fe0c2ba7bfb3d3e558d2e59211a6e3e544e3fd55b3da1a61769f7f92da1a9e11680b285a980e151500c97081723716e83719d68c5ab0ed"], &(0x7f0000000340)={0x1, 0x1, [0xdf5, 0x31f, 0x338, 0x79d]})
socket(0x28, 0x2, 0x1)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc2c45513, &(0x7f0000000040)={{0x2, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x2, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]})
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x2, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffde4, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r3, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = io_uring_setup(0x25e, &(0x7f0000000080))
io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x1b, &(0x7f0000003900)=[{0x0, 0x700, 0x0, 0x0, 0x0}], 0x1)
write$tun(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e00000010000655800189000"], 0xfdef)
socket(0x22, 0x800, 0x0)
io_setup(0x3, 0x0)
syz_usb_connect(0x5, 0x6a, 0x0, 0x0)
r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000200), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r6, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
syz_emit_ethernet(0x2e, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa12080045000020000000000011907f90780170b4c3b563812e3e000000000000000000"], 0x0)

3.289728621s ago: executing program 2 (id=403):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, 0x0)
shutdown(r4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xfc, {"a2e3ad21ed0d09f91b45090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f330063090890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b5b070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a6d5e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210380106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b07c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

2.599768889s ago: executing program 3 (id=405):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x5, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0)
wait4(r0, 0x0, 0x2, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = syz_io_uring_setup(0x5981, &(0x7f0000000000)={0x0, 0xef34, 0x2, 0x0, 0x325}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_enter(r4, 0x56a1, 0x1dc1, 0x1e, &(0x7f0000000180)={[0x9, 0x100]}, 0x8)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
socket$inet(0x2, 0x4000000805, 0x0)

2.48466941s ago: executing program 1 (id=406):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000340)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', r2, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.484471491s ago: executing program 1 (id=407):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f00000000c0)='./file1\x00', r3, &(0x7f0000000100)='./file0\x00')
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
socket$kcm(0x11, 0x3, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{}, {}, {}, {0x1}, {}, {0xfffffffa, 0x6}], 0x0, 0x0, 0x8, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
r6 = accept4(r5, 0x0, 0x0, 0x0)
write(r6, &(0x7f0000000040)="cb", 0xfffffdef)

2.252298947s ago: executing program 2 (id=408):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842)
recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)

1.74290264s ago: executing program 3 (id=409):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
mkdir(0x0, 0x0)

1.550418859s ago: executing program 3 (id=410):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0xffffffffffffff7e, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.550157022s ago: executing program 3 (id=411):
r0 = socket(0x40000000015, 0x5, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x29, 0x2, 0x8, 0x1, 0x1, @local, @private2, 0x40, 0x20, 0x1, 0x1000}})
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000240)={0x10000000000000, 0x1000000})
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = openat$cdrom(0xffffff9c, &(0x7f00000001c0), 0x200, 0x0)
ioctl$CDROMVOLCTRL(r3, 0x530a, &(0x7f0000000240)={0x1, 0x3, 0x6, 0xc})
r4 = dup(r2)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f00000000c0)={'broute\x00', 0x0, 0x0, 0x0, [0x10001, 0x6, 0xb617, 0x5, 0x9f, 0x6]}, &(0x7f0000000140)=0x50)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r6, 0xc0045540, &(0x7f0000000080)=0xf)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380))
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x4}, 0x64)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r4)
sendmsg$TIPC_NL_BEARER_ADD(r4, &(0x7f0000000600)={&(0x7f0000000200), 0xc, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="40020000", @ANYRES16=r8, @ANYBLOB], 0x240}, 0x1, 0x0, 0x0, 0x8001}, 0x44ea3b8750c01ff9)
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r9, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x325000, 0x800}, 0x1c)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="54000000090601020000000000000000020000000900020073797a310000000005000100070000002c0007800c00018008000140ffffffff0500070084000000060004404e2200000c000280080001407f000000"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
move_pages(0x0, 0x6, &(0x7f0000000080)=[&(0x7f0000008000/0x1000)=nil, &(0x7f0000007000/0x2000)=nil, &(0x7f0000003000/0x1000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil], 0x0, &(0x7f0000000600), 0x0)

1.485297523s ago: executing program 2 (id=412):
syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0xb8, 0x39, 0x200, 0x70bd25, 0x25dfdbfc, {0x16}, [@typed={0x4, 0xe1}, @generic="d2c5ff46b6498e12020a515bcf0e75ee4c558a94086e792666662cd422ecb75d6d255bb1b793b793f68257cb496e44f1f15ad10ce90861e1ebd528668bca9ae6d5d661ec3cc34f8de222728dcdad27c2ef5a289dcbb8ee8e27b5be299abef83d2a60a17d3bc44b4f28d9ca515d2dd6cdbbda1daa526ee21dc32891815cf30ef76f5b93ad79bbe9ce204d02dd49cfc1d329c122eeaf30531ae6103f16b9", @generic]}, 0xb8}, 0x1, 0x0, 0x0, 0x840}, 0x24040001)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00)
dup(r5)
write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)

1.330084594s ago: executing program 0 (id=413):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = openat$mice(0xffffffffffffff9c, 0x0, 0x82)
write$P9_RCREATE(r0, &(0x7f0000000180)={0x18, 0x73, 0x2, {{0x8, 0x2, 0x7}, 0x6}}, 0x18)
ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f00000000c0)={0x7, "0a43b81781ee52fe5d1318dedf595fea476cc6aab722e8ac16406f5b4c42cc1b", 0x2, 0x1, 0x3ff, 0x7, 0x11, 0x1, 0x3ff, 0x7})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={r1, 0xd14, 0xfff, 0xe})
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0x28e, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1a000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00'})
r4 = getpid()
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
sendmsg$NL80211_CMD_ABORT_SCAN(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, r7, 0xd9b2794f6a139537, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x5)
ptrace$cont(0x1f, r4, 0x100, 0x4)
r9 = msgget$private(0x0, 0x0)
msgrcv(r9, 0x0, 0x0, 0x0, 0x0)
msgsnd(r9, &(0x7f0000000380)=ANY=[], 0xe, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0)

1.208657497s ago: executing program 3 (id=414):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'})
shutdown(r4, 0x1)
write$UHID_INPUT(r3, 0x0, 0x0)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

