last executing test programs:

1m22.740554074s ago: executing program 2 (id=2369):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x10, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x17, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x24004000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$sock_int(r1, 0x1, 0x1d, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)={0x28, r6, 0x301, 0x0, 0x20000000, {{}, {@val={0x8, 0x7}, @void, @val={0xc, 0x99, {0xfffffffe, 0x14}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x48045}, 0x20004000)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
r8 = syz_open_procfs(r0, &(0x7f0000000040)='status\x00')
preadv(r8, &(0x7f0000000680)=[{&(0x7f0000000400)=""/121, 0x79}], 0x1, 0xffffffff, 0x1)

1m21.802885357s ago: executing program 2 (id=2373):
r0 = openat$pidfd(0xffffff9c, &(0x7f0000000000), 0x20800, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000040)) (async)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000080)={0x0, 0xd000, 0x8, 0x0, 0x1f}) (async)
readv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/55, 0x37}], 0x1) (async, rerun: 32)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1) (async, rerun: 32)
r2 = syz_open_dev$sg(&(0x7f0000000140), 0x8000, 0x361c81)
ioctl$SG_NEXT_CMD_LEN(r2, 0x2283, &(0x7f0000000180)=0xe)
r3 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r3, 0x5111) (async)
r4 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000200), 0x1, 0x0)
ioctl$CDROMSUBCHNL(r4, 0x530b, &(0x7f0000000240)={0x1, 0xe, 0x2, 0x6, 0x80, 0x7f, @msf={0xff, 0xf, 0x9}, @lba=0x4}) (async)
bind$x25(r4, &(0x7f0000000280), 0x12) (async)
r5 = openat$dlm_plock(0xffffff9c, &(0x7f00000002c0), 0x2000, 0x0) (async)
close(r0) (async, rerun: 64)
mount(&(0x7f0000000300)=@sr0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)='anon_inodefs\x00', 0x80, &(0x7f00000003c0)=',\x00') (async, rerun: 64)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0x2, &(0x7f0000000400)=0xe, 0x4) (async)
r6 = syz_create_resource$binfmt(&(0x7f0000000440)='./file0\x00')
openat$binfmt(0xffffff9c, r6, 0x41, 0x1ff) (async, rerun: 32)
ioctl$SG_GET_KEEP_ORPHAN(r4, 0x2288, &(0x7f0000000480)) (async, rerun: 32)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r4, 0x80845663, &(0x7f00000004c0)) (async)
openat$kvm(0xffffff9c, &(0x7f0000000580), 0x2, 0x0) (async)
add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa)
socket$key(0xf, 0x3, 0x2)
sendmsg$qrtr(r1, &(0x7f0000000900)={&(0x7f0000000640)={0x2a, 0x11107b9e2a86ae61}, 0xc, &(0x7f0000000700)=[{&(0x7f0000000680)="92c3648ee82d20d4f5accb6b36e15214681426e27176df963cf9b1f7a6d150af4b3bec15e1f8211ed624c3b2e1cae8866a585a9dc6e7f9c6502113c0381057bc0b7442", 0x43}], 0x1, &(0x7f0000000740)=[{0xbc, 0x108, 0xa38, "154ca6cf57aaebd68f594e0704429a60abcfe2dbd1c4e3d69928389455102e6b75db5e2802585467b5e2bf29694cde3bc9b199d12a0fab4d727ab6b5ec22820e5936859ef94d0ae30e5946e92a084b124fc4a0921a8e94a523bedf3aeeb46cdc3ad72b3106a7035c1fa826edaeef93736b1ed334a93902189c6abb5c2930b0e1ffc26c9eb8883282a23ed201d06f473d65c63879a2563dfabb30e0de24f1d1f3b14cddd307f3aec84b26062cefc5"}, {0xd8, 0x17b, 0x9974, "ec767024bf45ef390756988c7d4748945047badd00c6339174685f9107f461fb7c8ef806f170e4cbdcf05db27235efc9badf4d3dbfffa75934361da9ad7c86a2a578f094997d81781542a71fdcb1e83a98ae0548cd48481b6a7b6c759cc7d3df0ba532f57ba48139f1a74d44b849a8f7275b6498bb5ee83787e83687768dbaa67ed18cdaff38a6314660f18980d7cfa87bd333dcc2235d7bcf4014a54abd50de7f751afa78a97a50a852501c73547bc711b3980b167c986d346ad11767751c2ddffa38cc32cac7f951a3b824"}], 0x194, 0x4}, 0x1c)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000980), r5) (rerun: 32)
sendmsg$NL80211_CMD_TDLS_OPER(r7, &(0x7f0000000a80)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x50, r8, 0x2, 0x70bd28, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x2e}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_MAC={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0xc4}, 0x4) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000b00)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000ac0), 0x2, 0x3}}, 0x20) (async)
pipe2$9p(&(0x7f0000000b40), 0x4000)

1m21.732869822s ago: executing program 2 (id=2374):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x9, 0x509503)
r1 = dup(r0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x6})
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x400024f9, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x40000000, 0xfe, 0x0, r1}, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(r1, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
chdir(&(0x7f0000000180)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x418402, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x17, &(0x7f0000000140)={&(0x7f0000000040)=@bridge_getvlan={0x20, 0x72, 0x333, 0x6, 0xffffffa6, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x2}]}, 0x20}}, 0x0)
rmdir(&(0x7f00000001c0)='./file0\x00')

1m21.732540892s ago: executing program 2 (id=2375):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$sequencer(0xffffff9c, &(0x7f00000000c0), 0x100, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r1, 0xc0046d00, &(0x7f0000001500))
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff"])
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="640000000027bd7000fcdbdf251d01020215000100040000e002000000213e92146611cf5b0400000008000900", @ANYRES32, @ANYBLOB="00000000e01e57d8d2223d094cc045a21f7fbc7599b57cff7a7758b28dd7b54d0bcd5996ac08ee592ec3968a303ebb89ba6bb73a65de6fe167d61f5937255a0438d58940d6ca883136d8357b26d075a76f05ecb41ccb005b2810894a88857bf9c36026d7a4f7264051fac0d86de8900230cfd1c405e097f23b157ed346e52ea1c3bf44", @ANYBLOB="0800050001"], 0x64}, 0x1, 0x0, 0x0, 0x88}, 0x80)
mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4000000)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = openat$vimc0(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_G_STD(r3, 0x80085617, &(0x7f0000000080))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ioperm(0x0, 0x9, 0x5)
r5 = syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$FIDEDUPERANGE(r4, 0xc0189436, &(0x7f0000000040)={0x0, 0x9, 0x3, 0x0, 0x0, [{{r4}, 0x1}, {{r4}, 0x3f}, {{r4}, 0x409}]})
rt_sigqueueinfo(r5, 0x2, &(0x7f00000001c0)={0x82, 0xff, 0xffffff09})
syz_open_dev$MSR(&(0x7f0000000100), 0x3, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, &(0x7f0000000140))
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
connect(r6, 0x0, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f0000000280), 0xb, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x0, "ee471a55b5e2c266422ef07bbfd7a61e37466e060403bbd8115bd48970e86a02"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)

1m21.510613427s ago: executing program 2 (id=2377):
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, 0x0, &(0x7f00000002c0))
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, &(0x7f0000000180))

1m14.215725887s ago: executing program 2 (id=2381):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRESOCT, @ANYRES16=0x0, @ANYRESHEX=r0, @ANYRESHEX=0x0], &(0x7f0000000000)='GPL\x00', 0x8, 0xae, &(0x7f0000000140)=""/174, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0xffffffffffffff2b)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[], 0x14}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000740)=ANY=[@ANYBLOB="400000001000030500000000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB], 0x40}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0xcbe)
r6 = socket$tipc(0x1e, 0x5, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$loop_ctrl(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x34c, 0x18c, 0x2b8, 0x182, 0x18c, 0x0, 0x284, 0x3a8, 0x3a8, 0x284, 0x3a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x164, 0x18c, 0x0, {0x0, 0xe0ffff00000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "83f0a574725c23587dcfbd695650fe91ad9f7783f34f23315a573f167f755eaff4d665d219fa653cdfd7ee1092b07e243bd3e81b17fa1a6a18d79ae45b76f817515ec14cdf53d785cfe1d638f578cf51801a954830bfb97c4595e7b07b7147a846d1a230f2e1053fd68b5c45f2847c271539bdbd0f149a701a72fc1f87ab788a"}}]}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0xc8, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3a8)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES64=r6, @ANYBLOB="347d5fdfdf486090ee73374498734103165b78835f3a610d5af00474f99377d95892550516a3dfb4212456e108f07bc8423151a32b55924f8f333cafa26e4278d0b65c198f493a0c31a947ddd09d6d6b3e59600be4b4b082e200eb320af63aa4918e7881513eb61ecc7aa1a894c87b73b809a0e440af87980a2fa341985c2ab9d039983e0c36160c9d9cad5fca6d02e3584607b28323229f172a08ad18603f97db573d3517fb90918702c5e1bbef77d8667539e3343f679286c4d0968fb13c5325d62c50967280133503f0c00f94d8a3723b6ad7ec4477998aeff693cd743b92cc", @ANYRES64, @ANYRES64=r2, @ANYRES32, @ANYRES32], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000000100)="bcbf84ba5782c5249ca32d619f449aeb6a21a7963aae66ef33d2a5e14f5ce6cdab05f21e7e2f28be4f537713608c47ae2d5646ddd8d581a9", 0xa, r8}, 0x38)
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x0, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

1m5.654881362s ago: executing program 32 (id=2381):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRESOCT, @ANYRES16=0x0, @ANYRESHEX=r0, @ANYRESHEX=0x0], &(0x7f0000000000)='GPL\x00', 0x8, 0xae, &(0x7f0000000140)=""/174, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0xffffffffffffff2b)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[], 0x14}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000740)=ANY=[@ANYBLOB="400000001000030500000000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB], 0x40}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0xcbe)
r6 = socket$tipc(0x1e, 0x5, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$loop_ctrl(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x34c, 0x18c, 0x2b8, 0x182, 0x18c, 0x0, 0x284, 0x3a8, 0x3a8, 0x284, 0x3a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x164, 0x18c, 0x0, {0x0, 0xe0ffff00000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "83f0a574725c23587dcfbd695650fe91ad9f7783f34f23315a573f167f755eaff4d665d219fa653cdfd7ee1092b07e243bd3e81b17fa1a6a18d79ae45b76f817515ec14cdf53d785cfe1d638f578cf51801a954830bfb97c4595e7b07b7147a846d1a230f2e1053fd68b5c45f2847c271539bdbd0f149a701a72fc1f87ab788a"}}]}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0xc8, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3a8)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES64=r6, @ANYBLOB="347d5fdfdf486090ee73374498734103165b78835f3a610d5af00474f99377d95892550516a3dfb4212456e108f07bc8423151a32b55924f8f333cafa26e4278d0b65c198f493a0c31a947ddd09d6d6b3e59600be4b4b082e200eb320af63aa4918e7881513eb61ecc7aa1a894c87b73b809a0e440af87980a2fa341985c2ab9d039983e0c36160c9d9cad5fca6d02e3584607b28323229f172a08ad18603f97db573d3517fb90918702c5e1bbef77d8667539e3343f679286c4d0968fb13c5325d62c50967280133503f0c00f94d8a3723b6ad7ec4477998aeff693cd743b92cc", @ANYRES64, @ANYRES64=r2, @ANYRES32, @ANYRES32], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000000100)="bcbf84ba5782c5249ca32d619f449aeb6a21a7963aae66ef33d2a5e14f5ce6cdab05f21e7e2f28be4f537713608c47ae2d5646ddd8d581a9", 0xa, r8}, 0x38)
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x0, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})

4.095194134s ago: executing program 0 (id=2951):
syz_emit_ethernet(0x4a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb08004500003c0000000000069078640101017f00000100004e23", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="ac0400009078000000ab01412ce5cf6975eb9690a88fa006d4000000"], 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_pidfd_open(r1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
ioprio_set$pid(0x3, 0x0, 0x4004)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x1a, 0xa, 0x9)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socket$inet6(0xa, 0x1, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/13], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r5}, 0x4)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000004000000410000000000000001000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000300005c8b09d40f6f24880cd93f3941fd8afeaca6b8cc9e2a2896ca7e2ea7e5733713255c77b0df3434a8fe12287e653f4c19c3abb0f33c554b6277d6db5ada7f757b7ac3fd2a463e17", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="034000000100"/28], 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x2dc, 0x1b4, 0x0, 0x148, 0x1b4, 0x148, 0x248, 0x240, 0x240, 0x248, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x190, 0x1b4, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x11e, 0x10, 0x2, 0x0, 'syz1\x00'}}, @common=@addrtype={{0x2c}}]}, @common=@inet=@SYNPROXY={0x24}}, {{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x338)

3.998563181s ago: executing program 1 (id=2953):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0)
ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f0000000280)=""/189)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, 0x0, 0x24008011)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_create_resource$binfmt(&(0x7f00000001c0)='./file0\x00')
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x22c4, 0x9, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x6}, [@NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0xfffffc01}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0xa}, @NFTA_SET_USERDATA={0x67, 0xd, 0x1, 0x0, "ebef199c62bd726dfe8e2b1312065cdd96b46c740e6b50bd86a807df3abda1a2b22dfd11993398cb6a9ba3f7c9640ce6fe04ff43c053068ed45f5c99984b853386f02bca93d05ac2b937bfa9d1206ad8f500e3f94590697ccf830c1d2de50492bfaaf1"}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x34}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @socket={{0xb}, @void}}, @NFTA_SET_EXPRESSIONS={0x44, 0x12, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_FWD_NFPROTO={0x8}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xc}]}}}]}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3d}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x5a9}, @NFTA_SET_EXPRESSIONS={0x21c8, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x11}]}}}, {0x40, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_FLAGS={0x8}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x3}]}}}, {0x14, 0x1, 0x0, 0x1, @byteorder={{0xe}, @void}}, {0x28, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_LAST_SET={0x8, 0x1, 0x1, 0x0, 0x7d0}, @NFTA_LAST_MSECS={0xc, 0x2, 0x1, 0x0, 0x10}]}}}, {0x28, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_NAME={0xb, 0x1, 'tcpmss\x00'}]}}}, {0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}, {0x20e8, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x20d8, 0x2, 0x0, 0x1, [@NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_BITWISE_DATA={0x20cc, 0x7, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1004, 0x1, "f35a21584bb9f8a630bff5f19821279dcdc767a309e1897fcd673b50b803de22d990ae2ca44a519a5957c100be340421bb4a0f4f680a80c9a1d8eb9b9e0716edff188f13ac14c8876fa6797468815eac5064d9beac8db5d667c7339c355734efe00a646f558ea13c2524ca764bed928895666a24eaabba060760393ab48a66c70f39db387932f3f505a975bdb5141c192de5ad353ff4f2b9713ac04d9d1ba5fc2c43977fa440014b899c5e40d967000c34b25abdee99955885424a10b83580f5318a2c30ad419868f1d17b9b70220af8e06297fcfe5bd9b49bc3683e327f4823e381930a8767f7c837e34975f49a062a2ad5a32fef5275720bf68086bbb66b19a167aa57881f5ffeab90d9f3e00080f2194ff4baa4d1ed7e965b8a89c1f3e4e0d58d7039c373ba7e80b16181e02180ada5e5addc12a8dd11454a28da1bd12a157e0f02ec8ac863afca7ffbe4207133aaa71f4cc6571a9a59d4bcd32f5a3d644894c40bebbe532208fb8ca4982fe54845b3833e622487b27c72cd9df153b4ce6f186d19068fad9de8aedbb11b7aa5dc9e0bf91b881a113ba0c1294d4689586ef74007a281aae89214c86d0a38a587a9a56184939ed7078d915ec669906778c8f7077280de38710b431d6bedd900e7e6a9005698f4c25275d91a6848ce584bad9a0cd62222b1d521ca1be0e0ed1cefebbcf74af672edd1e7a637861dc392cf0f0aba004c7c1cf985e1cd937ebdfb438ab054ff587d43d76ede7d4684dd0303c4d483575dd0a36d7d974a72d09765e7483a60cd0d7a53f4f63153e63aabc984a34e719a175dafd286d57f31d3477acbd7efc80c331466896ff445fd0cf5d63e2b2704c878978050c1ca18caad6c5182db320ffc6714cc48d3ef6f36dc5d9c0d0722d561b0e3ac75210cd434ce5c2557d589ba28bc82100f763fc199774f229093dbb79b0cc89de399ab463a9db5c7e704bf5b19c64e0e60bffadbfb0a3f8fd9768ab0c5f4e92c7944b2b6283cb57dfa005d5e71966a89f27712a357a5a26466aff6e3db8e1127b6487b828f25fde27465da7fba0c6117a48f9304db2e7e08c2ec18008eca9ab2ef1c704296c7f62b93db43bc14bd3b16b2510b2417a437f27b38bc3b802f06bedb3f5fb0f8e1f5000dfba5361a535b2c7d22195ab3b00216ad0b2cbbf4d795e24abd2d159d5b2e46cfafce2314ca06af244591cbffb88efde5e579567264bb33c5881b841ef0ecf657304476f8821d696dce5725a3536f5f3662b0bf7f362a8886c753a0d1b7bc7e1cbaad08823ec28c8a866656fd0eea2d506d5398bc14464b74be41bebc7e97c1563a3afb036264e3373c6d671a6af8f32b2f9983660484a13068bb8680943a24d81e290dee281870dff5b680531990694b6a19ca7877251826da25ee557220484005baf0ff64a92363560aa4cfd5ae56516ba5e1223cb64aaab857000f13d405b1674d9c932da1a23f807a37ac262f6ef38ae3b53cf2f5ac21f56f7612f1a41fd9253912d375f25834b459c7f8c73a40ada7087c593d05314d473dfa3ba0cdf1026a0276b266c566c9f0f4b43260edfd55d969ce6f91e6ff350612254abdb3d287963978aef0a793a2a4056209fbf4f0bb2cb49cd4c9258ae70419c9f63ab856a770c37dcdfa891f7fb81a39da7c8141226a2c471fe0ed95125f06982a4488b5053f3660cbd07ad0bb68033fcab254d6ec7d3f03749be2b4a40155381486bc7ace5e3f96eb7ad1cd7420d8f162dd30472cfaf48bbdd2d58d91ebcaea4eaf3fe83fd4244187fa88348f659bbf65a595b1dc1cbd56fdc8018dbc0e9d4442859d955b10c7bea7704b1609a494530b4fa2ae7b3c1813907c5a1ae6f237a27462a4296f51e9544ba77ce8233499c71cb4550bcecf0915a1e49ca9a1af37e9edf6aaaea58727c288ba54a9c1e04c1829b9a98fdd1a6a90404d19b5833a338b7c288c80d999967e8caaa89851402b2ac981af2f0b43d1b9a8b4af82d30254fe43fefc02eb6062cfef30f5a2ac005fcd7af8506661d32bb75562dcd4dcaccdb79509c351f0f08d4012259011daa42b0551b8416e9a7f96a9c487044058d6ed2230b7a8ab0731f4388591045083fc27f88b83e5f2dd7e1dbfcd16035894c8c0a9a91f5b4d02d90277c9805e5f14f842c7f939dd9056926de056ce45fcf3d024583dfd66ebec1717c1b861ab38ca2a76b7af3b78c8c5f4942dc32c127b7fc42b14e845747bcda549073ba9ed3a0f9d728abc04cbef94891b61cc71bfa2c24922ef3a3cfc961089bf08794a0800ffab5406bf9b4cfb1a4b6949fe3e04fe6219e15c2bfdbe5bf72bb7febee1ef5936fe71dfb1ab977f0bbc4fd3718157ca8ec1b73d1b6da089554456a52f9b0de3372dca4dc57e3fa9aaf3dcbb0df56243eae9fb9a6e48ea52d1634ade1e1bc9a6c5d161ff188306192b5abffdd2f825c518edc975c3048ac904d3f845996c1ba7e55e39f61e24a763d8bbcdc801ab1cec559dc51d3344da8c62a0fcebba56358210af029b262a607eb72e212257b61670be1a916c0b81eee2d08cf339b1d09f0065f710ee0a92d352682b1a8c5c9a164f3a20628b3d6bb64627048b7fa894f9869c57b68ef1188da176c13007d910367e25da88c13afbed0ac4b8cba35b55a64e085e098894cfeed8b2cedfbdd17ad8c40f9df0978c5c31a80be20a10b949550ea3f66dedabceab3a970f3e487b19fcd64b6da1e54256d507d0f4119a7aed697afe2888d3f271786e585e59f78acc44af936e17b7436f2de531d1b66476619e24243702245317d8c76d3bf48b2c37d14de0f85cdd28a503e0b3c1d94ba87b917606431792f67234950dd68da0fa48efefa93a5c7cf51a2792c43a8bbdf9f74ec8edb46a401683aa3b608e58524e962b122fdd6797a5ea7b516f456f3347e7c8f115e920e2254def89616635b8c1b611f7d7521940a5b33eda845c63a01d61ea9a4c6118ed0f225e93c545c45895abec8e4f5d015fad4d65907a7938fa88376f4b7768a181fa178c439d32982172a151991f2cb64785fabbdaefca8f971e7cb3a2ee85549fd20425f69d9f0fcd3ccbc5d4d3ce0a5532204979dfe11679f168530b74bdf85dea0d466991ec56de0c3a902cc42117c210ee0889f81867d34292cc445be874d653906b47309a1bb4a37a60013e06932d221272d0f3243ab26c1b91074b52d80e89c0240f9d02954acdff452037bd8033ff97fc89da637bbd3b072c261c748722fb35c4d186a0f698b25c3b38b2e84fd98800d67b9eaa6d766e173df0e390dd801aab03a6ac2e43422c6cade0dede5ee3e7b017f45d59abce24dc5df756104937654d1616955225654b394d3f37117f4b31e9afc033c2307eafcb2efd3e51f9278a0ecb1dbe9b9b90b09ea82e6509d4ad03e9fa5ccf916b4af211a2b6912f1bc1d9584d23050a56ec3235ccedc35111920b884b4cfb281fb8623652622c895cfc6ec0c1c03a10e8f08928e778e5fc7f3359d7180a215c90b133b288998acda9ab92fec7bb57d7d5384e1a57dbe14b7f0132843876293aabd5fef98904f7abf33ffcce4d0ae0316db5cb68f2dc74ec381a655ec7f504af9d1038377a4448c09073a5780655e8345a06897fb7bf94332bcb92281af6a33c056df951805f70b40da3f061c743b7933599ae3f641de8406e05251e8cb7688579ebbdbee3b324f57055561c4624caebfaa51713cb0731b38d3e528ce0db51200f1f5d9a023af4a25295cfdc24104f8b157e15dadd5ddba6e99e12065f3a622ecee278788fbd1785ebf9fbf2725bc304492c0004097a08ab6fc1741832d18069aa744e1ccf184fdb3f20b5691c1191bf81b4644fc5a2bf2de90a49d4503b39730a7027f9735ee0877e794ae51ab63dba7d0253844ca8c541142ea64dd8b785e76ef4b502bd466136eb5206577ad5163908e7a1c4cd5cd30201255f46472debf6aa5e1e1f74679a6d4a2228abc758e15a8da94ac8633f656083a162ad02fe6d50079d9855c312a7090a7f5cfd6f4b91bef1a9e75a52be6503e230b56331ba68f245a2b53f46b070c14ff7c54a2e29b9fdd047eb03de1b70a52970ed52a6208846a836ad4339e87bb9d58874175d667c48b8c27b98d3b523437bdb95a558c3babc02839652cac1eeb826034a15ad0c69a571fb4f25596d9b7668d3aa12e7cfb56ed26d095efb5f8b52e3d40e8b2ec823a6cff6ae9c5c072ace277109642a50d3c23e307f924c03f3b855741815f20fd7d404bb0fcf27d867b53481634542e947a8056f13f53bddd7e103ee87f371dec2dcd3a02a81ef809772c8f6da51a476fe35f26b1ef426fae630fe70e62106823ed4e7348605975a6319a0a3fa40b6e9b4710cc05cd361ee0c0e0c159f296859d5438956b8ef31a55e270a3c03957499863c93efa2705e496a5942defe036e11ecd5a8110ba71cbb9ca8dcb5568d3f32d8560e087e654727dc0118cee9f3a78e54e34d31b66503ce1ca78467b08e0d00a281b5b213fcf8436931e66c3c5de90f56f055b0c3fb70b3025cbe4c22d6cd1591e3912eb933d97d630cccbfeff037b2bab014e981d5652c1218903560ee6680e933c62c90b0d750aa7d64f74d2e7579dbe840530a5df028a9dc56677a7850553da6b77c349e8d3e5e53af3074d5a105ed90d505731c70448847a27706b9c5f1476c5021bdf99a3f5cd6927e60f76336367fea57bae396e528d03a4845365d3ff548450e2efa6478e2e293eb8914f7f3a432736044a87b2730213db26278e1ee4144383e58753592db4a7910947e6b8ad38e2435b470cd324c6b7ea224463059089734c630800fb629e6cb04601ee6208d650058d0e1a4ac885fa27a7cebf215df5c80e5877a78abd72626e16520d99ebf932b9d0d66ba5d464c619cd06e1851019c930af00aabe1755254849651008613622a7c31984f4a228c7db9119610bff963e6c22dbbbee1e5e8a1054cbe54e2c8a2f641c56365fa942658f99da5f13035de6cd6a6d51edee0d0e0a07d2784b9fbaea107a28d0c29b5c72759425ba55674c0fedf636e7bfb966b1bb0033581e8981662febe1a01c50e84479be38a4736f874af69e907e7899e7d44535d37453413f90454de55d3cb2e1763f630cbfe3e9ca9a18755808552083310c4a5d356a3cb15e562c048f6cd04a441546239f469bfc6fa4229da6ab3624adc65c32bc86e2eefccbbccc8db72d0ca8ac64516089a9299255c2b32d0b1bb947441a4e545c85968b338d5b81fd7d2e2632a76d9ba60db5283cd0e6cb025b6882a5f9f3e7f0427aaae9fb20cc548895107ab11d583d8dd216aa8e179c02b4b3a5b67adb92565a246949d273089da896a5052935abef7647e540a3dbda6cf2b7b92955686b548208b8e2fd21789203a9f1c03774a3d169c8cdd5b3a7b0b6f368186174a790e600788aa7fb4c99b8e1427a17c9f6ab66b1c5e43f2af956aab42727c95c95803231f39c8bac6da309066f5e5becbad8c83dbcb7638f36b94311fde47d8ccd2d0ecce72af15a3c6c40e99aaab177e6ac59d101b37a25c5b8853a39722a14bc56f2ae9a91db526bfc093839d92219b216abdb773fefab53041bd5564b513da3c09accd06f96a04a75900d3f946d6ba85d4860c92a70bae0b4bfb214bf2f8a8e2638eefff87373edb9efc91352b4fa5d098879b5b70df1fc1c2ef2e555567c9f7f6113edd7a3b8a8626488aeeb4d7529fcf04c2222c1b17a0dc6001b04bb5736df97d8a8f1b6270f81bec1b8d1762036ed8b7e4b4967f397df8fe738f23b25477d15178c608"}, @NFTA_DATA_VALUE={0x1004, 0x1, "b33b98ad5a3807c3ee4bd73a72aa8076b52cee3af44d7e0d12a00855158fffd19a6b193abb8839018c106f90e5b81160469563e6506787317dd218c6ff954af846388933712944accd5112841fc15a7ab55bae4c00535db4731af5bd5e2096d7ea33052b93fc679f981307bd0d485f11c7f0ef58e1567eb7bbc8dc4f88fc70d4b85be6dfd97aa6566f8d4feb8afa6133e3beecaa10299f9cf2f46854a4d8509f62a055319d4b2354e942b112a98e00466d9bef7a6e3fc67767163da7fa3493b9b91b9b7dd19288ab6439a66d5a38e1dcfe3058bd9867286d755b01d43777ae4364dac28e2eced4d00e5d29ce201dd27545edb7a18273ff619253498bffc5824f7a3a3588d850ae72e26fea88b3b41269581be851d2c0db4d578b7308c44d33eac608c048f9ebb2fc611cddc5fce4bb7a642fc29ff003a8c490bce2861905f3b07d490dae236604130fd80d94d16fcbcb7f5d820341d130cd574c05db1faed5821b31fb19026b6fbcf766ca8a28096208547ffc5d2fb61ba16753dae1ed9eaf54f686bc9de564314a2df4bc48e4ba1b4e1b9027b8b0c6491805843115af98940cdefa3c566fae3abbd39551c4dcf87ce7c104eb1aa0c735cd729e6870d33c129dd98f3610e52bf73a7561cb6de9b889f76fcdf6d7877e608fa4cf3e4dc65a0bdb23d5eade911f74ba1581090d1f3299fa355c83a4f2bdbdd358469b046c1cae08a0959388390a0e5ad272720a4eeff4d7a5e2042d7ee98e8ced1df971aefc3f001d306e8820d782fe7973a313e4254ee4367b7c2e4277764218c38dd6e0e8ff4892c7323178a8e85d5b0ff65f7e177882d32f9e847f74dfca1c1ecb975a006c7e07170bdc3c49941e182e877886a0248bae096cef668178825cffbbdf1a27dbfc746dbab8e568b7a8b1d6e3bf99fefef5ea5a6d0c056c96ae1c46babbdd2eb36286a5c499e1f4731669180951d70a1349688d473caacc62add6c852afe473d0671ac62f7e160866cde1795b76b9324dda8ec9e8176664e3b20352b1536a5a8d425256acd0522ed4cf1df4bac847288def990f7ffa0830bb66af7ed6aee570d1fc9a8b8e20f01612a615095844936d631ca3901001c7008176700f196d3fe1a8adf34060d6c00794f3c5938b53a990d83e3076ed06f04944f8597b48da8b9368b3bef90aaafc1648849f4192adf3b25e45364968b5a477097bb0a49af6240067f3bd09b876d42ee7c13a07a67f4b6d69c499f069dd9d1796ecaa8c374bc5ba8beb946e5266da187eda9f3ac5b8c3d5a1402c370dabbb8e2d4864935dfdc58cae7b3ff70891730980a5862adb8c2ba8f932c008a9066b12c2ca636ff42900ac8c2e7b63a64aa71a895a13a0537ab9467b24e717245e3532a9ce21bb5b4914688644614a66cd7b98ae11a7bf9a950e86a8a9d3790f5c969b46da534e0a6a61db356cead566eea943eb8ffb0142b3a76257930086a52ee725e384457e7a2b81a60b3cabd9a0f52dbf3af7d83b7d0326c9d8177ae917e754209739c304e151aeb56bfc131b557f2565045a7a6388680c248d9e0f429efc68b9e9a1ca3b45fecaa2bbffdbc9d1a2c0b3d1dced23aee8e519d80cd5c236376063bad5df3379557b8b6d87f507788ab4201510604e9f1b71149ec267109c94dd505a969e2c10a5a0c31e33075f688553a4eb88575af2db153e0f82abde7b880652d49dc352c1368c9727014acbe5e54f0031dbf9eae77ac925383a38e8530ccb209ce55acf7f6da19543f091a1d009c7eddb5ba4057af547135e709ece566c3a1146ca57617b78c3c1e82f4e9813f05109b2aff25da0e17474259ef9311211bb0cf0c2574db0262677c9725a3005bc374ef3c5fea1f4345ece80990593f1065910723e49898fe75db30c2b6e27b96a1529efb42e7dcd297a3ca5050c93155eafe1cbb3d850116ed8de2028299e628e127a5fffab2380d96c2dbe5e8febca99a2412a42ec0791eeca8dc6cb4c3598f63ef55780696a8722e554c99efee20e69d3f9186e8ba8282aafd9c75cbb71bb98aa26d5fad730d90458ff08557d70150dfd5d1f9c2cf25017dc7c31cd8b645550b7ee140ea56ad20da3f55cc1f1b4a983fce6ecdc673036ac345410cda98b4e2d254afa3c1f1f87434343d570279f4d8b98f4353fee02023f81f68f9d68a75fca75bbb7cdf432eda621bdf3a838f89e7e0314d3151ee686a08e01a3a1029f7bb92b45660462abc86a6da29bb08a7e8f3befe11c158059ea099ce412e1e36c606d9e072119fde41f9e6d065cdfa57d844f055c04430239e82f05b0a88fda7282bea19b70c7b41a03b8d02f7121afcfcc4ab4f6fea57d254f017f776a6a3830e1f759dd39027e690ab7b7a3a541b5641ded16d62f1a844abc35d85150dcb9536134ced85392d21410354f3d77d79e596e235294c79f361d2fa4a613fee31e4f12d5c0cf390cbfdbda3631b588068fc29bb5b471c3f4411ec04d98107c51c96a3e5ea312f64c2a074ca8c0d21677dd461f2c7e80e0986830c528066177ddd09024a030847c8c9ae1de187d91783b7be430651c49587b20b668793e49be3e741eddee7e34efcc0006614fc5c73cdc8955ac47d9c82ac0d4e21869ffb1922d525a885628ca3cc11afb4f321cfa55b1b03ad89b7fe5d2797a795de25f5636ab77b86ed659b80bf7a0a31a5da42a4ea2c1ed833dca915dc8156541293099a2cb51b58c0498a8bbfd467259add0ff106ffd29363a08cb1b838c0e50686ac4ce13696ece3317068a5d98517337727d565d70cfb11116998b2ce3e482e8147066a17501e8819db19472c3b6f79bd265718ecfe9e9b517ea11251450c9a5c3f780d53c28b8daab0bf22c5fc941a5a261ae7a34d8d31258bc8182f55232fb81882fd2e999dfca52537ab8c942341d270fb6f44de59d21fd4f20a97eebf9ba94af5e049fd134e7533157fee6f2c30b6f9a0ab0f21da1dad46b1057fd37b395a4d694e567d882d191d4044ae05b255badd422bacc9fe6204a5d0a2bc31d3ad028ab98bd580f044d5636b3c7ab681f7ea052fe6ea3163771ea2cce2ade2643a95e47cc50413ca6af823196c074ddcfaecccc492c4ae0f07be6b5bd3c57317bf692e2e1f3dc5e96d5422ae41967abacbe6fc7a37391edbed48f1b498d96808178e71a0d31cff28d53ad87614046e69d521885911570424b9d789c57129712b876123cd0aabeb0e0429250ed908e1f0881486939353a5916cfb0da2676761cfe19f6f33e68ce960ca1eaac4e539605888138f95fcd2c58bd315f19f2b0d5f8e6db3126f3d5445fbb5ef0375cdf8459212a701db5eec63a86e9591725991ca6405b1cececd41a317c45eccbb73a5e49df7467bb4d722c86040051716c6c7aa5842bbd24b1f24af13f16a4c7eaa50ca135b862a1e614a288752196afb1d37d13e25dc75e90738d8105b5a5daf9ce313f7609719a2355a5ed848077adf26aa28c47cf605ef99c87d23618462276d837a66397f1e893912eb4f915bb15a35f92c58e0b14a5731b2cffc4178d9b13ea30b1dd25a335bdce1e533058e50b4f76a58810cdecbb51e2cafc46e44534999d84f1c0887622accdd3f5ebe90daed3799edf877345167da3a4098c2dd63a38bec8ea5371974d50ae3780a8223b76d8323718ee9cf19e9bd4cf14da5be2f38cb667cc93b840a3b4c2be2d15d249025c71304effe522f0f3f1167f1532f54b4384625e4ce2bccb6620acee44d4016d4ead8d904461fc968d370b0b515753cc2a35aeaec3ac3b7419ffd7e7133d66c5706991065cca67c1a685e5d670c952eead97c6401f51f8d20f83912f5bda20b632f606e4d41bdf05808a2d28bf15547bf7d2c6c7e8f4a48219c63b6df28176504e3af672778c438aa6eca13201504c6fdd4ec7b2432e5e131417326370af445bc5f110745b3c6c6f86fe0bc502b38a7bcbc4547537dc9936e79bc3ba782c990270f0cf00e8536b5716882c6acb2d13f2c73b254b9ef73ae98a0e9163de1b491fc7ce3f49623a8ca47e20a0c5d355a99db61f19d46b062282b40b161ab152f73a0524c82043a6f4114d72729f6fa7233692eb9038d0474f5b262d4b2d4fc50c1bc2baa0617742d6fb3335b7b88f2e8050c0e4b215127d5b5b64ba90c93cb070467d002e9489f4d22e495d5f93450474c2a5f4c3b330cce71daf6cc06cc0c9e07887c93e079c3b3de4a629b40d7447a5d8f1903fe6583cd62d78ac1132291187c1e871784af3a518567463b77b83974860f65bdc2b2ad92e2a9f4875175498fffd435a62aa0f0b8def87a198371916893d2af630877dccd790c42cec8f4679607ce56e509b44973b93d26f6df9d3be4f10dba7963398d93bffe9443c267f8643b6515a00b356b29cae05b70d557b6bb65c09f8801d6e057049729c73d01db860f9135ca72aa157c173657f085dfef78691d7891589a9b9c9a0de20675d887d55f7b031cb18ab165ecdfecb37d75a250044da8aa4f4d20f9026a96ab55fdbcba55882f8fda0b2031cf62f33ce6a241fa3fdfce4ccc14dca9887f0088a74658e06d133d643c29853bdda0fc6ecd59eb51424fdea278ae95906a4055318f8e176b4f4857e21844754d3646584b862897dddb2f796203bf62e1a32554c4bcab8e95db9ca876138f6929ad4b0851fe5e1a787ac95099b81fb07de9c7218d1f3113accbb3430db04a25dd2581bf254aca59bf5584fab35388fe81954590ddc607b490f9d4ad11a0dbfdb64e2ec8b773e76cbf52005190c44e2b5c6b1c5371a7d04bfc67c4d1a6cdc5adb74f7477d627583a7342cbd67d2de063b8ea90f283a818a98faf782a789fedc1511df280b8b338b9c6f1d33d67c690fe6ffe9db8f2e15f2a445c71319d4072e5eb40e464a2f88b585695c789ccc69a7d485d102464e80bd1c59a821c505106841dbe5fa63a7fa1b88c599bcc40e130ae8aee4085af33b9babd0d6df9d4c9fcdbf543ad9bc0ca82762c675d838943302a2af381ef54df412fac35ab2252baa2fc95c638fb4df91ce2cac02ae8d3a9205ddb04a4170f1dfafc21f0f76d31037bd39ec85c62725463ab712be4c74173341798a4b052c257dbd2d5cddc9c7f629dea83e8eb8118960f8c4aa05f826fd45e7ed05032a61a3cbd775c9387b67c31c506fa44d535d6f33948efdf0737da2eaa9316c3923340da8efe424199a0e03167542ce60187d220d3fd9a8d59e19da21d71814fb2465320ab9ce53c078338ad31cac9405a0e9e5a980a9004fbf9437430c9fa827abb91a4d41157f7cb81fc66dc16948eb500aa34d7744ad3132374eafc931e2ba0662c03077718076ca88dcba2968b5adaf3f314e619bf0aa6183911faf5de6fda48f1be773cdbb496dd6d947361f98df6ced607113b6f7c03f7ee77874c7504d6c1a294520d5fde0d8f150d3e5c3b8c0102d469094c4e61cf99e5efa91c4def1d8de2007bcefab983d6ef85e8714ddefcfbd8faffa9adf5474ea02ed58f8da94db04dc414a567d748d5a5ff3d781c2b5884a4784735e225f4216e9bf242e0c17662450816d614a32214e8244477b89872c77e0b243e43c73c5d04792ff8f97286ef5de9d574f77f2a6b92799fd3cfa00879ba3a8d6afee58da85786c88e35d5a3dba67e96946254e692c70911f8196f0a50d2f9ef575423de48afecca94f1358138a8c2de5723b30d8bc352bc4db110bc691954ccce78fb34c47f2eba12952913dde5424f2a66204c4368ac07d636b2c48d418d06ddc2933e5393f811bbcf09b25ba6e1d8d6c5f1985448f4fba50ad4ab013"}, @NFTA_DATA_VALUE={0xbe, 0x1, "a4e7045abb94a7c11a0469e13b659ac5ba463e2bbae5feb8ade486476a836584d1d1a1fb01374dfce51cb1a2aabef59179a09432b6b45c6a49ba95ab6ef7582b02c7ec64d188cb03267a2af646926d9833534ea7f910b3d33e8b6a8b39801f96a63882c4bed1c78fb452f59edfa0c2063bbcf9253a3e1e5039f755d76101557019a4fe0e87033f25622a677a1ea0e86ac09da2c8dc2d31b0b7adeefb77673799cb0c1619c38bbbb924b2b51e82198fdd4be7a1740f77b02cd535"}]}]}}}]}]}, @NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x4}, @NFTA_MATCH_NAME={0xe, 0x1, 'conntrack\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELOBJ={0x68, 0x14, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x7}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_USERDATA={0x2b, 0x8, "26d6fcade04b28ca68e6ee66f9ad4fc5b09209f689b2e5efb9402cc8a525a064dfdb0552090017"}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x6}]}], {0x14, 0x11, 0x30, 0x0, 0x0, {0x2}}}, 0x23d0}}, 0x4004)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e21, @broadcast}}, 0xffff, 0xe5, 0xfffff800, 0xc000000, 0x12, 0x7, 0xc}, &(0x7f0000000280)=0x9c)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$IEEE802154_SCAN_REQ(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="1c00000075e25aaa"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r7, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0xa, 0x0, 0x2, 0x1}}, 0x20)
syz_emit_ethernet(0x7a, &(0x7f0000000c80)=ANY=[@ANYBLOB="195df410d42477b6d4f11b3286dd60aac4e000442c"], 0x0)