1.20811984s ago: executing program 1 (id=415):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000440)='ns/mnt\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup=r1, 0x11, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="4000000010003b0c00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b00010065727370616eeaff1000026204001203000000000100e100"], 0x40}}, 0x0)
r2 = fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f0000001000)={<r3=>0x0, 0x91, 0x1, [0x9, 0x9, 0x3, 0x8f7f, 0x80], [0xffffffff7ffffffc, 0x4006, 0x8000000000000000, 0x0, 0x1, 0x2, 0x2, 0x8, 0x4, 0x8, 0x9, 0x8, 0x8, 0xa9, 0x800, 0x1, 0x9, 0x49ff, 0x8, 0x2d, 0x401, 0x433, 0xc2, 0x3, 0x6, 0x180, 0x3, 0x8000000000000001, 0x7fffffff, 0x0, 0x1d, 0x2, 0x9, 0x4, 0x1, 0x8, 0x9, 0x1, 0x6ca, 0xd, 0x8, 0x6, 0x9, 0x5, 0x6, 0xd, 0xfff, 0x9, 0x80000001, 0x6, 0x2, 0x2, 0x10, 0x80, 0xfff, 0x6, 0x7, 0x4, 0x10000, 0xe, 0x4, 0x200, 0xa, 0x2, 0x6, 0x1, 0x4, 0x9, 0x2, 0x7, 0x6, 0x4, 0x4, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffa, 0x1, 0x6, 0x8000000000000004, 0xd, 0x4, 0x6, 0x400, 0xb, 0x100, 0x6, 0xc, 0x2, 0x6, 0x1, 0xffffffff, 0x400000002, 0x6, 0x40000000400, 0xd, 0x10, 0x2, 0x10000000000006, 0x7, 0x0, 0x6, 0x5, 0xb, 0x400, 0x9, 0xfffffffffffffff9, 0x8000000000000000, 0x5, 0x9, 0x2, 0x0, 0x430e, 0x5, 0xd4f, 0x7f, 0xfffffffffffffc00, 0xb4, 0x1, 0x6, 0x1ddc, 0xe]})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r2, 0xc400941d, &(0x7f0000001880)={r3, 0x5, 0x3})
r4 = fsmount(r2, 0x0, 0x0)
r5 = openat(r4, &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)
timer_create(0x0, &(0x7f0000000940)={0x0, 0x0, 0x1}, &(0x7f0000000980)=<r6=>0x0)
timer_gettime(r6, &(0x7f00000009c0))
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000140))
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000006b40)=ANY=[@ANYBLOB="b7000000fdffffffbfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000000f040000000000001d4002000000000065040000000000000f030000000000001d440000000000007a0a00fe000000000f00000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b1100886475923906f88b53987ad0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64360f56e24e6d2105bd901128c7e0ec82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7dfcb59b854e9d5a17f48a7382f1b3fa4526650ea6cef13d000000225d85ae49cee383f936ad657b303ab841dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c1070bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c22ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fd03000000022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b884114f244a9bf93f04bf072f0861f5c0b000000004000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99705cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0706a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2811e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96735600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922923806ca84d69ea370db27a5ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca311a28ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da7418fd3aa81cff202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c829aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0d0274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f4441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbf34c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cbf5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d9436220000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd9000000000000f05fe239d3d6dafc367f12689b6700000000bd4990d9dc174a69aadffdea5445fd3c13350af85d308caee689736c06417b52541eb5871d820b850dcb00877bbe2ed19d911564f11adeb52ec3047cfdcac8a8bab6ee365941cf792155f589226758e9c8bec8289b3012ca74bfe210e0315b384ce982e16f93f3e0b1385cfaab63bd36b141dfbc7f96ee549b8b52c311e5c657943f2a5d177f03e10b3595ed13458472a2eab1ea987a0668e52fff5c716fb5950852186649ce7362b45225f050c1c37327b6833025cc1dff2d57df674be03bab30901188386d248370", @ANYRES64=r5, @ANYRESDEC=r7], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x100)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x17, 0x19, &(0x7f0000000300)=ANY=[@ANYBLOB="4b9ab8ff00000000185000000c000000000000000000000018470000ffffffff0000000000000000b7080000000000007b8af8ff00000000b7080000030000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000002000e0ffffb698a2dd610f162c01000049d3707a00a50000008510000006000009000000000000000018000000b80d000000000000d10000005bbc5000000000009500000a9806c63992b049000000000da943236387b4ee860a86759deaa6eb2c9b7111ab47ccb8291aa0d7cf5dff12fbfedb16da99d173b56a"], &(0x7f0000004dc0)='syzkaller\x00', 0x5, 0x55, &(0x7f00000068c0)=""/85, 0x41100, 0x11, '\x00', 0x0, @cgroup_sysctl, r4, 0x8, &(0x7f0000006340)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r5, 0x4, 0x0, &(0x7f00000000c0)=[{0x3, 0x3, 0xa, 0xc}, {0x4, 0x5, 0x7, 0xa}, {0x2, 0xffffffff, 0x13, 0x7}, {0x4, 0x1, 0xb, 0xa}], 0x10, 0x0, @void, @value}, 0x94)
fsopen(&(0x7f0000000140)='vfat\x00', 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x2, 0xb, [{}, {}, {}, {0xfffffffd}, {}, {0x0, 0x1000000}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r9 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCSFF(r9, 0x402c4580, &(0x7f0000001240)={0x51, 0x0, 0x0, {}, {}, @period={0x5d, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0}})
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

1.040207861s ago: executing program 1 (id=416):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, 0x0)
shutdown(r4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xfc, {"a2e3ad21ed0d09f91b45090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f330063090890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b5b070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a6d5e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210380106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b07c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

309.308168ms ago: executing program 2 (id=417):
madvise(&(0x7f00006e4000/0x1000)=nil, 0x1000, 0xc)
madvise(&(0x7f0000bdd000/0x1000)=nil, 0x1000, 0xa)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x6c, r0, 0x1000000000000}, 0x38)
io_pgetevents(0x0, 0x2, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x1bf, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000080)=@IORING_OP_POLL_ADD={0x6, 0x39, 0x0, @fd_index=0x3})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)={0x0, 0xfffffffe})
io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000b00))
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, 0x0, &(0x7f0000000440)=""/184, 0x0, 0xeeee0000})
r8 = dup(r7)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f0000000000)={0x1, r8})
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000380)='percpu_alloc_percpu\x00', r9}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711217000000000095000000ff10fffe"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getdents(0xffffffffffffffff, &(0x7f0000000200)=""/225, 0xe1)

308.297805ms ago: executing program 3 (id=418):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x5, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = syz_clone(0x800c000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0)
wait4(r0, 0x0, 0x2, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = syz_io_uring_setup(0x5981, &(0x7f0000000000)={0x0, 0xef34, 0x2, 0x0, 0x325}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_enter(r4, 0x56a1, 0x1dc1, 0x1e, &(0x7f0000000180)={[0x9, 0x100]}, 0x8)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
socket$inet(0x2, 0x4000000805, 0x0)

159.753791ms ago: executing program 1 (id=419):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mkdir(0x0, 0x0)

159.289385ms ago: executing program 1 (id=420):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842)
recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)