3.010041155s ago: executing program 4 (id=2958):
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRES32=r0, @ANYRESOCT=0x0, @ANYRES16=r0, @ANYRESHEX=r0, @ANYRES32, @ANYRES32=r0], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x0, 0x3, 0x6, 0x5}, {0x5, 0x5, 0x3, 0x9}], 0x10, 0x36, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r6, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c00000010004b0400000000000000007a000000", @ANYRES32=r6, @ANYBLOB="00000000000000000a000100aaaaaaaaaa000000e2f24b9d8bad991709"], 0x2c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r9 = dup(r8)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r10, &(0x7f0000000080)={0xa, 0x0, 0x400, @mcast2}, 0x1c)

2.419662836s ago: executing program 1 (id=2959):
r0 = socket(0x2b, 0x1, 0x1)
sendmmsg$sock(r0, &(0x7f0000001280)=[{{&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @dev}, 0x80, 0x0}}], 0x1, 0x20000001)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000002a87f2e32d87262e624b52e7df8b878596a5e91fe117ac1de4e9062809e09bd49f84b82a07e3eca09e3e39709d23049ce3f275ab0f37b871b12b0b5c9817b1cc88f7bba89b090d8f7f372575d23b6aa16627033fb8da2d3f99c8a1cea8515d9afa4cb74b58f56af87e670922fdd62f96f7c7cb1ec8e6fac44d430d72214e28908af3a6d5f75f3cb54440ccaf9e2bbe9bfb822d6c2ac2ce62d9f9c2b5ed3bbe669fe42aba001235c1d5d0147832c071c924668e11b0e1703615c3f8c7cfb329c4b4c8418c3091ddf9927d22fcd424cdd"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000800900030073797a32000000005c000000060a010400000000000000000100000008000b400000000034000480300001800a0001006d61746368000000200002800800024000000002040003000e000100636f6e6e747261636b0000000900010056797a3000000000140000001100300000000000000000000200000a7cb15e6e5674b27db816a027d27e8c86363997bd8bce8ca24299f681ded6bdb62d5057ac12b46483a2d0569d22323fb90ffed9bc317b6ffefb4d6260e82b15b8563798606ac0865994d3ed724032ac41bbb81c9a7eaef85cb0ed8df7d871627c41882cbde47f7513f3ff6c99e1e5e87afc3c5acf8ed35db8e32dd50578c23d2aa28f2543934f37332dcaf754599ba54e9c461e6b725a7306df0d5b36776b3b6a434e1f451f335f06b161ffeba4c0a80484", @ANYRES8=r3, @ANYRES8=r2, @ANYRESHEX=r0], 0xd0}, 0x1, 0x0, 0x0, 0x14}, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000100), 0x4)

2.36762668s ago: executing program 1 (id=2960):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r0, 0x1000000)
r1 = userfaultfd(0x1)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='geneve1\x00', 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22, 0x1}, 0x1c)
listen(r3, 0x2)
syz_emit_ethernet(0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6000000000200600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="84020000ac78c1020000080a0000000000000000"], 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x19, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1fb, @void, @value}, 0x94)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000ff02"])
syz_open_dev$ptys(0xc, 0x3, 0x1)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @remote}, 0x10)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000400)={&(0x7f000092b000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x1000})
r7 = openat$vmci(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION(r7, 0x79f, &(0x7f00000000c0)=0x90000)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000040000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000850000005000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='netlink_extack\x00', r8}, 0x10)
socket(0xf, 0xa, 0x1)
getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@deltclass={0x2c, 0x29, 0x8, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x1002b, 0xe}, {0xc, 0xffff}, {0xfff1, 0x3}}, [@TCA_RATE={0x6, 0x5, {0xd1, 0x8}}]}, 0x2c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

2.323879047s ago: executing program 0 (id=2962):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r1}, 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018200000000000003000000030000000020000000000000001000004080000000000000002000000200000000000000000000009030000000000000000000004"], 0x0, 0x4a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x11)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0900000003000000040001000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000210000d9d40045a091a5e1b900000000"], 0x50)
close(r4)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, 0x0)
r5 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x6, 0x281, 0x0, 0x12, 0x14, 0x20, "95ad4489a25673b5a955f5f736ef1f1c033d36c0ee69107626f72875ceb9332cb79ea25534348f613b34a61a895ec716fbdbbfe992a25b1f2a25f36b0fad5d99", "4a1982d41c7c4e8f704adce76f19e1f6b54de1571daea73904d4af73e6f9d403919e5f74b51629df746181d1ffbfcd1d5b56e8615f129d343b1aec97cbd8d551", "1b5a0325815abc1c406400", [0x0, 0x7]})
syz_emit_ethernet(0x82, &(0x7f0000000300)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @local, @val={@val={0x88a8, 0x3, 0x1, 0x1}, {0x8100, 0x0, 0x0, 0x4}}, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "0961d3", 0x44, 0x2f, 0xff, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x3}, {0x1}, {0x0, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x1, {{0x6, 0x1, 0x8, 0x3, 0x0, 0x0, 0x3, 0x2}, 0x1, {0x9}}}, {0x8, 0x22eb, 0x4, {{0x1, 0x2, 0x1, 0x3, 0x1, 0x3, 0x7, 0x6}, 0x2, {0x9, 0xe, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1}}}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x9, 0x0, 0x0, 0x0, 0x61, 0x11, 0x10}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x8}, @exit]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

2.249956558s ago: executing program 1 (id=2963):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x40000142, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x4000810)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000c80)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04040a00000000000000000002"], 0xd)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000180)={0x40, 0xffff1000, 0x8, r4})
close_range(r3, r4, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0403"], 0x14)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$unix(0x1, 0x5, 0x0)
r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000002018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000140000007b110000000000008500000005000000790900000000000045090100000003709500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0xdb, &(0x7f00000003c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa808100000086dd60f53a0400a13a00fe8000000000000000000000000000bbff02000000000000000000000000000102009078000005006050835900000000fc010000000000000000000000000000ff0000000000000000000000000000003a010000000000000708000000000000000000000000000077efe604d60ae419ba09bd362155e4bd0dabd73a98b2b72d51fc035fcb30abc6a0d7983a6caf4de785b33036d38010237e727f2954d9a558388898288478b2b5adc9393550c2ba59d321f1fa8caff0fe67ad26eff5d035c9197df84c292a73e84823c8d17745985b133e7cda17f4b76d319afabce387cd9d7467b3eac047bf8093f5f5857faa215addbf08daeb21aec14f9c0f19f38dfcb4fa38414bea41f41a8892ebbf358c606f7b4d847719f994a8509ac043be06cc0bd8ff1d8aa2a201efea314a0424"], 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)

2.117525366s ago: executing program 4 (id=2964):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000001f80), r0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), r1)
sendmsg$NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="07df250d00000008000100010000000c0006000100000001000000"], 0x28}, 0x1, 0x0, 0x0, 0x4008050}, 0x8880)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg2\x00'})
openat$nvme_fabrics(0xffffff9c, &(0x7f0000000080), 0x600800, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x3, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x0, 0x3, 0x3}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x34, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x21b8, 0x800, 0x1, 0xcf}, &(0x7f0000000300), &(0x7f0000000580))
r5 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r5, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r6 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r6, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r6, &(0x7f0000000040)=[{&(0x7f0000000480)="d29cec6544c983124df823574129f7cd7174560de7adf40871e7c6f099ef626e0386be31d77352f9fa57eac8317d2892280075c3df8e5124f71a159d07ff91b74715a590de312c9f32f7dbd8b9c39174cc0f912bf8dfc58d68fc242dbc8a9e9385368a16", 0xfffffffffffffefd}], 0x1)
setsockopt$SO_TIMESTAMP(r5, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x26)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000000c0)=0x1df, 0x4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r8, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x4000080)

1.357643765s ago: executing program 3 (id=2966):
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000080)={0x4000000})

1.357461853s ago: executing program 3 (id=2967):
ioperm(0x0, 0x8, 0x400)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x1, r0, 0x0, 0x4, 0x0) (fail_nth: 5)

1.299576649s ago: executing program 0 (id=2968):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x38, 0x1410, 0x1, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_STAT_AUTO_MODE_MASK={0x8, 0x4c, 0xf00}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000002c0)={<r4=>0xffffffffffffffff})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000b40)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r5, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000000)={0x1c, r6, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x881}, 0x4010)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x403, 0x70bd28, 0x0, {0x0, 0x0, 0x4, 0x0, 0x3ef}, [@IFLA_LINK={0x8, 0x5, r1}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x4c}}, 0x4004850)

1.170082992s ago: executing program 0 (id=2969):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/kexec_crash_size', 0x202, 0x0)
sendfile(r0, r1, 0x0, 0x2)
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r2, 0xc0106407, &(0x7f0000000000)={0x1, 0x2, 0x1, 0xffffffff})

1.169810005s ago: executing program 4 (id=2970):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x9, 0x3, 0x1c4, 0x180, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x210, 0xffffffff, 0xffffffff, 0x210, 0xffffffff, 0x3, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth1_to_team\x00', 'bridge_slave_0\x00'}, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x220)
pipe2(&(0x7f0000000000), 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='nfs\x00', 0xffffff8c, &(0x7f0000000000))

1.169467683s ago: executing program 0 (id=2971):
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000002400), 0x2102, 0x0)
socket(0x10, 0x3, 0x400005)
socket$alg(0x26, 0x5, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="09000000020000006d0500000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001000)={0x18, 0x10, &(0x7f0000000080)=ANY=[@ANYRES16=r0, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xc3, &(0x7f00000010c0)=""/195, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = io_uring_setup(0x1de0, &(0x7f0000000440)={0x0, 0x0, 0x40})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r6, 0xb, &(0x7f0000000000), 0x0)
sendmsg$unix(r5, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="10000b000000000000000000", @ANYRES32=r4], 0x10}, 0x0)
recvmmsg$unix(r4, &(0x7f0000000700)=[{{&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000180)=""/146, 0x92}], 0x1, &(0x7f0000000280)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0xc}}], 0xb0}}, {{&(0x7f0000000340), 0x6e, &(0x7f0000000440), 0x0, &(0x7f0000000a80)=[@rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}, @rights={{0xc}}], 0x13c}}, {{&(0x7f0000000540)=@abs, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000640)=""/28, 0x1c}, {&(0x7f0000000680)=""/7, 0x7}], 0x2, &(0x7f0000000f40)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}], 0x7c}}, {{&(0x7f0000000780), 0x6e, &(0x7f0000000e00)=[{&(0x7f0000000800)=""/190, 0xbe}, {&(0x7f00000008c0)=""/64, 0x40}, {&(0x7f0000000900)=""/99, 0x63}, {&(0x7f0000000980)=""/222, 0xde}, {0x0}, {&(0x7f0000000440)=""/4, 0x4}, {&(0x7f0000000bc0)=""/237, 0xed}, {&(0x7f0000000400)=""/60, 0x3c}, {&(0x7f0000000d00)=""/226, 0xe2}], 0x9, &(0x7f0000000e80)=[@cred={{0x18}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}], 0xa0}}], 0x4, 0x10042, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c)
syz_emit_ethernet(0x7e, 0x0, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)

1.169261633s ago: executing program 4 (id=2972):
clock_gettime(0x7, &(0x7f0000000240)={<r0=>0x0, <r1=>0x0})
clock_settime(0x0, &(0x7f0000009ac0)={r0, r1+10000000})
io_uring_setup(0x7c41, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x0, 0x3b4})
socket$kcm(0x11, 0x7, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x5027501, 0x0, 0x0, [{0x2}, {0x2}, {}, {0x1}, {}, {0xfffffffa, 0x6}], 0x0, 0x0, 0x8, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
r4 = creat(&(0x7f00000005c0)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'virt_wifi0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
r6 = io_uring_setup(0x1a70, &(0x7f0000000140))
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000240)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
chdir(0x0)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r4, 0x10e, 0x5, &(0x7f00000000c0)=0x147f, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r7, 0x0, 0x0, 0x0, &(0x7f0000000640), 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r8 = syz_open_dev$dri(&(0x7f0000000040), 0x100006, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r9=>0x0], 0x0, 0x0, 0x0, 0x1})
r10 = io_uring_setup(0x5b2e, &(0x7f0000000500))
close_range(r10, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r8, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r9, 0x0, 0x80, 0x5, 0x9, 0x0, {0xa, 0xd6, 0x1c, 0x7, 0xfe, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x5, "cb630dab3a0338057401a192419598961f50dc45c87d55b42a28b8f01c0e0e7a"}})
close_range(r6, 0xffffffffffffffff, 0x0)

1.089155579s ago: executing program 3 (id=2973):
ioperm(0x0, 0x8, 0x400)
r0 = syz_clone(0x300a211, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x1, r0, 0x0, 0x4, 0x0)

883.365017ms ago: executing program 3 (id=2974):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc01cf509, &(0x7f0000000000)={r0, 0x5, 0xffff})
bind$l2tp6(r1, &(0x7f0000000100)={0xa, 0x0, 0x2, @empty, 0x0, 0x2}, 0x20)

883.008805ms ago: executing program 3 (id=2975):
syz_emit_ethernet(0x2a, &(0x7f0000000140)={@local, @random="ce3500590a7f", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e23, 0x0, 0x8}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000340)={@broadcast, @random="67eaa8fce250", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x2, 0x0, 0x1c, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x4, 0x0, 0x10, 0x0, @gue={{0x2, 0x0, 0x2, 0x3, 0x100, @val=0x80}}}}}}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x17, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000000e4ff850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r1}, 0x10)
mount$tmpfs(0x0, 0x0, &(0x7f0000000580), 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3)
r2 = add_key$fscrypt_v1(&(0x7f0000001480), &(0x7f00000014c0)={'fscrypt:', @auto=[0x64, 0x35, 0x32, 0x33, 0x63, 0x66, 0x34, 0x37, 0x40, 0x32, 0x30, 0x63, 0x32, 0x20, 0x62, 0x34]}, &(0x7f0000001500)={0x0, "fa185215a1d7864aaa6dedfc56addf0b66f33565995becf56e7b1211e051755d6d841abf241561f04ee2b9397dee0aecdcfeecf8e508e39bbf57c8c761d95eb2", 0x29}, 0x48, 0xfffffffffffffffb)
keyctl$get_persistent(0x16, 0x0, r2)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
set_mempolicy(0x3, &(0x7f0000000040)=0x1, 0x5)
setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
socket$inet6(0x10, 0x3, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r5 = syz_io_uring_setup(0xe83, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xffffffff, 0x1da}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000200)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7be17000)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r8, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r9 = openat$mixer(0xffffff9c, &(0x7f00000001c0), 0x80002, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r9, 0xc0044d03, &(0x7f0000000180)=0x3f)

819.916992ms ago: executing program 1 (id=2976):
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000080)={0x4000000})

818.176407ms ago: executing program 1 (id=2977):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0xfffffffe, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x8, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x8}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x4000810)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x1, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r1}, 0x38)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x3}, &(0x7f0000000040), &(0x7f0000000080))
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r5, &(0x7f0000000040)={0x1f, @fixed}, 0x8)
listen(r5, 0x0)

70.071751ms ago: executing program 4 (id=2978):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}}, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c000a"], 0x528}}, 0xc000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x29}, @printk]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, &(0x7f00000000c0)=0x1)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000900000030000380140002007369743000000000000000000000000006000400ffe300000800030000000000080001"], 0x44}}, 0x0)

69.740865ms ago: executing program 0 (id=2979):
socket$inet6_sctp(0xa, 0x5, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000140)={'full'}, 0xfffffdef)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x7e33, &(0x7f0000000080)={0x0, 0x3edf, 0x10100, 0x1000, 0x183, 0x0, r1}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x43c7, 0x4000, 0x0, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
r9 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r10 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r10, 0x65, 0x1, 0xfffffffffffffffe, &(0x7f0000001280)=0x5a)
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r13 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
fanotify_mark(0xffffffffffffffff, 0x1, 0x4800003e, 0xffffffffffffffff, 0x0)
r14 = dup(r13)
write$6lowpan_enable(r14, &(0x7f0000000000)='0', 0xfffffd2c)

69.525103ms ago: executing program 4 (id=2980):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0xfffffffe, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x8, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x8}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x4000810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x3}, &(0x7f0000000040), &(0x7f0000000080))
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r3, &(0x7f0000000040)={0x1f, @fixed}, 0x8)
listen(r3, 0x0)

0s ago: executing program 3 (id=2981):
fsopen(0x0, 0x0)
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, 0x0)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYRES32], 0x28}}, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100), 0x48)
syz_open_dev$tty1(0xc, 0x4, 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$audio(0xffffff9c, &(0x7f0000000240), 0x101880, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r2, r2, r2}, &(0x7f00000000c0)=""/28, 0x1c, &(0x7f00000001c0)={&(0x7f0000000140)={'poly1305\x00'}})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="17000000700001000000000000000000070000007e36df40b0aa681ddcab18257cbbd2e5ef239f7dc417c5ddc719ff3240320312640ade95b359a7d13e1ba64355bd751fac1ae839fe505d04a1123d138c0edfc6a2430000000034a12462cdecf34b565686af26ce1b5f9b71080a11b630f703b5", @ANYRES32=0x0], 0x18}}, 0x0)
fsopen(&(0x7f0000000280)='gfs2meta\x00', 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002680)={&(0x7f0000002540)=ANY=[@ANYBLOB="9feb01021800000000000000000000000070c44a0000000700000000000000"], 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
sendmmsg$inet(r5, 0x0, 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
openat$vcsu(0xffffff9c, 0x0, 0x800, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x18, 0x2a, 0xb, 0x70bd27, 0x4000, {0x9}, [@nested={0x4, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x4040080)

kernel console output (not intermixed with test programs):