0s ago: executing program 2 (id=421):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7f, 0x0, &(0x7f0000001180))
syz_emit_ethernet(0x85, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaa0a884800000200000f0e0000000000004c21e92a076b5eec8cebb498146fae248666abab0aa3fc763ee544652a2e26fcee1d76c4094c77361527677623fe0c2ba7bfb3d3e558d2e59211a6e3e544e3fd55b3da1a61769f7f92da1a9e11680b285a980e151500c97081723716e83719d68c5ab0ed"], &(0x7f0000000340)={0x1, 0x1, [0xdf5, 0x31f, 0x338, 0x79d]})
socket(0x28, 0x2, 0x1)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc2c45513, &(0x7f0000000040)={{0x2, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x2, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]})
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x2, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffde4, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r3, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = io_uring_setup(0x25e, &(0x7f0000000080))
io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x1b, &(0x7f0000003900)=[{0x0, 0x700, 0x0, 0x0, 0x0}], 0x1)
write$tun(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e00000010000655800189000"], 0xfdef)
socket(0x22, 0x800, 0x0)
io_setup(0x3, 0x0)
syz_usb_connect(0x5, 0x6a, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(0xffffffffffffffff, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
syz_emit_ethernet(0x2e, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa12080045000020000000000011907f90780170b4c3b563812e3e000000000000000000"], 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:36645' (ED25519) to the list of known hosts.
[   41.322362][ T5933] cgroup: Unknown subsys name 'net'
[   41.479994][ T5933] cgroup: Unknown subsys name 'cpuset'
[   41.483005][ T5933] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   42.269312][ T5933] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   44.045437][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   44.049040][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   44.051568][ T5955] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   44.054390][ T5955] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   44.056618][ T5955] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   44.059084][ T5955] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   44.061683][ T5955] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   44.061845][ T5957] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   44.062746][ T5956] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   44.063486][ T5956] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   44.063805][ T5956] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   44.064113][ T5955] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   44.064227][ T5955] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   44.073918][ T5959] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   44.074730][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   44.074853][ T5956] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   44.074960][ T5956] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   44.077490][ T5959] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   44.080971][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   44.083185][ T5959] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   44.085701][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   44.087355][ T5959] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   44.089339][ T5948] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   44.097348][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   44.163836][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.166240][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.178309][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.180730][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.196874][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.199406][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.204305][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.206933][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.214469][ T1234] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.217697][ T1234] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.222264][ T1234] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.224733][ T1234] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.231155][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.233479][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.242315][ T5944] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   44.245683][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   44.249592][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   44.299771][ T5973] warning: `syz.3.4' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   44.558925][ T5986] /dev/nullb0: Can't open blockdev
[   44.604938][ T5987] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[   44.897965][ T5995] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   44.903976][ T5995] process 'syz.2.7' launched './file2' with NULL argv: empty string added
[   45.528572][ T6009] input: syz0 as /devices/virtual/input/input6
[   45.530122][ T6005] Zero length message leads to an empty skb
[   45.568057][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   45.574704][ T6009] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8'.
[   45.598453][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   45.600934][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   45.662704][ T6011] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7
[   46.099312][ T5948] Bluetooth: hci1: command tx timeout
[   46.101259][ T5948] Bluetooth: hci0: command tx timeout
[   46.178116][ T5950] Bluetooth: hci2: command tx timeout
[   46.180598][ T5950] Bluetooth: hci3: command tx timeout
[   46.218524][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c8!!!
[   46.788640][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   46.862672][ T6035] trusted_key: syz.1.16 sent an empty control message without MSG_MORE.
[   47.009618][ T6048] 9pnet_virtio: no channels available for device syz
[   47.344424][ T6055] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input8
[   47.398185][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.867516][ T1450] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0
[   47.871988][ T1450] hid-generic 0000:0003:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   47.878186][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.880754][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.884820][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.928179][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.178162][   T64] Bluetooth: hci1: command tx timeout
[   48.179883][ T5950] Bluetooth: hci0: command tx timeout
[   48.258077][   T64] Bluetooth: hci2: command tx timeout
[   48.260282][ T5950] Bluetooth: hci3: command tx timeout
[   48.476242][ T6077] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input9
[   48.669952][ T6079] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   48.669952][ T6079]    program syz.3.25 not setting count and/or reply_len properly
[   48.969449][ T6081] capability: warning: `syz.1.26' uses deprecated v2 capabilities in a way that may be insecure
[   49.498008][   T62] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   49.670539][   T62] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   49.673833][   T62] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   49.676731][   T62] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   49.679599][   T62] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.698848][ T6085] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   49.709115][   T62] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[   50.226989][ T6102] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.268009][ T5950] Bluetooth: hci0: command tx timeout
[   50.270799][   T64] Bluetooth: hci1: command tx timeout
[   50.338053][ T5950] Bluetooth: hci2: command tx timeout
[   50.339782][   T64] Bluetooth: hci3: command 0x040f tx timeout
[   50.488782][ T6105] /dev/nullb0: Can't open blockdev
[   50.545276][ T6112] netlink: 12 bytes leftover after parsing attributes in process `syz.0.32'.
[   50.980792][   T39] audit: type=1326 audit(1737710163.544:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6116 comm="syz.0.34" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf743e579 code=0x0
[   51.268984][ T5948] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   51.269870][   T39] audit: type=1326 audit(1737710163.834:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.37" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x0
[   51.271909][ T5948] CPU: 0 UID: 0 PID: 5948 Comm: kworker/u33:2 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[   51.271924][ T5948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   51.271930][ T5948] Workqueue: hci1 hci_rx_work
[   51.271947][ T5948] Call Trace:
[   51.271950][ T5948]  <TASK>
[   51.271954][ T5948]  dump_stack_lvl+0x16c/0x1f0
[   51.271967][ T5948]  sysfs_warn_dup+0x7f/0xa0
[   51.271979][ T5948]  sysfs_create_dir_ns+0x24d/0x2b0
[   51.271989][ T5948]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   51.271999][ T5948]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   51.272012][ T5948]  ? kobject_add_internal+0x12d/0x990
[   51.272024][ T5948]  ? do_raw_spin_unlock+0x172/0x230
[   51.272036][ T5948]  kobject_add_internal+0x2c8/0x990
[   51.272049][ T5948]  kobject_add+0x16f/0x240
[   51.272059][ T5948]  ? __pfx_kobject_add+0x10/0x10
[   51.272068][ T5948]  ? class_to_subsys+0x3e/0x160
[   51.272079][ T5948]  ? do_raw_spin_unlock+0x172/0x230
[   51.272089][ T5948]  ? kobject_put+0xab/0x5a0
[   51.272102][ T5948]  device_add+0x289/0x1a70
[   51.272111][ T5948]  ? __pfx_dev_set_name+0x10/0x10
[   51.272121][ T5948]  ? __pfx_device_add+0x10/0x10
[   51.272129][ T5948]  ? mgmt_send_event_skb+0x2f2/0x460
[   51.272142][ T5948]  hci_conn_add_sysfs+0x17e/0x230
[   51.272153][ T5948]  le_conn_complete_evt+0xfce/0x1d10
[   51.272166][ T5948]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   51.272176][ T5948]  ? trace_contention_end+0xee/0x140
[   51.272186][ T5948]  ? __mutex_lock+0x1cc/0xb10
[   51.272199][ T5948]  hci_le_conn_complete_evt+0x23c/0x370
[   51.272212][ T5948]  hci_le_meta_evt+0x2e2/0x5d0
[   51.272222][ T5948]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   51.272234][ T5948]  hci_event_packet+0x666/0x1190
[   51.272243][ T5948]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   51.272254][ T5948]  ? __pfx_hci_event_packet+0x10/0x10
[   51.272263][ T5948]  ? mark_held_locks+0x9f/0xe0
[   51.272272][ T5948]  ? kcov_remote_start+0x3cf/0x6e0
[   51.272282][ T5948]  ? lockdep_hardirqs_on+0x7c/0x110
[   51.272293][ T5948]  hci_rx_work+0x2c5/0x16b0
[   51.272305][ T5948]  ? process_one_work+0x8bb/0x1b30
[   51.272321][ T5948]  process_one_work+0x958/0x1b30
[   51.272338][ T5948]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   51.272347][ T5948]  ? __pfx_process_one_work+0x10/0x10
[   51.272369][ T5948]  ? rcu_is_watching+0x12/0xc0
[   51.272385][ T5948]  ? assign_work+0x1a0/0x250
[   51.272401][ T5948]  worker_thread+0x6c8/0xf00
[   51.272415][ T5948]  ? __kthread_parkme+0x148/0x220
[   51.272427][ T5948]  ? __pfx_worker_thread+0x10/0x10
[   51.272437][ T5948]  kthread+0x3af/0x750
[   51.272451][ T5948]  ? __pfx_kthread+0x10/0x10
[   51.272464][ T5948]  ? lock_acquire+0x2f/0xb0
[   51.272476][ T5948]  ? __pfx_kthread+0x10/0x10
[   51.272488][ T5948]  ret_from_fork+0x45/0x80
[   51.272497][ T5948]  ? __pfx_kthread+0x10/0x10
[   51.272510][ T5948]  ret_from_fork_asm+0x1a/0x30
[   51.272529][ T5948]  </TASK>
[   51.272540][ T5948] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   51.367403][ T5948] Bluetooth: hci1: failed to register connection device
[   51.560463][ T6137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.564773][ T6137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.847554][ T6144] syz_tun: entered allmulticast mode
[   51.852950][ T6143] syz_tun: left allmulticast mode
[   52.042406][  T832] usb 7-1: USB disconnect, device number 2
[   52.338684][ T5948] Bluetooth: hci1: command tx timeout
[   52.338850][   T64] Bluetooth: hci0: command tx timeout
[   52.354631][ T6158] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input11
[   52.418049][   T64] Bluetooth: hci3: command 0x040f tx timeout
[   52.418663][ T5948] Bluetooth: hci2: command tx timeout
[   52.723562][ T6166] netlink: 'syz.2.44': attribute type 10 has an invalid length.
[   52.726944][ T6166] netlink: 'syz.2.44': attribute type 10 has an invalid length.
[   52.730970][ T6166] netlink: 32 bytes leftover after parsing attributes in process `syz.2.44'.
[   53.312819][ T6175] netlink: 28 bytes leftover after parsing attributes in process `syz.0.47'.
[   53.316106][ T6175] netlink: 'syz.0.47': attribute type 7 has an invalid length.
[   53.318724][ T6175] netlink: 'syz.0.47': attribute type 8 has an invalid length.
[   53.321369][ T6175] netlink: 4 bytes leftover after parsing attributes in process `syz.0.47'.
[   54.498033][ T5948] Bluetooth: hci3: command 0x040f tx timeout
[   54.668113][   T62] usb 8-1: new low-speed USB device number 2 using dummy_hcd
[   54.703866][ T6204] dccp_invalid_packet: P.Data Offset(4) too small
[   54.710457][ T6204] netlink: 'syz.1.56': attribute type 1 has an invalid length.
[   54.720105][ T6204] bond0: entered promiscuous mode
[   54.721911][ T6204] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.737794][ T6204] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.740054][ T6204] bond0: (slave ip6gre1): The slave device specified does not support setting the MAC address
[   54.743226][ T6204] bond0: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[   54.747814][ T6204] bond0: (slave ip6gre1): making interface the new active one
[   54.750359][ T6204] ip6gre1: entered promiscuous mode
[   54.752717][ T6204] bond0: (slave ip6gre1): Enslaving as an active interface with an up link
[   54.767490][ T6204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.56'.
[   54.832578][ T6204] bond0 (unregistering): (slave ip6gre1): Releasing backup interface
[   54.833816][   T62] usb 8-1: unable to get BOS descriptor or descriptor too short
[   54.835058][ T6204] ip6gre1: left promiscuous mode
[   54.840242][ T6204] bond0 (unregistering): Released all slaves
[   54.841202][   T62] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   54.849882][   T62] usb 8-1: string descriptor 0 read error: -22
[   54.851927][   T62] usb 8-1: New USB device found, idVendor=056a, idProduct=00da, bcdDevice= 0.40
[   54.854730][   T62] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   54.860093][   T62] usbhid 8-1:1.0: can't add hid device: -22
[   54.862000][   T62] usbhid 8-1:1.0: probe with driver usbhid failed with error -22
[   54.932937][ T6213] sp0: Synchronizing with TNC
[   54.941527][ T6213] sp0: Found TNC
[   55.067775][   T35] usb 8-1: USB disconnect, device number 2
[   55.188021][   T62] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   55.357977][   T62] usb 6-1: Using ep0 maxpacket: 8
[   55.360681][   T62] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   55.363570][   T62] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   55.366524][   T62] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   55.369720][   T62] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   55.373584][   T62] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   55.376311][   T62] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   55.589088][   T62] usb 6-1: GET_CAPABILITIES returned 0
[   55.590780][   T62] usbtmc 6-1:16.0: can't read capabilities
[   55.706402][ T6226] netlink: 'syz.3.60': attribute type 1 has an invalid length.
[   55.709187][ T6226] netlink: 'syz.3.60': attribute type 1 has an invalid length.
[   55.796512][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.801234][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.803944][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.806675][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.809392][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.812088][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.815364][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.818170][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.820864][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.823542][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.826269][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.828958][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.831684][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.834374][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.837086][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.839771][    C3] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   55.845443][  T832] usb 6-1: USB disconnect, device number 2
[   56.117628][ T6234] random: crng reseeded on system resumption
[   56.604327][ T6249] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.609301][ T6249] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.538038][   T64] Bluetooth: hci1: command 0x0406 tx timeout
[   57.849741][ T6269] netlink: 28 bytes leftover after parsing attributes in process `syz.3.70'.
[   57.852576][ T6269] netlink: 'syz.3.70': attribute type 7 has an invalid length.
[   57.854929][ T6269] netlink: 'syz.3.70': attribute type 8 has an invalid length.
[   57.857265][ T6269] netlink: 4 bytes leftover after parsing attributes in process `syz.3.70'.
[   58.301345][ T6273] netlink: 40 bytes leftover after parsing attributes in process `syz.2.72'.
[   58.449743][ T6285] netlink: 'syz.2.73': attribute type 1 has an invalid length.
[   58.452133][ T6285] netlink: 'syz.2.73': attribute type 1 has an invalid length.
[   58.485447][ T6286] netlink: 'syz.1.71': attribute type 10 has an invalid length.
[   58.489130][ T6286] netlink: 'syz.1.71': attribute type 10 has an invalid length.
[   58.494225][ T6286] netlink: 32 bytes leftover after parsing attributes in process `syz.1.71'.
[   59.218551][   T56] usb 7-1: new low-speed USB device number 3 using dummy_hcd
[   59.379756][   T56] usb 7-1: unable to get BOS descriptor or descriptor too short
[   59.383214][   T56] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   59.395652][   T56] usb 7-1: string descriptor 0 read error: -22
[   59.397633][   T56] usb 7-1: New USB device found, idVendor=056a, idProduct=00da, bcdDevice= 0.40
[   59.400847][   T56] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   59.408071][   T56] usbhid 7-1:1.0: can't add hid device: -22
[   59.410364][   T56] usbhid 7-1:1.0: probe with driver usbhid failed with error -22
[   59.523258][ T6299] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input12
[   59.616282][ T5964] usb 7-1: USB disconnect, device number 3
[   60.264105][ T6321] netlink: 40 bytes leftover after parsing attributes in process `syz.2.81'.
[   60.353313][   T64] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[   60.354721][   T39] audit: type=1326 audit(1737710172.914:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6336 comm="syz.2.82" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x0
[   60.357408][   T64] CPU: 2 UID: 0 PID: 64 Comm: kworker/u33:0 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[   60.357423][   T64] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   60.357431][   T64] Workqueue: hci3 hci_rx_work
[   60.357448][   T64] Call Trace:
[   60.357452][   T64]  <TASK>
[   60.357456][   T64]  dump_stack_lvl+0x16c/0x1f0
[   60.357468][   T64]  sysfs_warn_dup+0x7f/0xa0
[   60.357480][   T64]  sysfs_create_dir_ns+0x24d/0x2b0