pfx_kvm_vm_compat_ioctl+0x10/0x10
[  604.882525][T15770]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  604.884074][T15770]  __do_fast_syscall_32+0x73/0x120
[  604.885584][T15770]  do_fast_syscall_32+0x32/0x80
[  604.887010][T15770]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  604.888847][T15770] RIP: 0023:0xf70de579
[  604.890335][T15770] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  604.896020][T15770] RSP: 002b:00000000f50d055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  604.898425][T15770] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c048aec8
[  604.900716][T15770] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  604.902990][T15770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  604.905275][T15770] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  604.907503][T15770] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  604.910034][T15770]  </TASK>
[  604.947274][T13097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  604.950444][T13097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  604.967619][T13107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  604.969884][T13107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  605.118594][   T39] kauditd_printk_skb: 16 callbacks suppressed
[  605.118605][   T39] audit: type=1800 audit(1737133723.749:121): pid=15775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2468" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  605.186506][ T5959] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  605.189599][ T5959] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  605.193357][ T5959] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  605.196430][ T5959] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  605.198821][ T5959] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  605.202171][ T5959] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  605.278288][T15786] chnl_net:caif_netlink_parms(): no params data found
[  605.352100][T15786] bridge0: port 1(bridge_slave_0) entered blocking state
[  605.354235][T15786] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.356278][T15786] bridge_slave_0: entered allmulticast mode
[  605.358477][T15786] bridge_slave_0: entered promiscuous mode
[  605.362331][T15797] syzkaller1: entered promiscuous mode
[  605.364004][T15797] syzkaller1: entered allmulticast mode
[  605.366418][T15786] bridge0: port 2(bridge_slave_1) entered blocking state
[  605.368516][T15786] bridge0: port 2(bridge_slave_1) entered disabled state
[  605.370303][T15797] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 4032
[  605.370583][T15786] bridge_slave_1: entered allmulticast mode
[  605.375329][T15786] bridge_slave_1: entered promiscuous mode
[  605.407282][T15800] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  605.422062][T15786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  605.426019][T15786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  605.447965][T15786] team0: Port device team_slave_0 added
[  605.451377][T15786] team0: Port device team_slave_1 added
[  605.482212][T15786] batman_adv: batadv0: Adding interface: batadv_slave_0
[  605.484178][T15786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  605.491583][T15786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  605.495273][T15786] batman_adv: batadv0: Adding interface: batadv_slave_1
[  605.497181][T15786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  605.505281][T15786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  605.558508][T15786] hsr_slave_0: entered promiscuous mode
[  605.561944][T15786] hsr_slave_1: entered promiscuous mode
[  605.564181][T15786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  605.566453][T15786] Cannot create hsr debugfs directory
[  605.646367][T15786] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.720200][T15812] netlink: 116 bytes leftover after parsing attributes in process `syz.4.2474'.
[  605.730849][T12678] Bluetooth: hci0: command tx timeout
[  605.751680][T15786] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.925558][T15786] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  606.032563][T15786] bond0: (slave netdevsim0): Releasing backup interface
[  606.035197][T15786] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode
[  606.038473][T15786] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  606.121504][T15786] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  606.125884][T15786] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  606.131506][T15786] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  606.140161][T15786] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  606.184389][T15786] 8021q: adding VLAN 0 to HW filter on device bond0
[  606.194387][T15786] 8021q: adding VLAN 0 to HW filter on device team0
[  606.198257][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.200355][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  606.207566][T13107] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.209641][T13107] bridge0: port 2(bridge_slave_1) entered forwarding state
[  606.292675][T15786] 8021q: adding VLAN 0 to HW filter on device batadv0
[  606.310493][T15786] veth0_vlan: entered promiscuous mode
[  606.315086][T15786] veth1_vlan: entered promiscuous mode
[  606.326576][T15786] veth0_macvtap: entered promiscuous mode
[  606.329834][T15786] veth1_macvtap: entered promiscuous mode
[  606.336050][T15786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  606.339028][T15786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  606.343386][T15786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  606.346415][T15786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  606.349806][T15786] batman_adv: batadv0: Interface activated: batadv_slave_0
[  606.355312][T15786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  606.358276][T15786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  606.361192][T15786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  606.364167][T15786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  606.366936][T15786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  606.370169][T15786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  606.373825][T15786] batman_adv: batadv0: Interface activated: batadv_slave_1
[  606.378287][T15786] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  606.380804][T12678] Bluetooth: hci1: command tx timeout
[  606.381028][T15786] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  606.385102][T15786] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  606.397551][T15786] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  606.444323][  T833] libceph: connect (1)[c::]:6789 error -101
[  606.446152][  T833] libceph: mon0 (1)[c::]:6789 connect error
[  606.456416][T13100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  606.458696][T13100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  606.472245][T13107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  606.475216][T13107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  606.579362][T15827] ceph: No mds server is up or the cluster is laggy
[  606.811197][   T39] audit: type=1400 audit(1737133725.449:122): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=222F2F26 pid=15856 comm="syz.4.2486"
[  607.250833][T12678] Bluetooth: hci2: command tx timeout
[  607.689820][T15881] FAULT_INJECTION: forcing a failure.
[  607.689820][T15881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  607.694050][T15881] CPU: 2 UID: 0 PID: 15881 Comm: syz.3.2493 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  607.697286][T15881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  607.700401][T15881] Call Trace:
[  607.701391][T15881]  <TASK>
[  607.702262][T15881]  dump_stack_lvl+0x16c/0x1f0
[  607.703720][T15881]  should_fail_ex+0x497/0x5b0
[  607.705182][T15881]  _copy_to_user+0x32/0xd0
[  607.706509][T15881]  simple_read_from_buffer+0xd0/0x160
[  607.708057][T15881]  proc_fail_nth_read+0x198/0x270
[  607.709543][T15881]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  607.711096][T15881]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  607.712522][T15881]  vfs_read+0x1df/0xbe0
[  607.713849][T15881]  ? __fget_files+0x1fc/0x3a0
[  607.715647][T15881]  ? __pfx___mutex_lock+0x10/0x10
[  607.717356][T15881]  ? __pfx_vfs_read+0x10/0x10
[  607.718995][T15881]  ? __fget_files+0x206/0x3a0
[  607.720703][T15881]  ksys_read+0x12b/0x250
[  607.722280][T15881]  ? __pfx_ksys_read+0x10/0x10
[  607.724052][T15881]  __do_fast_syscall_32+0x73/0x120
[  607.725948][T15881]  do_fast_syscall_32+0x32/0x80
[  607.727734][T15881]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  607.729768][T15881] RIP: 0023:0xf7fc5579
[  607.730949][T15881] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  607.737226][T15881] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  607.739538][T15881] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5116620
[  607.741690][T15881] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000
[  607.743949][T15881] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  607.746156][T15881] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  607.748390][T15881] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  607.750628][T15881]  </TASK>
[  608.056829][T15903] FAULT_INJECTION: forcing a failure.
[  608.056829][T15903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  608.060846][T15903] CPU: 3 UID: 0 PID: 15903 Comm: syz.0.2498 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  608.064037][T15903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  608.067072][T15903] Call Trace:
[  608.068033][T15903]  <TASK>
[  608.068892][T15903]  dump_stack_lvl+0x16c/0x1f0
[  608.070310][T15903]  should_fail_ex+0x497/0x5b0
[  608.072043][T15903]  _copy_to_user+0x32/0xd0
[  608.073925][T15903]  simple_read_from_buffer+0xd0/0x160
[  608.076072][T15903]  proc_fail_nth_read+0x198/0x270
[  608.078117][T15903]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  608.080384][T15903]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  608.082706][T15903]  vfs_read+0x1df/0xbe0
[  608.084424][T15903]  ? __fget_files+0x1fc/0x3a0
[  608.086372][T15903]  ? __pfx___mutex_lock+0x10/0x10
[  608.088454][T15903]  ? __pfx_vfs_read+0x10/0x10
[  608.090424][T15903]  ? __fget_files+0x206/0x3a0
[  608.092372][T15903]  ksys_read+0x12b/0x250
[  608.094145][T15903]  ? __pfx_ksys_read+0x10/0x10
[  608.096122][T15903]  __do_fast_syscall_32+0x73/0x120
[  608.098256][T15903]  do_fast_syscall_32+0x32/0x80
[  608.100267][T15903]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  608.102844][T15903] RIP: 0023:0xf70de579
[  608.104512][T15903] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  608.112285][T15903] RSP: 002b:00000000f50d0590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  608.115655][T15903] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50d0620
[  608.118862][T15903] RDX: 000000000000000f RSI: 00000000f7413ff4 RDI: 0000000000000000
[  608.122050][T15903] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  608.125307][T15903] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  608.128514][T15903] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  608.131759][T15903]  </TASK>
[  608.276393][T15912] FAULT_INJECTION: forcing a failure.
[  608.276393][T15912] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  608.280440][T15912] CPU: 3 UID: 0 PID: 15912 Comm: syz.0.2501 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  608.283609][T15912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  608.286719][T15912] Call Trace:
[  608.287695][T15912]  <TASK>
[  608.288562][T15912]  dump_stack_lvl+0x16c/0x1f0
[  608.289947][T15912]  should_fail_ex+0x497/0x5b0
[  608.291351][T15912]  ? fs_reclaim_acquire+0xae/0x150
[  608.292841][T15912]  should_fail_alloc_page+0xe7/0x130
[  608.294374][T15912]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  608.296143][T15912]  ? find_held_lock+0x2d/0x110
[  608.297539][T15912]  __alloc_pages_noprof+0x190/0x25b0
[  608.299087][T15912]  ? hlock_class+0x4e/0x130
[  608.300408][T15912]  ? mark_lock+0xb5/0xc60
[  608.301692][T15912]  ? lock_acquire+0x2f/0xb0
[  608.303020][T15912]  ? is_bpf_text_address+0x30/0x1a0
[  608.304548][T15912]  ? __pfx_mark_lock+0x10/0x10
[  608.305956][T15912]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  608.307729][T15912]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  608.309376][T15912]  ? hlock_class+0x4e/0x130
[  608.310712][T15912]  ? mark_lock+0xb5/0xc60
[  608.312015][T15912]  ? __lock_acquire+0xcc5/0x3c40
[  608.313463][T15912]  ? hlock_class+0x4e/0x130
[  608.314817][T15912]  ? __lock_acquire+0xcc5/0x3c40
[  608.316289][T15912]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  608.317999][T15912]  ? policy_nodemask+0xea/0x4e0
[  608.319418][T15912]  alloc_pages_mpol_noprof+0x2c8/0x620
[  608.321108][T15912]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  608.322910][T15912]  pte_alloc_one+0x20/0x390
[  608.324257][T15912]  __pte_alloc+0x6e/0x3b0
[  608.325528][T15912]  ? __pfx___pte_alloc+0x10/0x10
[  608.326945][T15912]  do_pte_missing+0x2810/0x3e00
[  608.328364][T15912]  ? mt_find+0x82d/0xa20
[  608.329641][T15912]  ? __pfx_lock_release+0x10/0x10
[  608.331142][T15912]  __handle_mm_fault+0x103c/0x2a40
[  608.332654][T15912]  ? __pfx___handle_mm_fault+0x10/0x10
[  608.334367][T15912]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  608.335989][T15912]  ? find_vma+0xc0/0x140
[  608.337245][T15912]  ? __pfx_find_vma+0x10/0x10
[  608.338609][T15912]  handle_mm_fault+0x3fa/0xaa0
[  608.340004][T15912]  do_user_addr_fault+0x7a3/0x13f0
[  608.341519][T15912]  exc_page_fault+0x5c/0xc0
[  608.342835][T15912]  asm_exc_page_fault+0x26/0x30
[  608.344266][T15912] RIP: 0010:_copy_from_iter+0x37f/0x1400
[  608.345895][T15912] Code: 4d 85 f6 0f 85 4e ff ff ff e8 4d 31 02 fd 4c 8b 74 24 18 44 89 fe 4c 89 f7 e8 0d aa 64 fd 0f 01 cb 4c 89 f9 4c 89 f7 48 89 de <f3> a4 0f 1f 00 48 89 cb 0f 01 ca 4d 89 fc 49 29 cc e9 1d ff ff ff
[  608.351454][T15912] RSP: 0018:ffffc900063777b0 EFLAGS: 00050246
[  608.353191][T15912] RAX: 0000000000000001 RBX: 0000000020000040 RCX: 0000000000000083
[  608.355455][T15912] RDX: ffffed100c7f9019 RSI: 0000000020000040 RDI: ffff888063fc8040
[  608.357707][T15912] RBP: ffffc90006377d90 R08: 0000000000000001 R09: ffffed100c7f9018
[  608.359974][T15912] R10: ffff888063fc80c2 R11: 0000000000000000 R12: 00000000200000c3
[  608.362281][T15912] R13: 00007ffffffff000 R14: ffff888063fc8040 R15: 0000000000000083
[  608.364560][T15912]  ? __pfx__copy_from_iter+0x10/0x10
[  608.366106][T15912]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  608.367827][T15912]  ? tun_build_skb.constprop.0+0x1b8/0x1120
[  608.369531][T15912]  ? __pfx_lock_release+0x10/0x10
[  608.371077][T15912]  ? trace_lock_acquire+0x14e/0x1f0
[  608.372794][T15912]  copy_page_from_iter+0xa5/0x120
[  608.374280][T15912]  tun_build_skb.constprop.0+0x294/0x1120
[  608.375915][T15912]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  608.377754][T15912]  ? __pfx___lock_acquire+0x10/0x10
[  608.379254][T15912]  ? __lock_acquire+0xcc5/0x3c40
[  608.380724][T15912]  tun_get_user+0x870/0x3e40
[  608.382075][T15912]  ? find_held_lock+0x2d/0x110
[  608.383463][T15912]  ? __pfx_tun_get_user+0x10/0x10
[  608.384942][T15912]  ? find_held_lock+0x2d/0x110
[  608.386325][T15912]  ? __pfx_lock_release+0x10/0x10
[  608.387770][T15912]  tun_chr_write_iter+0xdc/0x210
[  608.389188][T15912]  vfs_write+0x5ae/0x1150
[  608.390439][T15912]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  608.392061][T15912]  ? __pfx_vfs_write+0x10/0x10
[  608.393448][T15912]  ? __fget_files+0x40/0x3a0
[  608.394814][T15912]  ksys_write+0x12b/0x250
[  608.396059][T15912]  ? __pfx_ksys_write+0x10/0x10
[  608.397475][T15912]  __do_fast_syscall_32+0x73/0x120
[  608.398946][T15912]  do_fast_syscall_32+0x32/0x80
[  608.400347][T15912]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  608.402195][T15912] RIP: 0023:0xf70de579
[  608.403381][T15912] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  608.408881][T15912] RSP: 002b:00000000f50d0520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  608.411296][T15912] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000040
[  608.413554][T15912] RDX: 0000000000000083 RSI: 00000000f7413ff4 RDI: 0000000000000000
[  608.415827][T15912] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  608.418081][T15912] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  608.420353][T15912] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  608.422735][T15912]  </TASK>
[  609.330780][T12678] Bluetooth: hci2: command tx timeout
[  609.427313][T15933] siw: device registration error -23
[  609.430877][   T35] usb 8-1: new high-speed USB device number 71 using dummy_hcd
[  609.590749][   T35] usb 8-1: Using ep0 maxpacket: 8
[  609.593408][   T35] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  609.595566][   T35] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  609.598728][   T35] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  609.602245][   T35] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  609.605691][   T35] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  609.609602][   T35] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  609.611828][   T35] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  609.615011][   T35] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  609.618319][   T35] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  609.621485][   T35] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  609.625377][   T35] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  609.627507][   T35] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  609.630652][   T35] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  609.634088][   T35] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  609.637176][   T35] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  609.645384][   T35] usb 8-1: string descriptor 0 read error: -22
[  609.647206][   T35] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  609.649768][   T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.662112][   T35] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  610.118288][T15942] FAULT_INJECTION: forcing a failure.
[  610.118288][T15942] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  610.127034][T15942] CPU: 0 UID: 0 PID: 15942 Comm: syz.4.2511 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  610.130179][T15942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  610.133302][T15942] Call Trace:
[  610.134337][T15942]  <TASK>
[  610.135219][T15942]  dump_stack_lvl+0x16c/0x1f0
[  610.136608][T15942]  should_fail_ex+0x497/0x5b0
[  610.138025][T15942]  _copy_from_user+0x2e/0xd0
[  610.139407][T15942]  snd_seq_write+0x3ea/0x6c0
[  610.140797][T15942]  ? __pfx_snd_seq_write+0x10/0x10
[  610.142305][T15942]  ? bpf_lsm_file_permission+0x9/0x10
[  610.143926][T15942]  ? security_file_permission+0x71/0x210
[  610.145925][T15942]  ? __pfx_snd_seq_write+0x10/0x10
[  610.147590][T15942]  vfs_writev+0x6da/0xdd0
[  610.148815][T15942]  ? find_held_lock+0x2d/0x110
[  610.150180][T15942]  ? __pfx_vfs_writev+0x10/0x10
[  610.151671][T15942]  ? find_held_lock+0x2d/0x110
[  610.153134][T15942]  ? __pfx_lock_release+0x10/0x10
[  610.154648][T15942]  ? trace_lock_acquire+0x14e/0x1f0
[  610.156585][T15942]  ? __fget_files+0x206/0x3a0
[  610.158103][T15942]  ? do_writev+0x297/0x340
[  610.159465][T15942]  do_writev+0x297/0x340
[  610.160760][T15942]  ? __pfx_do_writev+0x10/0x10
[  610.162205][T15942]  __do_fast_syscall_32+0x73/0x120
[  610.163892][T15942]  do_fast_syscall_32+0x32/0x80
[  610.165538][T15942]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  610.167456][T15942] RIP: 0023:0xf709e579
[  610.168709][T15942] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  610.174593][T15942] RSP: 002b:00000000f509055c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  610.177875][T15942] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000200000c0
[  610.180278][T15942] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  610.182633][T15942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  610.185025][T15942] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  610.188185][T15942] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  610.190645][T15942]  </TASK>
[  610.211770][T15942] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2511'.
[  610.215226][T15942] 9pnet_fd: Insufficient options for proto=fd
[  610.254461][T15946] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2512'.
[  610.257849][T15946] 9pnet_fd: Insufficient options for proto=fd
[  610.540735][   T39] audit: type=1400 audit(1737133729.149:123): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04
[  610.634911][T15961] syzkaller1: entered promiscuous mode
[  610.662931][T15961] syzkaller1: entered allmulticast mode
[  611.410951][T12678] Bluetooth: hci2: command tx timeout
[  611.786696][T15977] FAULT_INJECTION: forcing a failure.
[  611.786696][T15977] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  611.790541][T15977] CPU: 1 UID: 0 PID: 15977 Comm: syz.1.2521 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  611.793719][T15977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  611.796762][T15977] Call Trace:
[  611.797743][T15977]  <TASK>
[  611.798602][T15977]  dump_stack_lvl+0x16c/0x1f0
[  611.799964][T15977]  should_fail_ex+0x497/0x5b0
[  611.801339][T15977]  _copy_from_user+0x2e/0xd0
[  611.802695][T15977]  generic_map_delete_batch+0x43e/0x6f0
[  611.804296][T15977]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  611.806116][T15977]  ? __fget_files+0x206/0x3a0
[  611.807493][T15977]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  611.809246][T15977]  bpf_map_do_batch+0x294/0x640
[  611.810651][T15977]  __sys_bpf+0x5fe/0x57a0
[  611.811917][T15977]  ? __pfx_lock_release+0x10/0x10
[  611.813383][T15977]  ? __pfx___sys_bpf+0x10/0x10
[  611.814772][T15977]  ? vfs_write+0x306/0x1150
[  611.816080][T15977]  ? __mutex_unlock_slowpath+0x164/0x690
[  611.817718][T15977]  ? fput+0x67/0x440
[  611.818854][T15977]  ? ksys_write+0x1ba/0x250
[  611.820164][T15977]  ? __pfx_ksys_write+0x10/0x10
[  611.821584][T15977]  __ia32_sys_bpf+0x76/0xe0
[  611.822904][T15977]  __do_fast_syscall_32+0x73/0x120
[  611.824387][T15977]  do_fast_syscall_32+0x32/0x80
[  611.825800][T15977]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  611.827621][T15977] RIP: 0023:0xf7fc2579
[  611.828810][T15977] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  611.834301][T15977] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  611.836682][T15977] RAX: ffffffffffffffda RBX: 000000000000001b RCX: 0000000020000040
[  611.838941][T15977] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  611.841199][T15977] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  611.843460][T15977] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  611.845733][T15977] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  611.847997][T15977]  </TASK>
[  612.190525][ T1454] usb 8-1: USB disconnect, device number 71
[  612.461615][T15999] xt_bpf: check failed: parse error
[  612.466264][T15999] input: syz0 as /devices/virtual/input/input64
[  612.479134][T15999] xt_bpf: check failed: parse error
[  612.890200][T16013] pim6reg: entered allmulticast mode
[  613.189517][T16028] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  613.403824][T16048] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  613.491493][T12678] Bluetooth: hci2: command tx timeout
[  613.570869][T16057] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  613.579020][T16057] netlink: 'syz.1.2532': attribute type 4 has an invalid length.
[  613.881109][T16068] netem: incorrect ge model size
[  613.885597][T16068] netem: change failed
[  614.353574][T16093] Bluetooth: MGMT ver 1.23
[  614.575969][T16097] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  614.582126][T16097] netlink: 'syz.0.2543': attribute type 4 has an invalid length.
[  614.933999][   T39] audit: type=1326 audit(1737133733.579:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16098 comm="syz.3.2544" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x0
[  615.174816][T16103] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2545'.
[  615.372773][T16109] FAULT_INJECTION: forcing a failure.
[  615.372773][T16109] name failslab, interval 1, probability 0, space 0, times 0
[  615.383563][T16109] CPU: 2 UID: 0 PID: 16109 Comm: syz.0.2548 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  615.386601][T16109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  615.389692][T16109] Call Trace:
[  615.390655][T16109]  <TASK>
[  615.391522][T16109]  dump_stack_lvl+0x16c/0x1f0
[  615.392894][T16109]  should_fail_ex+0x497/0x5b0
[  615.394254][T16109]  ? fs_reclaim_acquire+0xae/0x150
[  615.395720][T16109]  should_failslab+0xc2/0x120
[  615.397067][T16109]  __kmalloc_noprof+0xce/0x4f0
[  615.398446][T16109]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  615.400045][T16109]  ? tomoyo_realpath_from_path+0xbf/0x710
[  615.401685][T16109]  tomoyo_realpath_from_path+0xbf/0x710
[  615.403270][T16109]  ? tomoyo_path_number_perm+0x235/0x5b0
[  615.404893][T16109]  tomoyo_path_number_perm+0x248/0x5b0
[  615.406455][T16109]  ? tomoyo_path_number_perm+0x235/0x5b0
[  615.408032][T16109]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  615.409765][T16109]  ? __pfx_lock_release+0x10/0x10
[  615.411208][T16109]  ? trace_lock_acquire+0x14e/0x1f0
[  615.412712][T16109]  ? lock_acquire+0x2f/0xb0
[  615.414030][T16109]  ? __fget_files+0x40/0x3a0
[  615.415363][T16109]  ? __fget_files+0x206/0x3a0
[  615.416723][T16109]  security_file_ioctl_compat+0x9b/0x240
[  615.418318][T16109]  __do_compat_sys_ioctl+0x4e/0x2c0
[  615.419810][T16109]  __do_fast_syscall_32+0x73/0x120
[  615.421294][T16109]  do_fast_syscall_32+0x32/0x80
[  615.422691][T16109]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  615.424539][T16109] RIP: 0023:0xf70de579
[  615.425768][T16109] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  615.430996][T12678] Bluetooth: hci0: command tx timeout
[  615.431210][T16109] RSP: 002b:00000000f50d055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  615.435204][T16109] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000004b72
[  615.437458][T16109] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  615.439695][T16109] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  615.441942][T16109] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  615.444200][T16109] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  615.446462][T16109]  </TASK>
[  615.454391][T16109] ERROR: Out of memory at tomoyo_realpath_from_path.
[  615.537254][T16118] FAULT_INJECTION: forcing a failure.
[  615.537254][T16118] name failslab, interval 1, probability 0, space 0, times 0
[  615.544135][T16118] CPU: 2 UID: 0 PID: 16118 Comm: syz.0.2550 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  615.547659][T16118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  615.551350][T16118] Call Trace:
[  615.552448][T16118]  <TASK>
[  615.553463][T16118]  dump_stack_lvl+0x16c/0x1f0
[  615.554903][T16118]  should_fail_ex+0x497/0x5b0
[  615.556485][T16118]  ? fs_reclaim_acquire+0xae/0x150
[  615.558318][T16118]  should_failslab+0xc2/0x120
[  615.559991][T16118]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  615.561925][T16118]  ? p9_tag_alloc+0x9c/0x870
[  615.563351][T16118]  p9_tag_alloc+0x9c/0x870
[  615.564893][T16118]  ? lockdep_unlock+0x11a/0x290
[  615.566656][T16118]  ? __pfx_p9_tag_alloc+0x10/0x10
[  615.568206][T16118]  p9_client_prepare_req+0x19f/0x4d0
[  615.570089][T16118]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  615.571838][T16118]  ? filemap_fdatawrite_wbc+0x81/0x160
[  615.573717][T16118]  ? __filemap_fdatawrite_range+0xb3/0xf0
[  615.575475][T16118]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  615.577444][T16118]  p9_client_rpc+0x1c3/0xc10
[  615.578866][T16118]  ? __pfx_p9_client_rpc+0x10/0x10
[  615.580687][T16118]  p9_client_wstat+0x1f4/0x300
[  615.582291][T16118]  v9fs_vfs_setattr+0x4f8/0xab0
[  615.583744][T16118]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  615.585308][T16118]  ? ktime_get_coarse_real_ts64_mg+0x26e/0x310
[  615.587079][T16118]  ? evm_inode_setattr+0x65/0x680
[  615.588536][T16118]  ? __pfx_make_vfsgid+0x10/0x10
[  615.589983][T16118]  ? __pfx_v9fs_vfs_setattr+0x10/0x10
[  615.591545][T16118]  notify_change+0x6a6/0x1230
[  615.592930][T16118]  vfs_utimes+0x41d/0x850
[  615.594205][T16118]  ? __pfx_vfs_utimes+0x10/0x10
[  615.595651][T16118]  ? putname+0x13c/0x180
[  615.596893][T16118]  do_utimes+0x124/0x2a0
[  615.598118][T16118]  ? __pfx_do_utimes+0x10/0x10
[  615.599490][T16118]  ? lock_acquire+0x2f/0xb0
[  615.600808][T16118]  ? __might_fault+0xe3/0x190
[  615.602168][T16118]  do_compat_futimesat+0x217/0x280
[  615.603642][T16118]  ? fput+0x67/0x440
[  615.604780][T16118]  ? __pfx_do_compat_futimesat+0x10/0x10
[  615.606385][T16118]  ? ksys_write+0x1ba/0x250
[  615.607703][T16118]  __do_fast_syscall_32+0x73/0x120
[  615.609197][T16118]  do_fast_syscall_32+0x32/0x80
[  615.610594][T16118]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  615.612403][T16118] RIP: 0023:0xf70de579
[  615.613586][T16118] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  615.619048][T16118] RSP: 002b:00000000f50d055c EFLAGS: 00000296 ORIG_RAX: 000000000000010f
[  615.621553][T16118] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 0000000020000340
[  615.623875][T16118] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  615.626536][T16118] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  615.628809][T16118] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  615.631067][T16118] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  615.633335][T16118]  </TASK>
[  615.786421][T16122] syz.0.2551: attempt to access beyond end of device
[  615.786421][T16122] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  615.791898][T16122] SQUASHFS error: Failed to read block 0x0: -5
[  615.793739][T16122] unable to read squashfs_super_block
[  615.828901][   T39] audit: type=1400 audit(1737133734.469:125): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=222F2F26 pid=16130 comm="syz.0.2554"
[  615.952293][T16144] workqueue: name exceeds WQ_NAME_LEN. Truncating to: �ܻ}����r��ءÑV§�j��Pb�
[  616.018070][T16150] FAULT_INJECTION: forcing a failure.
[  616.018070][T16150] name failslab, interval 1, probability 0, space 0, times 0
[  616.021892][T16150] CPU: 3 UID: 0 PID: 16150 Comm: syz.0.2557 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  616.025014][T16150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  616.028113][T16150] Call Trace:
[  616.029143][T16150]  <TASK>
[  616.030067][T16150]  dump_stack_lvl+0x16c/0x1f0
[  616.031502][T16150]  should_fail_ex+0x497/0x5b0
[  616.033019][T16150]  ? fs_reclaim_acquire+0xae/0x150
[  616.034558][T16150]  should_failslab+0xc2/0x120
[  616.036026][T16150]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  616.037761][T16150]  ? __alloc_skb+0x2b3/0x380
[  616.039122][T16150]  __alloc_skb+0x2b3/0x380
[  616.040424][T16150]  ? __pfx___alloc_skb+0x10/0x10
[  616.041983][T16150]  __tipc_nl_compat_doit+0xa2/0x3d0
[  616.043567][T16150]  ? __pfx___tipc_nl_compat_doit+0x10/0x10
[  616.045255][T16150]  ? hlock_class+0x4e/0x130
[  616.046589][T16150]  ? bpf_lsm_capable+0x9/0x10
[  616.047946][T16150]  ? security_capable+0x7e/0x260
[  616.049399][T16150]  tipc_nl_compat_doit+0x11e/0x290
[  616.050886][T16150]  tipc_nl_compat_recv+0x91e/0xc00
[  616.052373][T16150]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  616.053994][T16150]  ? __pfx___tipc_nl_bearer_enable+0x10/0x10
[  616.055774][T16150]  ? __pfx_tipc_nl_compat_bearer_enable+0x10/0x10
[  616.057659][T16150]  ? __mutex_trylock_common+0xea/0x250
[  616.059291][T16150]  ? rcu_is_watching+0x12/0xc0
[  616.060708][T16150]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  616.062845][T16150]  genl_family_rcv_msg_doit+0x202/0x2f0
[  616.064446][T16150]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  616.066365][T16150]  ? genl_get_cmd+0x195/0x580
[  616.067749][T16150]  ? __radix_tree_lookup+0x21f/0x2c0
[  616.069434][T16150]  genl_rcv_msg+0x565/0x800
[  616.070760][T16150]  ? __pfx_genl_rcv_msg+0x10/0x10
[  616.072222][T16150]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  616.073848][T16150]  netlink_rcv_skb+0x165/0x410
[  616.075232][T16150]  ? __pfx_genl_rcv_msg+0x10/0x10
[  616.076699][T16150]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  616.078216][T16150]  ? down_read+0xc9/0x330
[  616.079472][T16150]  ? __pfx_down_read+0x10/0x10
[  616.080861][T16150]  ? netlink_deliver_tap+0x1ae/0xca0
[  616.082378][T16150]  genl_rcv+0x28/0x40
[  616.083537][T16150]  netlink_unicast+0x53c/0x7f0
[  616.084929][T16150]  ? __pfx_netlink_unicast+0x10/0x10
[  616.086484][T16150]  ? __phys_addr_symbol+0x30/0x80
[  616.087933][T16150]  ? __check_object_size+0x488/0x710
[  616.089483][T16150]  netlink_sendmsg+0x8b8/0xd70
[  616.090864][T16150]  ? __pfx_netlink_sendmsg+0x10/0x10
[  616.092400][T16150]  ____sys_sendmsg+0x9ae/0xb40
[  616.093805][T16150]  ? __pfx_____sys_sendmsg+0x10/0x10
[  616.095337][T16150]  ? get_compat_msghdr+0x11b/0x170
[  616.096893][T16150]  ___sys_sendmsg+0x135/0x1e0
[  616.098252][T16150]  ? __pfx____sys_sendmsg+0x10/0x10
[  616.099771][T16150]  ? __pfx_lock_release+0x10/0x10
[  616.101226][T16150]  ? trace_lock_acquire+0x14e/0x1f0
[  616.102743][T16150]  ? __fget_files+0x206/0x3a0
[  616.104102][T16150]  __sys_sendmsg+0x16e/0x220
[  616.105447][T16150]  ? __pfx___sys_sendmsg+0x10/0x10
[  616.106933][T16150]  __do_fast_syscall_32+0x73/0x120
[  616.108417][T16150]  do_fast_syscall_32+0x32/0x80
[  616.109828][T16150]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  616.111679][T16150] RIP: 0023:0xf70de579
[  616.112869][T16150] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  616.118346][T16150] RSP: 002b:00000000f50d055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  616.120732][T16150] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000440
[  616.123008][T16150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  616.125265][T16150] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  616.127514][T16150] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  616.129786][T16150] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  616.132070][T16150]  </TASK>
[  616.985826][T16210] FAULT_INJECTION: forcing a failure.
[  616.985826][T16210] name failslab, interval 1, probability 0, space 0, times 0
[  616.989794][T16210] CPU: 3 UID: 0 PID: 16210 Comm: syz.3.2567 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  616.992914][T16210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  616.996036][T16210] Call Trace:
[  616.997033][T16210]  <TASK>
[  616.997909][T16210]  dump_stack_lvl+0x16c/0x1f0
[  616.999297][T16210]  should_fail_ex+0x497/0x5b0
[  617.000688][T16210]  ? fs_reclaim_acquire+0xae/0x150
[  617.002182][T16210]  should_failslab+0xc2/0x120
[  617.003573][T16210]  __kmalloc_cache_noprof+0x68/0x420
[  617.005155][T16210]  ? __pfx_lock_release+0x10/0x10
[  617.006625][T16210]  ? trace_lock_acquire+0x14e/0x1f0