[   60.357491][   T64]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   60.357504][   T64]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   60.357517][   T64]  ? kobject_add_internal+0x12d/0x990
[   60.357529][   T64]  ? do_raw_spin_unlock+0x172/0x230
[   60.357540][   T64]  kobject_add_internal+0x2c8/0x990
[   60.357557][   T64]  kobject_add+0x16f/0x240
[   60.357568][   T64]  ? __pfx_kobject_add+0x10/0x10
[   60.357578][   T64]  ? class_to_subsys+0x3e/0x160
[   60.357589][   T64]  ? do_raw_spin_unlock+0x172/0x230
[   60.357600][   T64]  ? kobject_put+0xab/0x5a0
[   60.357613][   T64]  device_add+0x289/0x1a70
[   60.357622][   T64]  ? __pfx_dev_set_name+0x10/0x10
[   60.357633][   T64]  ? __pfx_device_add+0x10/0x10
[   60.357642][   T64]  ? mgmt_send_event_skb+0x2f2/0x460
[   60.357655][   T64]  hci_conn_add_sysfs+0x17e/0x230
[   60.357667][   T64]  le_conn_complete_evt+0xfce/0x1d10
[   60.357681][   T64]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   60.357690][   T64]  ? trace_contention_end+0xee/0x140
[   60.357700][   T64]  ? __mutex_lock+0x1cc/0xb10
[   60.357714][   T64]  hci_le_conn_complete_evt+0x23c/0x370
[   60.357726][   T64]  hci_le_meta_evt+0x2e2/0x5d0
[   60.357737][   T64]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   60.357748][   T64]  hci_event_packet+0x666/0x1190
[   60.357757][   T64]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   60.357768][   T64]  ? __pfx_hci_event_packet+0x10/0x10
[   60.357777][   T64]  ? mark_held_locks+0x9f/0xe0
[   60.357786][   T64]  ? kcov_remote_start+0x3cf/0x6e0
[   60.357796][   T64]  ? lockdep_hardirqs_on+0x7c/0x110
[   60.357807][   T64]  hci_rx_work+0x2c5/0x16b0
[   60.357818][   T64]  ? process_one_work+0x8bb/0x1b30
[   60.357835][   T64]  process_one_work+0x958/0x1b30
[   60.357852][   T64]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   60.357861][   T64]  ? __pfx_process_one_work+0x10/0x10
[   60.357874][   T64]  ? rcu_is_watching+0x12/0xc0
[   60.357888][   T64]  ? assign_work+0x1a0/0x250
[   60.357902][   T64]  worker_thread+0x6c8/0xf00
[   60.357915][   T64]  ? __pfx_worker_thread+0x10/0x10
[   60.357943][   T64]  kthread+0x3af/0x750
[   60.357958][   T64]  ? __pfx_kthread+0x10/0x10
[   60.357971][   T64]  ? lock_acquire+0x2f/0xb0
[   60.357982][   T64]  ? __pfx_kthread+0x10/0x10
[   60.357996][   T64]  ret_from_fork+0x45/0x80
[   60.358006][   T64]  ? __pfx_kthread+0x10/0x10
[   60.358020][   T64]  ret_from_fork_asm+0x1a/0x30
[   60.358040][   T64]  </TASK>
[   60.358093][   T64] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   60.451833][   T64] Bluetooth: hci3: failed to register connection device
[   60.731746][ T6345] netlink: 28 bytes leftover after parsing attributes in process `syz.1.83'.
[   60.734492][ T6345] netlink: 'syz.1.83': attribute type 7 has an invalid length.
[   60.736791][ T6345] netlink: 'syz.1.83': attribute type 8 has an invalid length.
[   60.739468][ T6345] netlink: 4 bytes leftover after parsing attributes in process `syz.1.83'.
[   61.501887][ T6358] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input13
[   61.748738][ T6355] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   61.748738][ T6355]    program syz.2.85 not setting count and/or reply_len properly
[   62.381029][ T6377] netlink: 40 bytes leftover after parsing attributes in process `syz.2.91'.
[   62.794008][ T6398] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input14
[   63.452056][   T39] audit: type=1326 audit(1737710176.014:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.0.94" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0
[   63.452545][ T5948] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[   63.464427][ T5948] CPU: 0 UID: 0 PID: 5948 Comm: kworker/u33:2 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[   63.464443][ T5948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   63.464450][ T5948] Workqueue: hci0 hci_rx_work
[   63.464466][ T5948] Call Trace:
[   63.464470][ T5948]  <TASK>
[   63.464474][ T5948]  dump_stack_lvl+0x16c/0x1f0
[   63.464486][ T5948]  sysfs_warn_dup+0x7f/0xa0
[   63.464498][ T5948]  sysfs_create_dir_ns+0x24d/0x2b0
[   63.464509][ T5948]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   63.464520][ T5948]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   63.464532][ T5948]  ? kobject_add_internal+0x12d/0x990
[   63.464543][ T5948]  ? do_raw_spin_unlock+0x172/0x230
[   63.464555][ T5948]  kobject_add_internal+0x2c8/0x990
[   63.464588][ T5948]  kobject_add+0x16f/0x240
[   63.464599][ T5948]  ? __pfx_kobject_add+0x10/0x10
[   63.464610][ T5948]  ? class_to_subsys+0x3e/0x160
[   63.464631][ T5948]  ? do_raw_spin_unlock+0x172/0x230
[   63.464654][ T5948]  ? kobject_put+0xab/0x5a0
[   63.464668][ T5948]  device_add+0x289/0x1a70
[   63.464678][ T5948]  ? __pfx_dev_set_name+0x10/0x10
[   63.464689][ T5948]  ? __pfx_device_add+0x10/0x10
[   63.464698][ T5948]  ? mgmt_send_event_skb+0x2f2/0x460
[   63.464711][ T5948]  hci_conn_add_sysfs+0x17e/0x230
[   63.464723][ T5948]  le_conn_complete_evt+0xfce/0x1d10
[   63.464736][ T5948]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   63.464746][ T5948]  ? trace_contention_end+0xee/0x140
[   63.464758][ T5948]  ? __mutex_lock+0x1cc/0xb10
[   63.464772][ T5948]  hci_le_conn_complete_evt+0x23c/0x370
[   63.464785][ T5948]  hci_le_meta_evt+0x2e2/0x5d0
[   63.464796][ T5948]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   63.464808][ T5948]  hci_event_packet+0x666/0x1190
[   63.464817][ T5948]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   63.464828][ T5948]  ? __pfx_hci_event_packet+0x10/0x10
[   63.464838][ T5948]  ? mark_held_locks+0x9f/0xe0
[   63.464847][ T5948]  ? kcov_remote_start+0x3cf/0x6e0
[   63.464857][ T5948]  ? lockdep_hardirqs_on+0x7c/0x110
[   63.464868][ T5948]  hci_rx_work+0x2c5/0x16b0
[   63.464880][ T5948]  ? process_one_work+0x8bb/0x1b30
[   63.464896][ T5948]  process_one_work+0x958/0x1b30
[   63.464915][ T5948]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   63.464924][ T5948]  ? __pfx_process_one_work+0x10/0x10
[   63.464937][ T5948]  ? rcu_is_watching+0x12/0xc0
[   63.464952][ T5948]  ? assign_work+0x1a0/0x250
[   63.464967][ T5948]  worker_thread+0x6c8/0xf00
[   63.464979][ T5948]  ? __kthread_parkme+0x148/0x220
[   63.464990][ T5948]  ? __pfx_worker_thread+0x10/0x10
[   63.464999][ T5948]  kthread+0x3af/0x750
[   63.465012][ T5948]  ? __pfx_kthread+0x10/0x10
[   63.465025][ T5948]  ? lock_acquire+0x2f/0xb0
[   63.465035][ T5948]  ? __pfx_kthread+0x10/0x10
[   63.465048][ T5948]  ret_from_fork+0x45/0x80
[   63.465058][ T5948]  ? __pfx_kthread+0x10/0x10
[   63.465071][ T5948]  ret_from_fork_asm+0x1a/0x30
[   63.465090][ T5948]  </TASK>
[   63.465157][ T5948] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   63.560058][ T5948] Bluetooth: hci0: failed to register connection device
[   63.700187][ T6412] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input15
[   63.941545][ T5938] udevd[5938]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory
[   63.944898][ T5938] udevd[5938]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[   64.414378][ T6423] netlink: 40 bytes leftover after parsing attributes in process `syz.1.101'.
[   64.771386][ T6444] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   64.771386][ T6444]    program syz.1.102 not setting count and/or reply_len properly
[   65.415864][ T6458] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[   65.419765][ T6458] fuse: Unknown parameter 'fÀ0x000000000000000a'
[   65.422413][ T6458] fuse: Unknown parameter 'ÿ'
[   65.624685][ T6460] ubi0: attaching mtd0
[   65.629217][ T6460] ubi0: scanning is finished
[   65.630686][ T6460] ubi0: empty MTD device detected
[   65.688185][ T6462] netlink: 40 bytes leftover after parsing attributes in process `syz.3.110'.
[   65.694652][ T6460] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   65.697903][ T6460] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   65.699874][ T6467] syz.1.109 (6467) used obsolete PPPIOCDETACH ioctl
[   65.701119][ T6460] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   65.706423][ T6460] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   65.710725][ T6460] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   65.712852][ T6460] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   65.715325][ T6460] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2876562545
[   65.718855][ T6460] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   65.722099][ T6469] ubi0: background thread "ubi_bgt0d" started, PID 6469
[   65.823830][   T39] audit: type=1326 audit(1737710691.384:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6473 comm="syz.3.111" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x0
[   65.923168][ T6479] random: crng reseeded on system resumption
[   65.988634][ T6489] netlink: 12 bytes leftover after parsing attributes in process `syz.0.116'.
[   66.045216][ T6493] netlink: 24 bytes leftover after parsing attributes in process `syz.0.118'.
[   66.177660][ T6496] netlink: 40 bytes leftover after parsing attributes in process `syz.2.119'.
[   66.578009][   T64] Bluetooth: hci3: command 0x040f tx timeout
[   66.744985][ T6526] netlink: 28 bytes leftover after parsing attributes in process `syz.1.123'.
[   66.816902][   T39] audit: type=1326 audit(1737710692.374:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[   66.823498][   T39] audit: type=1326 audit(1737710692.374:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[   66.831556][   T39] audit: type=1326 audit(1737710692.384:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf746e579 code=0x7ffc0000
[   66.838331][   T39] audit: type=1326 audit(1737710692.384:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[   66.844686][   T39] audit: type=1326 audit(1737710692.384:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[   66.851313][   T39] audit: type=1326 audit(1737710692.394:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf746e579 code=0x7ffc0000