[  617.008142][T16210]  hash_ipmark_create+0x4e3/0x13c0
[  617.009659][T16210]  ? __pfx_hash_ipmark_create+0x10/0x10
[  617.011379][T16210]  ip_set_create+0x62a/0x1400
[  617.012914][T16210]  ? rcu_is_watching+0x12/0xc0
[  617.014374][T16210]  ? __pfx_ip_set_create+0x10/0x10
[  617.015880][T16210]  nfnetlink_rcv_msg+0x9c3/0x11e0
[  617.017340][T16210]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  617.018918][T16210]  ? find_held_lock+0x2d/0x110
[  617.020337][T16210]  netlink_rcv_skb+0x165/0x410
[  617.021746][T16210]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  617.023336][T16210]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  617.024887][T16210]  ? __pfx_aa_get_newest_label+0x10/0x10
[  617.026529][T16210]  ? bpf_lsm_capable+0x9/0x10
[  617.027910][T16210]  ? security_capable+0x7e/0x260
[  617.029376][T16210]  ? ns_capable+0xd7/0x110
[  617.030684][T16210]  nfnetlink_rcv+0x1b4/0x430
[  617.032043][T16210]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  617.033543][T16210]  ? netlink_deliver_tap+0x1ae/0xca0
[  617.035085][T16210]  netlink_unicast+0x53c/0x7f0
[  617.036485][T16210]  ? __pfx_netlink_unicast+0x10/0x10
[  617.038006][T16210]  ? __phys_addr_symbol+0x30/0x80
[  617.039486][T16210]  ? __check_object_size+0x4a1/0x710
[  617.041042][T16210]  netlink_sendmsg+0x8b8/0xd70
[  617.042449][T16210]  ? __pfx_netlink_sendmsg+0x10/0x10
[  617.043988][T16210]  ____sys_sendmsg+0x9ae/0xb40
[  617.045415][T16210]  ? __pfx_____sys_sendmsg+0x10/0x10
[  617.046953][T16210]  ? get_compat_msghdr+0x11b/0x170
[  617.048461][T16210]  ___sys_sendmsg+0x135/0x1e0
[  617.049862][T16210]  ? __pfx____sys_sendmsg+0x10/0x10
[  617.051399][T16210]  ? __pfx_lock_release+0x10/0x10
[  617.052874][T16210]  ? trace_lock_acquire+0x14e/0x1f0
[  617.054405][T16210]  ? __fget_files+0x206/0x3a0
[  617.055772][T16210]  __sys_sendmsg+0x16e/0x220
[  617.057071][T16210]  ? __pfx___sys_sendmsg+0x10/0x10
[  617.058542][T16210]  __do_fast_syscall_32+0x73/0x120
[  617.059984][T16210]  do_fast_syscall_32+0x32/0x80
[  617.061395][T16210]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  617.063209][T16210] RIP: 0023:0xf7fc5579
[  617.064407][T16210] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  617.069911][T16210] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  617.072289][T16210] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  617.074576][T16210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  617.076835][T16210] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  617.079111][T16210] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  617.081380][T16210] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  617.083698][T16210]  </TASK>
[  617.336430][T16223] syz.0.2572 (16223): attempted to duplicate a private mapping with mremap.  This is not supported.
[  617.351326][    C2] Unknown status report in ack skb
[  617.652405][T16243] FAULT_INJECTION: forcing a failure.
[  617.652405][T16243] name failslab, interval 1, probability 0, space 0, times 0
[  617.656481][T16243] CPU: 2 UID: 0 PID: 16243 Comm: syz.0.2577 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  617.659733][T16243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  617.662966][T16243] Call Trace:
[  617.664001][T16243]  <TASK>
[  617.664928][T16243]  dump_stack_lvl+0x16c/0x1f0
[  617.666435][T16243]  should_fail_ex+0x497/0x5b0
[  617.667860][T16243]  ? fs_reclaim_acquire+0xae/0x150
[  617.669437][T16243]  should_failslab+0xc2/0x120
[  617.670862][T16243]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  617.672473][T16243]  ? alloc_empty_file+0x73/0x1e0
[  617.674041][T16243]  alloc_empty_file+0x73/0x1e0
[  617.675771][T16243]  alloc_file_pseudo+0x13d/0x200
[  617.677367][T16243]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  617.679001][T16243]  __anon_inode_getfile+0x136/0x3c0
[  617.680610][T16243]  ? __pfx___anon_inode_getfile+0x10/0x10
[  617.682309][T16243]  sync_file_alloc+0x65/0x160
[  617.683733][T16243]  sync_file_create+0x17/0xf0
[  617.685192][T16243]  dma_buf_ioctl+0x2ba/0x8d0
[  617.687054][T16243]  ? __pfx_dma_buf_ioctl+0x10/0x10
[  617.689146][T16243]  ? trace_lock_acquire+0x14e/0x1f0
[  617.690973][T16243]  ? __fget_files+0x206/0x3a0
[  617.692429][T16243]  ? __pfx_dma_buf_ioctl+0x10/0x10
[  617.693977][T16243]  compat_ptr_ioctl+0x6b/0xa0
[  617.695414][T16243]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  617.697097][T16243]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  617.698604][T16243]  __do_fast_syscall_32+0x73/0x120
[  617.700062][T16243]  do_fast_syscall_32+0x32/0x80
[  617.701577][T16243]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  617.703416][T16243] RIP: 0023:0xf70de579
[  617.704638][T16243] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  617.710702][T16243] RSP: 002b:00000000f50d055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  617.713127][T16243] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0086202
[  617.715455][T16243] RDX: 0000000020000540 RSI: 0000000000000000 RDI: 0000000000000000
[  617.717747][T16243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  617.720055][T16243] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  617.722391][T16243] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  617.724712][T16243]  </TASK>
[  618.205984][T16254] netlink: 'syz.3.2581': attribute type 4 has an invalid length.
[  618.208284][T16254] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2581'.
[  618.584145][T16266] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  618.587081][T16266] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  618.590267][T16257] xt_CT: You must specify a L4 protocol and not use inversions on it
[  618.593396][T16257] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2582'.
[  618.758094][T16272] FAULT_INJECTION: forcing a failure.
[  618.758094][T16272] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  618.762560][T16272] CPU: 1 UID: 0 PID: 16272 Comm: syz.3.2587 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  618.765599][T16272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  618.768659][T16272] Call Trace:
[  618.769660][T16272]  <TASK>
[  618.770525][T16272]  dump_stack_lvl+0x16c/0x1f0
[  618.771912][T16272]  should_fail_ex+0x497/0x5b0
[  618.773285][T16272]  _copy_from_user+0x2e/0xd0
[  618.774622][T16272]  generic_map_delete_batch+0x43e/0x6f0
[  618.776213][T16272]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  618.777955][T16272]  ? __fget_files+0x206/0x3a0
[  618.779371][T16272]  ? __pfx_generic_map_delete_batch+0x10/0x10
[  618.781106][T16272]  bpf_map_do_batch+0x294/0x640
[  618.782508][T16272]  __sys_bpf+0x5fe/0x57a0
[  618.783748][T16272]  ? __pfx_lock_release+0x10/0x10
[  618.785190][T16272]  ? __pfx___sys_bpf+0x10/0x10
[  618.786555][T16272]  ? vfs_write+0x306/0x1150
[  618.787868][T16272]  ? __mutex_unlock_slowpath+0x164/0x690
[  618.789567][T16272]  ? fput+0x67/0x440
[  618.790702][T16272]  ? ksys_write+0x1ba/0x250
[  618.792020][T16272]  ? __pfx_ksys_write+0x10/0x10
[  618.793438][T16272]  __ia32_sys_bpf+0x76/0xe0
[  618.794755][T16272]  __do_fast_syscall_32+0x73/0x120
[  618.796223][T16272]  do_fast_syscall_32+0x32/0x80
[  618.797628][T16272]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  618.799475][T16272] RIP: 0023:0xf7fc5579
[  618.801118][T16272] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  618.807166][T16272] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  618.809574][T16272] RAX: ffffffffffffffda RBX: 000000000000001b RCX: 0000000020000040
[  618.811829][T16272] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  618.814120][T16272] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  618.816376][T16272] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  618.818622][T16272] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  618.821049][T16272]  </TASK>
[  618.853211][T12678] Bluetooth: hci4: command tx timeout
[  618.866290][T16284] random: crng reseeded on system resumption
[  619.233618][T16292] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2592'.
[  619.818353][T16303] netlink: 'syz.0.2595': attribute type 10 has an invalid length.
[  619.828870][T16303] team0: Port device netdevsim0 added
[  620.271154][T16315] FAULT_INJECTION: forcing a failure.
[  620.271154][T16315] name failslab, interval 1, probability 0, space 0, times 0
[  620.275101][T16315] CPU: 3 UID: 0 PID: 16315 Comm: syz.1.2600 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  620.278157][T16315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  620.281208][T16315] Call Trace:
[  620.282168][T16315]  <TASK>
[  620.283021][T16315]  dump_stack_lvl+0x16c/0x1f0
[  620.284381][T16315]  should_fail_ex+0x497/0x5b0
[  620.285746][T16315]  ? fs_reclaim_acquire+0xae/0x150
[  620.287210][T16315]  should_failslab+0xc2/0x120
[  620.288571][T16315]  __kmalloc_cache_noprof+0x68/0x420
[  620.290140][T16315]  ? nbd_config_put+0xe3/0x750
[  620.291528][T16315]  kobject_uevent_env+0x265/0x1670
[  620.293009][T16315]  ? __pfx_dev_uevent_name+0x10/0x10
[  620.294544][T16315]  nbd_config_put+0x4fc/0x750
[  620.295894][T16315]  ? __init_waitqueue_head+0xca/0x150
[  620.297458][T16315]  nbd_genl_connect+0x12d5/0x1c00
[  620.298915][T16315]  ? __pfx_nbd_genl_connect+0x10/0x10
[  620.300451][T16315]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  620.302613][T16315]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  620.304705][T16315]  genl_family_rcv_msg_doit+0x202/0x2f0
[  620.306280][T16315]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  620.307976][T16315]  ? genl_get_cmd+0x195/0x580
[  620.309330][T16315]  ? __radix_tree_lookup+0x21f/0x2c0
[  620.310818][T16315]  genl_rcv_msg+0x565/0x800
[  620.312099][T16315]  ? __pfx_genl_rcv_msg+0x10/0x10
[  620.313521][T16315]  ? __pfx_nbd_genl_connect+0x10/0x10
[  620.315020][T16315]  ? __pfx___lock_acquire+0x10/0x10
[  620.316470][T16315]  netlink_rcv_skb+0x165/0x410
[  620.317830][T16315]  ? __pfx_genl_rcv_msg+0x10/0x10
[  620.319261][T16315]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  620.320743][T16315]  ? down_read+0xc9/0x330
[  620.321967][T16315]  ? __pfx_down_read+0x10/0x10
[  620.323318][T16315]  ? netlink_deliver_tap+0x1ae/0xca0
[  620.324821][T16315]  genl_rcv+0x28/0x40
[  620.325949][T16315]  netlink_unicast+0x53c/0x7f0
[  620.327309][T16315]  ? __pfx_netlink_unicast+0x10/0x10
[  620.328815][T16315]  ? __phys_addr_symbol+0x30/0x80
[  620.330260][T16315]  ? __check_object_size+0x488/0x710
[  620.331837][T16315]  netlink_sendmsg+0x8b8/0xd70
[  620.333211][T16315]  ? __pfx_netlink_sendmsg+0x10/0x10
[  620.334695][T16315]  ____sys_sendmsg+0x9ae/0xb40
[  620.336026][T16315]  ? __pfx_____sys_sendmsg+0x10/0x10
[  620.337520][T16315]  ? get_compat_msghdr+0x11b/0x170
[  620.338964][T16315]  ___sys_sendmsg+0x135/0x1e0
[  620.340281][T16315]  ? __pfx____sys_sendmsg+0x10/0x10
[  620.341760][T16315]  ? __pfx_lock_release+0x10/0x10
[  620.343182][T16315]  ? trace_lock_acquire+0x14e/0x1f0
[  620.344655][T16315]  ? __fget_files+0x206/0x3a0
[  620.345970][T16315]  __sys_sendmsg+0x16e/0x220
[  620.347267][T16315]  ? __pfx___sys_sendmsg+0x10/0x10
[  620.348725][T16315]  __do_fast_syscall_32+0x73/0x120
[  620.350184][T16315]  do_fast_syscall_32+0x32/0x80
[  620.351557][T16315]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  620.353343][T16315] RIP: 0023:0xf7fc2579
[  620.354493][T16315] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  620.359857][T16315] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  620.362218][T16315] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000240
[  620.364465][T16315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  620.366699][T16315] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  620.368928][T16315] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  620.371150][T16315] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  620.373403][T16315]  </TASK>
[  620.620753][T16320] binder_alloc: 16319: binder_alloc_buf, no vma
[  620.715982][T16324] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2602'.
[  620.749121][T16328] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  620.854959][T16344] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2608'.
[  620.868878][T16346] FAULT_INJECTION: forcing a failure.
[  620.868878][T16346] name failslab, interval 1, probability 0, space 0, times 0
[  620.873356][T16346] CPU: 2 UID: 0 PID: 16346 Comm: syz.3.2609 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  620.876637][T16346] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  620.879799][T16346] Call Trace:
[  620.880843][T16346]  <TASK>
[  620.881708][T16346]  dump_stack_lvl+0x16c/0x1f0
[  620.883077][T16346]  should_fail_ex+0x497/0x5b0
[  620.884448][T16346]  ? fs_reclaim_acquire+0xae/0x150
[  620.885987][T16346]  should_failslab+0xc2/0x120
[  620.887368][T16346]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  620.888937][T16346]  ? io_submit_one+0x123/0x1da0
[  620.890349][T16346]  io_submit_one+0x123/0x1da0
[  620.891723][T16346]  ? __pfx_io_submit_one+0x10/0x10
[  620.893289][T16346]  ? __might_fault+0x13b/0x190
[  620.894750][T16346]  ? lock_acquire+0x2f/0xb0
[  620.896068][T16346]  ? __might_fault+0xe3/0x190
[  620.897464][T16346]  ? __ia32_compat_sys_io_submit+0x1ba/0x3a0
[  620.899180][T16346]  __ia32_compat_sys_io_submit+0x1ba/0x3a0
[  620.900862][T16346]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  620.902749][T16346]  __do_fast_syscall_32+0x73/0x120
[  620.904233][T16346]  do_fast_syscall_32+0x32/0x80
[  620.905653][T16346]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  620.907490][T16346] RIP: 0023:0xf7fc5579
[  620.908684][T16346] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  620.914253][T16346] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  620.916640][T16346] RAX: ffffffffffffffda RBX: 00000000f7fc0000 RCX: 0000000000000001
[  620.918914][T16346] RDX: 0000000020004540 RSI: 0000000000000000 RDI: 0000000000000000
[  620.921179][T16346] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  620.923533][T16346] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  620.925811][T16346] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  620.928098][T16346]  </TASK>
[  621.096112][T16353] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2611'.
[  621.098719][T16353] netlink: 'syz.3.2611': attribute type 1 has an invalid length.
[  621.182456][T16357] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2613'.
[  622.063345][T16384] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2623'.
[  622.291552][T16387] random: crng reseeded on system resumption
[  622.446626][   T39] audit: type=1326 audit(2000000003.729:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.461750][   T39] audit: type=1326 audit(2000000003.729:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.467941][   T39] audit: type=1326 audit(2000000003.739:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=282 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.477068][   T39] audit: type=1326 audit(2000000003.739:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.483430][   T39] audit: type=1326 audit(2000000003.739:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.489616][   T39] audit: type=1326 audit(2000000003.739:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.496245][   T39] audit: type=1326 audit(2000000003.739:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.502638][   T39] audit: type=1326 audit(2000000003.739:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.508827][   T39] audit: type=1326 audit(2000000003.739:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.515252][   T39] audit: type=1326 audit(2000000003.739:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.2625" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000
[  622.781136][T16398] FAULT_INJECTION: forcing a failure.
[  622.781136][T16398] name failslab, interval 1, probability 0, space 0, times 0
[  622.784731][T16398] CPU: 2 UID: 0 PID: 16398 Comm: syz.4.2628 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  622.787790][T16398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  622.790866][T16398] Call Trace:
[  622.791845][T16398]  <TASK>
[  622.792719][T16398]  dump_stack_lvl+0x16c/0x1f0
[  622.794187][T16398]  should_fail_ex+0x497/0x5b0
[  622.795569][T16398]  ? fs_reclaim_acquire+0xae/0x150
[  622.797036][T16398]  should_failslab+0xc2/0x120
[  622.798400][T16398]  __kmalloc_cache_noprof+0x68/0x420
[  622.799932][T16398]  ? find_held_lock+0x2d/0x110
[  622.801478][T16398]  binder_alloc_new_buf+0x14d/0x2b90
[  622.802996][T16398]  ? binder_transaction+0x10a9/0x9af0
[  622.804551][T16398]  ? rcu_is_watching+0x12/0xc0
[  622.805927][T16398]  binder_transaction+0x13d9/0x9af0
[  622.807398][T16398]  ? __pfx_mark_lock+0x10/0x10
[  622.808782][T16398]  ? hlock_class+0x4e/0x130
[  622.810086][T16398]  ? __pfx_binder_transaction+0x10/0x10
[  622.811770][T16398]  ? __pfx___lock_acquire+0x10/0x10
[  622.813242][T16398]  ? mark_lock+0xb5/0xc60
[  622.814477][T16398]  ? find_held_lock+0x2d/0x110
[  622.815862][T16398]  ? __might_fault+0x13b/0x190
[  622.817262][T16398]  ? __pfx_lock_release+0x10/0x10
[  622.818714][T16398]  ? trace_lock_acquire+0x14e/0x1f0
[  622.820240][T16398]  ? __pfx_lock_release+0x10/0x10
[  622.821701][T16398]  ? lock_acquire+0x2f/0xb0
[  622.823006][T16398]  ? __might_fault+0xe3/0x190
[  622.824357][T16398]  ? __might_fault+0xe3/0x190
[  622.825733][T16398]  binder_thread_write+0xab4/0x4c30
[  622.827228][T16398]  ? __pfx___lock_acquire+0x10/0x10
[  622.828730][T16398]  ? __kasan_slab_free+0x51/0x70
[  622.830170][T16398]  ? __pfx_binder_thread_write+0x10/0x10
[  622.831805][T16398]  ? find_held_lock+0x2d/0x110