[   66.857637][   T39] audit: type=1326 audit(1737710692.394:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[   66.863992][   T39] audit: type=1326 audit(1737710692.394:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000
[   66.871151][   T39] audit: type=1326 audit(1737710692.394:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.125" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf746e579 code=0x7ffc0000
[   66.926176][ T6530] futex_wake_op: syz.1.125 tries to shift op by 32; fix this program
[   67.296005][ T6542] netlink: 40 bytes leftover after parsing attributes in process `syz.3.129'.
[   67.428707][ T6569] FAULT_INJECTION: forcing a failure.
[   67.428707][ T6569] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   67.432946][ T6569] CPU: 2 UID: 0 PID: 6569 Comm: syz.3.134 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[   67.432957][ T6569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.432963][ T6569] Call Trace:
[   67.432966][ T6569]  <TASK>
[   67.432970][ T6569]  dump_stack_lvl+0x16c/0x1f0
[   67.432983][ T6569]  should_fail_ex+0x497/0x5b0
[   67.432998][ T6569]  _copy_to_user+0x32/0xd0
[   67.433008][ T6569]  simple_read_from_buffer+0xd0/0x160
[   67.433020][ T6569]  proc_fail_nth_read+0x198/0x270
[   67.433031][ T6569]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   67.433041][ T6569]  ? rw_verify_area+0xcf/0x680
[   67.433051][ T6569]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   67.433060][ T6569]  vfs_read+0x1df/0xbf0
[   67.433071][ T6569]  ? __fget_files+0x1fc/0x3a0
[   67.433083][ T6569]  ? __pfx___mutex_lock+0x10/0x10
[   67.433093][ T6569]  ? __pfx_vfs_read+0x10/0x10
[   67.433106][ T6569]  ? __fget_files+0x206/0x3a0
[   67.433121][ T6569]  ksys_read+0x12b/0x250
[   67.433131][ T6569]  ? __pfx_ksys_read+0x10/0x10
[   67.433145][ T6569]  __do_fast_syscall_32+0x73/0x120
[   67.433156][ T6569]  do_fast_syscall_32+0x32/0x80
[   67.433165][ T6569]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   67.433177][ T6569] RIP: 0023:0xf73ee579
[   67.433184][ T6569] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   67.433193][ T6569] RSP: 002b:00000000f5076590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   67.433201][ T6569] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5076620
[   67.433206][ T6569] RDX: 000000000000000f RSI: 00000000f73dcff4 RDI: 0000000000000000
[   67.433211][ T6569] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   67.433215][ T6569] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   67.433220][ T6569] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   67.433231][ T6569]  </TASK>
[   67.567383][ T6574] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input16
[   67.690158][ T6577] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input17
[   67.914940][ T6580] FAULT_INJECTION: forcing a failure.
[   67.914940][ T6580] name failslab, interval 1, probability 0, space 0, times 1
[   67.919261][ T6580] CPU: 1 UID: 0 PID: 6580 Comm: syz.3.135 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[   67.919272][ T6580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.919277][ T6580] Call Trace:
[   67.919280][ T6580]  <TASK>
[   67.919284][ T6580]  dump_stack_lvl+0x16c/0x1f0
[   67.919297][ T6580]  should_fail_ex+0x497/0x5b0
[   67.919311][ T6580]  ? fs_reclaim_acquire+0xae/0x150
[   67.919323][ T6580]  should_failslab+0xc2/0x120
[   67.919332][ T6580]  __kmalloc_noprof+0xce/0x4f0
[   67.919345][ T6580]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   67.919354][ T6580]  ? tomoyo_realpath_from_path+0xbf/0x710
[   67.919369][ T6580]  tomoyo_realpath_from_path+0xbf/0x710
[   67.919381][ T6580]  ? tomoyo_path_number_perm+0x235/0x5b0
[   67.919393][ T6580]  tomoyo_path_number_perm+0x248/0x5b0
[   67.919402][ T6580]  ? tomoyo_path_number_perm+0x235/0x5b0
[   67.919414][ T6580]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   67.919435][ T6580]  ? __pfx_lock_release+0x10/0x10
[   67.919443][ T6580]  ? trace_lock_acquire+0x14e/0x1f0
[   67.919456][ T6580]  ? lock_acquire+0x2f/0xb0
[   67.919463][ T6580]  ? __fget_files+0x40/0x3a0
[   67.919477][ T6580]  ? __fget_files+0x206/0x3a0
[   67.919490][ T6580]  security_file_ioctl_compat+0x9b/0x240
[   67.919502][ T6580]  __do_compat_sys_ioctl+0x4e/0x2c0
[   67.919513][ T6580]  __do_fast_syscall_32+0x73/0x120
[   67.919524][ T6580]  do_fast_syscall_32+0x32/0x80
[   67.919533][ T6580]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   67.919546][ T6580] RIP: 0023:0xf73ee579
[   67.919553][ T6580] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   67.919561][ T6580] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   67.919570][ T6580] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040384708
[   67.919575][ T6580] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[   67.919580][ T6580] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   67.919585][ T6580] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   67.919589][ T6580] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   67.919600][ T6580]  </TASK>
[   67.919604][ T6580] ERROR: Out of memory at tomoyo_realpath_from_path.
[   69.181558][ T6602] FAULT_INJECTION: forcing a failure.
[   69.181558][ T6602] name failslab, interval 1, probability 0, space 0, times 0
[   69.185442][ T6602] CPU: 1 UID: 0 PID: 6602 Comm: syz.2.142 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[   69.185465][ T6602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.185471][ T6602] Call Trace:
[   69.185474][ T6602]  <TASK>
[   69.185478][ T6602]  dump_stack_lvl+0x16c/0x1f0
[   69.185491][ T6602]  should_fail_ex+0x497/0x5b0
[   69.185504][ T6602]  ? fs_reclaim_acquire+0xae/0x150
[   69.185517][ T6602]  should_failslab+0xc2/0x120
[   69.185526][ T6602]  __kmalloc_cache_noprof+0x68/0x420
[   69.185537][ T6602]  ? __pfx___lock_acquire+0x10/0x10
[   69.185548][ T6602]  io_uring_alloc_task_context+0x9e/0x690
[   69.185561][ T6602]  ? __pfx_io_uring_alloc_task_context+0x10/0x10
[   69.185572][ T6602]  ? find_held_lock+0x2d/0x110
[   69.185585][ T6602]  ? __fget_files+0x1fc/0x3a0
[   69.185599][ T6602]  __io_uring_add_tctx_node+0x2e0/0x500
[   69.185610][ T6602]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[   69.185625][ T6602]  __io_uring_add_tctx_node_from_submit+0x89/0x130
[   69.185637][ T6602]  __do_sys_io_uring_enter+0x1277/0x1670
[   69.185648][ T6602]  ? __pfx___schedule+0x10/0x10
[   69.185661][ T6602]  ? __fget_files+0x206/0x3a0
[   69.185672][ T6602]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[   69.185682][ T6602]  ? fput+0x67/0x440
[   69.185690][ T6602]  ? ksys_write+0x1ba/0x250
[   69.185705][ T6602]  __do_fast_syscall_32+0x73/0x120
[   69.185715][ T6602]  do_fast_syscall_32+0x32/0x80
[   69.185724][ T6602]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   69.185737][ T6602] RIP: 0023:0xf7f33579
[   69.185744][ T6602] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   69.185752][ T6602] RSP: 002b:00000000f500c55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[   69.185761][ T6602] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000003516
[   69.185766][ T6602] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.185771][ T6602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   69.185775][ T6602] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   69.185780][ T6602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   69.185790][ T6602]  </TASK>
[   69.253489][    C1] vkms_vblank_simulate: vblank timer overrun
[   69.318788][ T6594] ALSA: mixer_oss: invalid OSS volume ''
[   69.615869][ T6612] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input18
[   69.698117][ T5948] Bluetooth: hci0: command 0x0406 tx timeout
[   69.813536][ T6599] ALSA: mixer_oss: invalid OSS volume ''
[   70.089453][ T6620] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input19
[   70.258353][ T6607] ALSA: mixer_oss: invalid OSS volume ''
[   70.665306][ T6633] netlink: 'syz.3.150': attribute type 1 has an invalid length.
[   70.668898][ T6633] netlink: 224 bytes leftover after parsing attributes in process `syz.3.150'.
[   70.727699][ T6634] vivid-002: disconnect
[   70.786123][ T6636] Driver unsupported XDP return value 0 on prog  (id 31) dev N/A, expect packet loss!
[   70.820596][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[   70.861434][ T6640] netlink: 596 bytes leftover after parsing attributes in process `syz.1.152'.
[   71.132691][ T6649] binfmt_misc: register: failed to install interpreter file ./file0
[   71.136005][ T6649] Cannot find map_set index 0 as target
[   71.138414][ T6649] gre0: Master is either lo or non-ether device
[   71.389258][ T6630] vivid-002: reconnect
[   71.454749][ T6658] bond0 (unregistering): Released all slaves
[   71.913798][ T6668] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input20
[   72.195343][ T6675] wireguard0: entered promiscuous mode
[   72.197059][ T6675] wireguard0: entered allmulticast mode
[   72.511959][ T6684] FAULT_INJECTION: forcing a failure.
[   72.511959][ T6684] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.515956][ T6684] CPU: 0 UID: 0 PID: 6684 Comm: syz.1.166 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[   72.515967][ T6684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.515973][ T6684] Call Trace:
[   72.515976][ T6684]  <TASK>
[   72.515980][ T6684]  dump_stack_lvl+0x16c/0x1f0
[   72.515993][ T6684]  should_fail_ex+0x497/0x5b0
[   72.516008][ T6684]  _copy_from_iter+0x29b/0x1400
[   72.516019][ T6684]  ? trace_lock_acquire+0x14e/0x1f0
[   72.516031][ T6684]  ? __alloc_skb+0x200/0x380
[   72.516041][ T6684]  ? __pfx__copy_from_iter+0x10/0x10
[   72.516049][ T6684]  ? __virt_addr_valid+0x1a4/0x590
[   72.516063][ T6684]  ? __virt_addr_valid+0x5e/0x590
[   72.516074][ T6684]  ? __phys_addr_symbol+0x30/0x80
[   72.516085][ T6684]  ? __check_object_size+0x488/0x710
[   72.516101][ T6684]  netlink_sendmsg+0x813/0xd70
[   72.516117][ T6684]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.516134][ T6684]  ____sys_sendmsg+0x9ae/0xb40
[   72.516148][ T6684]  ? __pfx_____sys_sendmsg+0x10/0x10
[   72.516159][ T6684]  ? get_compat_msghdr+0x11b/0x170
[   72.516176][ T6684]  ___sys_sendmsg+0x135/0x1e0
[   72.516187][ T6684]  ? __pfx____sys_sendmsg+0x10/0x10
[   72.516201][ T6684]  ? __pfx_lock_release+0x10/0x10
[   72.516209][ T6684]  ? trace_lock_acquire+0x14e/0x1f0
[   72.516225][ T6684]  ? __fget_files+0x206/0x3a0
[   72.516239][ T6684]  __sys_sendmsg+0x16e/0x220
[   72.516249][ T6684]  ? __pfx___sys_sendmsg+0x10/0x10
[   72.516265][ T6684]  __do_fast_syscall_32+0x73/0x120
[   72.516276][ T6684]  do_fast_syscall_32+0x32/0x80
[   72.516285][ T6684]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   72.516297][ T6684] RIP: 0023:0xf746e579
[   72.516304][ T6684] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   72.516313][ T6684] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   72.516321][ T6684] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001200
[   72.516326][ T6684] RDX: 0000000004000080 RSI: 0000000000000000 RDI: 0000000000000000
[   72.516331][ T6684] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   72.516336][ T6684] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   72.516340][ T6684] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   72.516350][ T6684]  </TASK>
[   72.720430][ T5964] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   72.869697][ T5964] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   72.873182][ T5964] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   72.876540][ T5964] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   72.880721][ T5964] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   72.884580][ T5964] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   72.887362][ T5964] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.890811][ T5964] usb 7-1: config 0 descriptor??
[   73.299728][ T5964] plantronics 0003:047F:FFFF.0003: ignoring exceeding usage max
[   73.303247][ T5964] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[   73.309756][ T5964] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   74.522447][ T6723] netlink: 24 bytes leftover after parsing attributes in process `syz.0.177'.
[   74.526066][ T6724] netlink: 24 bytes leftover after parsing attributes in process `syz.0.177'.
[   74.535985][ T6725] xt_cgroup: invalid path, errno=-2
[   75.580869][ T5964] usb 7-1: USB disconnect, device number 4
[   76.028958][ T6767] ubi0: detaching mtd0
[   76.271684][ T6767] ubi0: mtd0 is detached
[   76.619120][ T6781] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input21
[   77.113823][ T6804] netlink: 'syz.2.200': attribute type 8 has an invalid length.
[   77.116328][ T6804] netlink: 8 bytes leftover after parsing attributes in process `syz.2.200'.
[   77.956786][   T39] kauditd_printk_skb: 40 callbacks suppressed
[   77.956796][   T39] audit: type=1326 audit(1737710703.514:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   77.966999][   T39] audit: type=1326 audit(1737710703.514:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   77.974431][   T39] audit: type=1326 audit(1737710703.524:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=433 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   77.981733][   T39] audit: type=1326 audit(1737710703.524:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   77.988779][   T39] audit: type=1326 audit(1737710703.524:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   77.995642][   T39] audit: type=1326 audit(1737710703.534:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   78.002371][   T39] audit: type=1326 audit(1737710703.534:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   78.009740][   T39] audit: type=1326 audit(1737710703.534:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   78.016228][   T39] audit: type=1326 audit(1737710703.534:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   78.023509][   T39] audit: type=1326 audit(1737710703.534:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.2.204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[   78.131983][ T6827] netlink: 'syz.3.206': attribute type 1 has an invalid length.
[   78.134440][ T6827] netlink: 134728 bytes leftover after parsing attributes in process `syz.3.206'.
[   78.140889][ T6827] netlink: 24 bytes leftover after parsing attributes in process `syz.3.206'.
[   78.162844][ T6833] netlink: 40 bytes leftover after parsing attributes in process `syz.0.207'.
[   78.204564][ T6836] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   78.682446][ T6852] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input22
[   79.437587][ T6872] netlink: 'syz.3.217': attribute type 2 has an invalid length.
[   80.042546][ T6902] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input24
[   80.214486][ T6904] /dev/nullb0: Can't open blockdev
[   80.741392][ T6917] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input25
[   81.001353][ T6924] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input26
[   81.074955][   T25] cfg80211: failed to load regulatory.db
[   81.698115][ T6947] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input27
[   81.980840][ T6951] netlink: 40 bytes leftover after parsing attributes in process `syz.0.233'.
[   82.244590][ T6963] netlink: 'syz.0.234': attribute type 1 has an invalid length.
[   82.247085][ T6963] netlink: 224 bytes leftover after parsing attributes in process `syz.0.234'.
[   82.257665][ T6963] vivid-001: disconnect
[   82.343803][ T6968] netlink: 12 bytes leftover after parsing attributes in process `syz.2.237'.
[   82.687066][ T6975] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input28
[   82.970731][ T6960] vivid-001: reconnect
[   83.196799][ T6986] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input29
[   83.799981][ T6997] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input30
[   85.284176][ T7030] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input31
[   85.548246][ T7029] syz.0.255 (7029) used greatest stack depth: 20688 bytes left
[   85.577725][ T7041] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input32
[   85.727983][ T7046] netlink: 12 bytes leftover after parsing attributes in process `syz.1.248'.
[   87.178333][ T7071] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input33
[   87.613042][ T7082] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input34
[   89.023691][ T7094] input: syz0 as /devices/virtual/input/input35
[   89.086300][ T7094] netlink: 132 bytes leftover after parsing attributes in process `syz.2.259'.
[   89.336593][ T7102] netlink: 596 bytes leftover after parsing attributes in process `syz.3.260'.
[   89.574368][ T7108] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input36
[   90.180510][ T7121] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input37
[   90.728398][ T7137] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input38
[   91.137061][ T7147] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input39
[   92.937429][ T7190] input: syz0 as /devices/virtual/input/input40
[   93.000011][ T7190] netlink: 132 bytes leftover after parsing attributes in process `syz.1.280'.
[   94.338891][ T7207] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input41
[   95.318659][ T7232] netlink: 16 bytes leftover after parsing attributes in process `syz.1.293'.
[   96.209057][ T7269] FAULT_INJECTION: forcing a failure.
[   96.209057][ T7269] name failslab, interval 1, probability 0, space 0, times 0
[   96.214271][ T7269] CPU: 0 UID: 0 PID: 7269 Comm: syz.0.297 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[   96.214292][ T7269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.214299][ T7269] Call Trace:
[   96.214303][ T7269]  <TASK>
[   96.214306][ T7269]  dump_stack_lvl+0x16c/0x1f0
[   96.214320][ T7269]  should_fail_ex+0x497/0x5b0
[   96.214336][ T7269]  should_failslab+0xc2/0x120
[   96.214346][ T7269]  __kmalloc_noprof+0xce/0x4f0
[   96.214360][ T7269]  ? io_cqring_event_overflow+0xcb/0x6f0
[   96.214375][ T7269]  io_cqring_event_overflow+0xcb/0x6f0
[   96.214389][ T7269]  __io_submit_flush_completions+0xf3f/0x2040
[   96.214404][ T7269]  ? io_send_zc_prep+0x696/0x910
[   96.214414][ T7269]  io_submit_sqes+0xa13/0x25f0
[   96.214429][ T7269]  __do_sys_io_uring_enter+0xd60/0x1670
[   96.214439][ T7269]  ? __fget_files+0x206/0x3a0
[   96.214451][ T7269]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[   96.214461][ T7269]  ? fput+0x67/0x440
[   96.214470][ T7269]  ? ksys_write+0x1ba/0x250
[   96.214481][ T7269]  ? __pfx_ksys_write+0x10/0x10
[   96.214495][ T7269]  __do_fast_syscall_32+0x73/0x120
[   96.214506][ T7269]  do_fast_syscall_32+0x32/0x80
[   96.214515][ T7269]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   96.214528][ T7269] RIP: 0023:0xf743e579
[   96.214535][ T7269] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   96.214543][ T7269] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[   96.214551][ T7269] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000497c
[   96.214556][ T7269] RDX: 000000000000e13b RSI: 0000000000000000 RDI: 0000000000000000
[   96.214562][ T7269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   96.214566][ T7269] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   96.214571][ T7269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   96.214581][ T7269]  </TASK>
[   96.455098][ T7281] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input42
[   96.468492][ T5954] udevd[5954]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory
[   96.471752][ T5954] udevd[5954]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[   96.978020][ T7292] /dev/nullb0: Can't open blockdev
[   98.528256][ T7323] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input43
[   99.347483][   T39] kauditd_printk_skb: 40 callbacks suppressed
[   99.347494][   T39] audit: type=1326 audit(1737710724.904:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7342 comm="syz.3.316" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ee579 code=0x0
[  100.578499][ T7381] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input44
[  101.508379][ T7397] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input45
[  102.986864][ T7425] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input46
[  103.755887][ T7448] /dev/nullb0: Can't open blockdev
[  103.826739][ T7449] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input47
[  104.777165][ T7474] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input48
[  104.790878][ T7471] block nbd0: shutting down sockets
[  105.666163][ T7501] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input49
[  106.707270][ T7527] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input50
[  108.948723][ T7592] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input51
[  110.935096][ T7624] openvswitch: netlink: Flow key attribute not present in set flow.
[  111.835598][ T7649] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input52
[  112.546700][ T7650] syz.3.391 (7650) used greatest stack depth: 20192 bytes left
[  114.497859][ T7704] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input53
[  114.860950][ T7714] netlink: 12 bytes leftover after parsing attributes in process `syz.1.406'.
[  114.872241][ T7714] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.665164][ T7760] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input54
[  117.484414][   T64] ==================================================================
[  117.486931][   T64] BUG: KASAN: null-ptr-deref in l2cap_sock_resume_cb+0xd0/0x130
[  117.489262][   T64] Write of size 8 at addr 0000000000000568 by task kworker/u33:0/64
[  117.493335][   T64] 
[  117.494091][   T64] CPU: 2 UID: 0 PID: 64 Comm: kworker/u33:0 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[  117.494104][   T64] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.494111][   T64] Workqueue: hci3 hci_rx_work
[  117.494124][   T64] Call Trace:
[  117.494128][   T64]  <TASK>
[  117.494132][   T64]  dump_stack_lvl+0x116/0x1f0
[  117.494144][   T64]  kasan_report+0xd9/0x110
[  117.494153][   T64]  ? l2cap_sock_resume_cb+0xd0/0x130
[  117.494165][   T64]  ? l2cap_sock_resume_cb+0xd0/0x130
[  117.494178][   T64]  kasan_check_range+0xef/0x1a0
[  117.494190][   T64]  l2cap_sock_resume_cb+0xd0/0x130
[  117.494202][   T64]  l2cap_security_cfm+0x795/0x11d0
[  117.494213][   T64]  ? __pfx_l2cap_security_cfm+0x10/0x10
[  117.494223][   T64]  ? mark_held_locks+0x9f/0xe0
[  117.494233][   T64]  ? kasan_quarantine_put+0x10a/0x240
[  117.494247][   T64]  ? lockdep_hardirqs_on+0x7c/0x110
[  117.494256][   T64]  ? kfree+0x14f/0x4b0
[  117.494268][   T64]  ? __pfx_rfcomm_security_cfm+0x10/0x10
[  117.494281][   T64]  ? hci_encrypt_cfm+0x202/0x7d0
[  117.494295][   T64]  ? __pfx_l2cap_security_cfm+0x10/0x10
[  117.494304][   T64]  hci_encrypt_cfm+0x1f2/0x7d0
[  117.494318][   T64]  ? __pfx_hci_encrypt_cfm+0x10/0x10
[  117.494331][   T64]  ? hci_conn_hash_lookup_handle+0x3b/0x330
[  117.494344][   T64]  hci_encrypt_change_evt+0x3f3/0x1130
[  117.494353][   T64]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[  117.494363][   T64]  ? skb_pull_data+0x166/0x210
[  117.494373][   T64]  hci_event_packet+0x9eb/0x1190
[  117.494382][   T64]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[  117.494391][   T64]  ? __pfx_hci_event_packet+0x10/0x10
[  117.494400][   T64]  ? mark_held_locks+0x9f/0xe0
[  117.494408][   T64]  ? kcov_remote_start+0x3cf/0x6e0
[  117.494418][   T64]  ? lockdep_hardirqs_on+0x7c/0x110
[  117.494427][   T64]  hci_rx_work+0x2c5/0x16b0
[  117.494437][   T64]  ? process_one_work+0x8bb/0x1b30
[  117.494452][   T64]  process_one_work+0x958/0x1b30
[  117.494468][   T64]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  117.494477][   T64]  ? __pfx_process_one_work+0x10/0x10
[  117.494491][   T64]  ? rcu_is_watching+0x12/0xc0
[  117.494503][   T64]  ? assign_work+0x1a0/0x250
[  117.494517][   T64]  worker_thread+0x6c8/0xf00
[  117.494526][   T64]  ? __pfx_worker_thread+0x10/0x10
[  117.494534][   T64]  kthread+0x3af/0x750
[  117.494547][   T64]  ? __pfx_kthread+0x10/0x10
[  117.494559][   T64]  ? lock_acquire+0x2f/0xb0
[  117.494568][   T64]  ? __pfx_kthread+0x10/0x10
[  117.494581][   T64]  ret_from_fork+0x45/0x80
[  117.494591][   T64]  ? __pfx_kthread+0x10/0x10
[  117.494603][   T64]  ret_from_fork_asm+0x1a/0x30
[  117.494619][   T64]  </TASK>
[  117.494623][   T64] ==================================================================
[  117.573984][   T64] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  117.576244][   T64] CPU: 2 UID: 0 PID: 64 Comm: kworker/u33:0 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[  117.579381][   T64] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.582683][   T64] Workqueue: hci3 hci_rx_work
[  117.584143][   T64] Call Trace:
[  117.585172][   T64]  <TASK>
[  117.586100][   T64]  dump_stack_lvl+0x3d/0x1f0
[  117.587535][   T64]  panic+0x71d/0x800
[  117.588762][   T64]  ? __pfx_panic+0x10/0x10
[  117.590136][   T64]  ? irqentry_exit+0x3b/0x90
[  117.591559][   T64]  ? lockdep_hardirqs_on+0x7c/0x110
[  117.593156][   T64]  ? preempt_schedule_thunk+0x1a/0x30
[  117.594816][   T64]  ? preempt_schedule_common+0x44/0xc0
[  117.596535][   T64]  check_panic_on_warn+0xab/0xb0
[  117.598103][   T64]  end_report+0x117/0x180
[  117.599434][   T64]  kasan_report+0xe9/0x110
[  117.600817][   T64]  ? l2cap_sock_resume_cb+0xd0/0x130
[  117.602435][   T64]  ? l2cap_sock_resume_cb+0xd0/0x130
[  117.604069][   T64]  kasan_check_range+0xef/0x1a0
[  117.605570][   T64]  l2cap_sock_resume_cb+0xd0/0x130
[  117.607167][   T64]  l2cap_security_cfm+0x795/0x11d0
[  117.608749][   T64]  ? __pfx_l2cap_security_cfm+0x10/0x10
[  117.610435][   T64]  ? mark_held_locks+0x9f/0xe0
[  117.611905][   T64]  ? kasan_quarantine_put+0x10a/0x240
[  117.613528][   T64]  ? lockdep_hardirqs_on+0x7c/0x110
[  117.615071][   T64]  ? kfree+0x14f/0x4b0
[  117.616311][   T64]  ? __pfx_rfcomm_security_cfm+0x10/0x10
[  117.618003][   T64]  ? hci_encrypt_cfm+0x202/0x7d0
[  117.619476][   T64]  ? __pfx_l2cap_security_cfm+0x10/0x10
[  117.621143][   T64]  hci_encrypt_cfm+0x1f2/0x7d0
[  117.622616][   T64]  ? __pfx_hci_encrypt_cfm+0x10/0x10
[  117.624236][   T64]  ? hci_conn_hash_lookup_handle+0x3b/0x330
[  117.626021][   T64]  hci_encrypt_change_evt+0x3f3/0x1130
[  117.627648][   T64]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[  117.629434][   T64]  ? skb_pull_data+0x166/0x210
[  117.630906][   T64]  hci_event_packet+0x9eb/0x1190
[  117.632435][   T64]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[  117.634238][   T64]  ? __pfx_hci_event_packet+0x10/0x10
[  117.635881][   T64]  ? mark_held_locks+0x9f/0xe0
[  117.637366][   T64]  ? kcov_remote_start+0x3cf/0x6e0
[  117.638937][   T64]  ? lockdep_hardirqs_on+0x7c/0x110
[  117.640537][   T64]  hci_rx_work+0x2c5/0x16b0
[  117.641941][   T64]  ? process_one_work+0x8bb/0x1b30
[  117.643512][   T64]  process_one_work+0x958/0x1b30
[  117.645047][   T64]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  117.646795][   T64]  ? __pfx_process_one_work+0x10/0x10
[  117.648441][   T64]  ? rcu_is_watching+0x12/0xc0
[  117.649920][   T64]  ? assign_work+0x1a0/0x250
[  117.651344][   T64]  worker_thread+0x6c8/0xf00
[  117.652765][   T64]  ? __pfx_worker_thread+0x10/0x10
[  117.654274][   T64]  kthread+0x3af/0x750
[  117.655491][   T64]  ? __pfx_kthread+0x10/0x10
[  117.656901][   T64]  ? lock_acquire+0x2f/0xb0
[  117.658263][   T64]  ? __pfx_kthread+0x10/0x10
[  117.659685][   T64]  ret_from_fork+0x45/0x80
[  117.661063][   T64]  ? __pfx_kthread+0x10/0x10
[  117.662515][   T64]  ret_from_fork_asm+0x1a/0x30
[  117.664141][   T64]  </TASK>
[  117.665582][   T64] Kernel Offset: disabled
[  117.666935][   T64] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:17:10  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000080000 RBX=ffff88804bd83180 RCX=ffffc90026041000 RDX=0000000000080000
RSI=ffffffff89ce4a80 RDI=ffffc9000e3af738 RBP=ffff88801332a100 RSP=ffffc9000e3af7e8
R8 =0000000000000001 R9 =fffff52001c75ee7 R10=ffffc9000e3af73f R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=ffff88804619da00 R15=ffff88801332a668
RIP=ffffffff81990e8a RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3217dc CR3=000000005b040000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffff88802b43ecc0 RCX=0000000000000100 RDX=0000000000000001
RSI=0000000000000004 RDI=ffff88802b43ecc2 RBP=dffffc0000000000 RSP=ffffc900269a7358
R8 =0000000000000001 R9 =ffffed1005687d98 R10=ffff88802b43ecc3 R11=0000000000000000
R12=0000000000000000 R13=0000000000007eeb R14=ffff88802b53fc00 R15=ffffed1005687d98
RIP=ffffffff8b288c07 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5033528 CR3=000000005b040000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851847a5 RDI=ffffffff9aad3540 RBP=ffffffff9aad3500 RSP=ffffc90000a07210
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303030303057
R12=0000000000000000 R13=0000000000000061 R14=ffffffff85184740 R15=0000000000000000
RIP=ffffffff851847cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50124b4 CR3=00000000716c8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000080000000 RBX=0000000000000003 RCX=ffffffff81764d09 RDX=1ffff1100cfa5d1a
RSI=ffffffff8b6cd2a0 RDI=ffffffff8bd26800 RBP=ffffffff90602a14 RSP=ffffc90002f475f0
R8 =0000000000000000 R9 =fffffbfff20bfee2 R10=ffffffff905ff717 R11=0000000000000001
R12=ffff888067d2e8d0 R13=0000000000000000 R14=ffff888023a1c880 R15=ffff888067d2e868
RIP=ffffffff8b25fa2d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002002f000 CR3=000000004a316000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000