[  622.833189][T16398]  ? binder_debug+0xdf/0x1b0
[  622.834540][T16398]  ? __pfx_binder_debug+0x10/0x10
[  622.836053][T16398]  ? lock_acquire+0x2f/0xb0
[  622.837367][T16398]  ? __might_fault+0xe3/0x190
[  622.838723][T16398]  binder_ioctl+0x269d/0x7080
[  622.840046][T16398]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  622.841664][T16398]  ? tomoyo_path_number_perm+0x190/0x5b0
[  622.843284][T16398]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  622.845033][T16398]  ? __pfx_binder_ioctl+0x10/0x10
[  622.846483][T16398]  ? do_vfs_ioctl+0x513/0x1950
[  622.847846][T16398]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  622.849281][T16398]  ? trace_lock_acquire+0x14e/0x1f0
[  622.850982][T16398]  ? __fget_files+0x206/0x3a0
[  622.852553][T16398]  ? __pfx_binder_ioctl+0x10/0x10
[  622.854078][T16398]  compat_ptr_ioctl+0x6b/0xa0
[  622.855422][T16398]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  622.856933][T16398]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  622.858425][T16398]  __do_fast_syscall_32+0x73/0x120
[  622.859894][T16398]  do_fast_syscall_32+0x32/0x80
[  622.861283][T16398]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  622.863066][T16398] RIP: 0023:0xf709e579
[  622.864228][T16398] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  622.869591][T16398] RSP: 002b:00000000f509055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  622.871956][T16398] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201
[  622.874206][T16398] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  622.876426][T16398] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  622.878640][T16398] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  622.880876][T16398] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  622.883111][T16398]  </TASK>
[  622.992151][T16404] can: request_module (can-proto-3) failed.
[  623.729604][T16425] FAULT_INJECTION: forcing a failure.
[  623.729604][T16425] name failslab, interval 1, probability 0, space 0, times 0
[  623.733926][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  623.735477][T16425] CPU: 3 UID: 0 PID: 16425 Comm: syz.1.2637 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  623.739539][T16425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  623.742612][T16425] Call Trace:
[  623.743598][T16425]  <TASK>
[  623.744466][T16425]  dump_stack_lvl+0x16c/0x1f0
[  623.745865][T16425]  should_fail_ex+0x497/0x5b0
[  623.747229][T16425]  ? __pfx___lock_acquire+0x10/0x10
[  623.748743][T16425]  should_failslab+0xc2/0x120
[  623.750123][T16425]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  623.751909][T16425]  ? __alloc_skb+0x2b3/0x380
[  623.753734][T16425]  __alloc_skb+0x2b3/0x380
[  623.755245][T16425]  ? __pfx___alloc_skb+0x10/0x10
[  623.757146][T16425]  ? mark_held_locks+0x9f/0xe0
[  623.758602][T16425]  inet6_ifinfo_notify+0x77/0x150
[  623.760114][T16425]  inet6_set_link_af+0x668/0xe40
[  623.761568][T16425]  ? __pfx_inet6_set_link_af+0x10/0x10
[  623.763194][T16425]  ? lock_acquire+0x2f/0xb0
[  623.764557][T16425]  ? rtnl_af_lookup+0x130/0x330
[  623.766011][T16425]  ? do_setlink.constprop.0+0x298d/0x3f20
[  623.767907][T16425]  do_setlink.constprop.0+0x298d/0x3f20
[  623.769587][T16425]  ? __pfx_lock_release+0x10/0x10
[  623.771084][T16425]  ? trace_lock_acquire+0x14e/0x1f0
[  623.772655][T16425]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  623.774402][T16425]  ? lock_acquire.part.0+0x11b/0x380
[  623.776027][T16425]  ? __mutex_trylock_common+0xea/0x250
[  623.777639][T16425]  ? __pfx___mutex_trylock_common+0x10/0x10
[  623.779396][T16425]  ? __pfx_lock_release+0x10/0x10
[  623.780903][T16425]  ? rtnl_setlink+0x2ba/0x620
[  623.782358][T16425]  ? rcu_is_watching+0x12/0xc0
[  623.783907][T16425]  ? trace_contention_end+0xee/0x140
[  623.786068][T16425]  ? __mutex_lock+0x1cc/0xa60
[  623.787993][T16425]  ? __pfx_aa_get_newest_label+0x10/0x10
[  623.789807][T16425]  ? rtnl_setlink+0x2ba/0x620
[  623.791182][T16425]  ? __pfx___mutex_lock+0x10/0x10
[  623.792665][T16425]  rtnl_setlink+0x3cf/0x620
[  623.793988][T16425]  ? __pfx_rtnl_setlink+0x10/0x10
[  623.795445][T16425]  ? kasan_save_stack+0x33/0x60
[  623.796880][T16425]  ? hlock_class+0x4e/0x130
[  623.798226][T16425]  ? aa_get_newest_label+0x376/0x680
[  623.799755][T16425]  ? find_held_lock+0x2d/0x110
[  623.801209][T16425]  ? find_held_lock+0x2d/0x110
[  623.802605][T16425]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  623.804085][T16425]  ? __pfx_lock_release+0x10/0x10
[  623.805550][T16425]  ? trace_lock_acquire+0x14e/0x1f0
[  623.807059][T16425]  ? __pfx_rtnl_setlink+0x10/0x10
[  623.808529][T16425]  rtnetlink_rcv_msg+0x95b/0xea0
[  623.809970][T16425]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  623.811554][T16425]  ? __pfx___dev_queue_xmit+0x10/0x10
[  623.813117][T16425]  netlink_rcv_skb+0x165/0x410
[  623.814512][T16425]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  623.816061][T16425]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  623.817565][T16425]  ? netlink_deliver_tap+0x1ae/0xca0
[  623.819092][T16425]  netlink_unicast+0x53c/0x7f0
[  623.820479][T16425]  ? __pfx_netlink_unicast+0x10/0x10
[  623.822036][T16425]  ? __phys_addr_symbol+0x30/0x80
[  623.823504][T16425]  ? __check_object_size+0x488/0x710
[  623.825048][T16425]  netlink_sendmsg+0x8b8/0xd70
[  623.826438][T16425]  ? __pfx_netlink_sendmsg+0x10/0x10
[  623.827975][T16425]  ____sys_sendmsg+0x9ae/0xb40
[  623.829379][T16425]  ? __pfx_____sys_sendmsg+0x10/0x10
[  623.830907][T16425]  ? get_compat_msghdr+0x11b/0x170
[  623.832386][T16425]  ___sys_sendmsg+0x135/0x1e0
[  623.833758][T16425]  ? __pfx____sys_sendmsg+0x10/0x10
[  623.835248][T16425]  ? __pfx_lock_release+0x10/0x10
[  623.836723][T16425]  ? trace_lock_acquire+0x14e/0x1f0
[  623.838206][T16425]  ? __fget_files+0x206/0x3a0
[  623.839560][T16425]  __sys_sendmsg+0x16e/0x220
[  623.840901][T16425]  ? __pfx___sys_sendmsg+0x10/0x10
[  623.842371][T16425]  __do_fast_syscall_32+0x73/0x120
[  623.843828][T16425]  do_fast_syscall_32+0x32/0x80
[  623.845213][T16425]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  623.847006][T16425] RIP: 0023:0xf7fc2579
[  623.848171][T16425] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  623.853609][T16425] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  623.855983][T16425] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[  623.858226][T16425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  623.860451][T16425] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  623.862683][T16425] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  623.864940][T16425] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  623.867188][T16425]  </TASK>
[  623.869255][T16425] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check.
[  624.179484][T16453] overlay: Unknown parameter 'subj_user'
[  624.414312][T16458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2645'.
[  624.484072][T16462] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  624.883990][T16465] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2649'.
[  624.886651][T16465] erspan0: default FDB implementation only supports local addresses
[  624.890730][T16465] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  624.892654][T16465] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  624.895285][T16465] vhci_hcd vhci_hcd.0: Device attached
[  624.898502][T16465] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2649'.
[  624.901461][T16466] vhci_hcd: connection closed
[  624.901711][T13099] vhci_hcd: stop threads
[  624.904833][T13099] vhci_hcd: release socket
[  624.906133][T13099] vhci_hcd: disconnect device
[  625.454261][T16492] syzkaller1: entered promiscuous mode
[  625.455861][T16492] syzkaller1: entered allmulticast mode
[  625.870815][   T68] usb 8-1: new high-speed USB device number 72 using dummy_hcd
[  626.020801][   T68] usb 8-1: Using ep0 maxpacket: 8
[  626.024451][   T68] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  626.026956][   T68] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  626.030458][   T68] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  626.034353][   T68] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  626.037637][   T68] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  626.042357][   T68] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  626.044552][   T68] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  626.047705][   T68] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  626.051607][   T68] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  626.055990][   T68] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  626.059865][   T68] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  626.062252][   T68] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  626.065477][   T68] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  626.068748][   T68] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  626.072263][   T68] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  626.078980][   T68] usb 8-1: string descriptor 0 read error: -22
[  626.081097][   T68] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  626.084351][   T68] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  626.091283][   T68] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  626.435661][T16511] 9pnet_fd: Insufficient options for proto=fd
[  626.521236][T16511] [U] 
[  626.522358][T16511] [U] 
[  626.523168][T16511] [U] 
[  626.523977][T16511] [U] 
[  626.524850][T16511] [U] 
[  626.525656][T16511] [U] 
[  626.526455][T16511] [U] 
[  626.527278][T16511] [U] 
[  626.528153][T16511] [U] 
[  626.528965][T16511] [U] 
[  626.529769][T16511] [U] 
[  626.530569][T16511] [U] 
[  626.550824][T16511] [U] 
[  626.551677][T16511] [U] 
[  626.552495][T16511] [U] 
[  626.553297][T16511] [U] 
[  626.554224][T16511] [U] 
[  626.555035][T16511] [U] 
[  626.555835][T16511] [U] 
[  626.556646][T16511] [U] 
[  626.557495][T16511] [U] 
[  626.558292][T16511] [U] 
[  626.559092][T16511] [U] 
[  626.559893][T16511] [U] 
[  626.566921][T16511] [U] 
[  626.567739][T16511] [U] 
[  626.568552][T16511] [U] 
[  626.569351][T16511] [U] 
[  626.570218][T16511] [U] 
[  626.571050][T16511] [U] 
[  626.571852][T16511] [U] 
[  626.572664][T16511] [U] 
[  626.573984][T16511] [U] 
[  626.574840][T16511] [U] 
[  626.575648][T16511] [U] 
[  626.576485][T16511] [U] 
[  626.577357][T16511] [U] 
[  626.578161][T16511] [U] 
[  626.578963][T16511] [U] 
[  626.579766][T16511] [U] 
[  626.580646][T16511] [U] 
[  626.581461][T16511] [U] 
[  626.582262][T16511] [U] 
[  626.583065][T16511] [U] 
[  626.593021][T16511] [U] 
[  626.593869][T16511] [U] 
[  626.594684][T16511] [U] 
[  626.595490][T16511] [U] 
[  626.596422][T16511] [U] 
[  626.597246][T16511] [U] 
[  626.598056][T16511] [U] 
[  626.599071][T16511] [U] 
[  626.610121][T16511] [U] 
[  626.610972][T16511] [U] 
[  626.611793][T16511] [U] 
[  626.612609][T16511] [U] 
[  626.613687][T16511] [U] 
[  626.614492][T16511] [U] 
[  626.615300][T16511] [U] 
[  626.616096][T16511] [U] 
[  626.617293][T16511] [U] 
[  626.618106][T16511] [U] 
[  626.618930][T16511] [U] 
[  626.619738][T16511] [U] 
[  626.620664][T16511] [U] 
[  626.621506][T16511] [U] 
[  626.622304][T16511] [U] 
[  626.623114][T16511] [U] 
[  626.624114][T16511] [U] 
[  626.624943][T16511] [U] 
[  626.625758][T16511] [U] 
[  626.626565][T16511] [U] 
[  626.630833][T16511] [U] 
[  626.631670][T16511] [U] 
[  626.632492][T16511] [U] 
[  626.633296][T16511] [U] 
[  626.634265][T16511] [U] 
[  626.635120][T16511] [U] 
[  626.636010][T16511] [U] 
[  626.636831][T16511] [U] 
[  626.640824][T16511] [U] 
[  626.641657][T16511] [U] 
[  626.642488][T16511] [U] 
[  626.643295][T16511] [U] 
[  626.644247][T16511] [U] 
[  626.645080][T16511] [U] 
[  626.645894][T16511] [U] 
[  626.646697][T16511] [U] 
[  626.650824][T16511] [U] 
[  626.651809][T16511] [U] 
[  626.652646][T16511] [U] 
[  626.653455][T16511] [U] 
[  626.654361][T16511] [U] 
[  626.655171][T16511] [U] 
[  626.655982][T16511] [U] 
[  626.656806][T16511] [U] 
[  626.660821][T16511] [U] 
[  626.661655][T16511] [U] 
[  626.662475][T16511] [U] 
[  626.663293][T16511] [U] 
[  626.664203][T16511] [U] 
[  626.665021][T16511] [U] 
[  626.665823][T16511] [U] 
[  626.666624][T16511] [U] 
[  626.670860][T16511] [U] 
[  626.671706][T16511] [U] 
[  626.672530][T16511] [U] 
[  626.673335][T16511] [U] 
[  626.674257][T16511] [U] 
[  626.675065][T16511] [U] 
[  626.675876][T16511] [U] 
[  626.676679][T16511] [U] 
[  626.680792][T16511] [U] 
[  626.681624][T16511] [U] 
[  626.682435][T16511] [U] 
[  626.683240][T16511] [U] 
[  626.684173][T16511] [U] 
[  626.684989][T16511] [U] 
[  626.685811][T16511] [U] 
[  626.686626][T16511] [U] 
[  626.690826][T16511] [U] 
[  626.691669][T16511] [U] 
[  626.692493][T16511] [U] 
[  626.693314][T16511] [U] 
[  626.694213][T16511] [U] 
[  626.695022][T16511] [U] 
[  626.695837][T16511] [U] 
[  626.703474][T16510] [U] 
[  626.761997][T16520] netlink: 'syz.0.2666': attribute type 1 has an invalid length.
[  626.764612][T16520] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check.
[  627.037427][T16530] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2669'.
[  627.077930][T16532] dummy0: entered promiscuous mode
[  627.082403][T16532] dummy0: left promiscuous mode
[  627.481603][T16547] 9pnet_fd: Insufficient options for proto=fd
[  628.420310][T16570] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2679'.
[  628.592379][T16572] fuse: Bad value for 'fd'
[  628.679875][T14762] usb 8-1: USB disconnect, device number 72
[  628.778184][T16577] netdevsim netdevsim4: Direct firmware load for .
[  628.778184][T16577]  failed with error -2
[  628.787254][T16577] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[  628.787254][T16577] 
[  628.792602][T16579] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2683'.
[  629.476479][T16600] FAULT_INJECTION: forcing a failure.
[  629.476479][T16600] name failslab, interval 1, probability 0, space 0, times 0
[  629.481544][T16600] CPU: 3 UID: 0 PID: 16600 Comm: syz.4.2689 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  629.485943][T16600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  629.490212][T16600] Call Trace:
[  629.491601][T16600]  <TASK>
[  629.492839][T16600]  dump_stack_lvl+0x16c/0x1f0
[  629.494793][T16600]  should_fail_ex+0x497/0x5b0
[  629.496754][T16600]  ? fs_reclaim_acquire+0xae/0x150
[  629.498843][T16600]  should_failslab+0xc2/0x120
[  629.500799][T16600]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  629.503188][T16600]  ? __alloc_skb+0x2b3/0x380
[  629.504819][T16600]  __alloc_skb+0x2b3/0x380
[  629.506535][T16600]  ? __pfx___alloc_skb+0x10/0x10
[  629.508279][T16600]  ? lock_acquire+0x2f/0xb0
[  629.510169][T16600]  netlink_alloc_large_skb+0x69/0x130
[  629.512372][T16600]  netlink_sendmsg+0x689/0xd70
[  629.514349][T16600]  ? __pfx_netlink_sendmsg+0x10/0x10
[  629.516270][T16600]  ____sys_sendmsg+0x9ae/0xb40
[  629.518168][T16600]  ? __pfx_____sys_sendmsg+0x10/0x10
[  629.520266][T16600]  ? get_compat_msghdr+0x11b/0x170
[  629.522297][T16600]  ___sys_sendmsg+0x135/0x1e0
[  629.524316][T16600]  ? __pfx____sys_sendmsg+0x10/0x10
[  629.526434][T16600]  ? __pfx_lock_release+0x10/0x10
[  629.528448][T16600]  ? trace_lock_acquire+0x14e/0x1f0
[  629.530578][T16600]  ? __fget_files+0x206/0x3a0
[  629.532525][T16600]  __sys_sendmsg+0x16e/0x220
[  629.533861][T16600]  ? __pfx___sys_sendmsg+0x10/0x10
[  629.535338][T16600]  __do_fast_syscall_32+0x73/0x120
[  629.536813][T16600]  do_fast_syscall_32+0x32/0x80
[  629.538213][T16600]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  629.540010][T16600] RIP: 0023:0xf709e579
[  629.541203][T16600] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  629.546659][T16600] RSP: 002b:00000000f509055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  629.549044][T16600] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  629.551302][T16600] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  629.553582][T16600] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  629.555843][T16600] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  629.558119][T16600] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  629.560375][T16600]  </TASK>
[  629.625381][T16607] kAFS: unable to lookup cell ''
[  629.627465][T16607] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2690'.
[  630.019259][T16618] fuse: Unknown parameter '00000000000000000000'
[  631.139445][T16651] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2702'.
[  631.231146][T16652] netlink: 'syz.4.2702': attribute type 4 has an invalid length.
[  631.233772][T16652] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2702'.
[  631.244326][T16652] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2702'.
[  631.747153][T16674] blktrace: Concurrent blktraces are not allowed on nullb0
[  631.840182][T16676] can: request_module (can-proto-3) failed.
[  632.569329][T16684] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2710'.
[  632.572941][T16684] nbd: must specify at least one socket
[  633.310002][T16755] i2c i2c-1: Invalid block write size 34
[  633.379115][T16759] evm: overlay not supported
[  633.488898][T16765] "syz.4.2726" (16765) uses obsolete ecb(arc4) skcipher
[  633.668109][T16784] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2730'.
[  633.694862][T16788] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2725'.
[  633.700342][T16788] nbd: must specify at least one socket
[  633.817008][T16789] FAULT_INJECTION: forcing a failure.
[  633.817008][T16789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  633.822928][T16789] CPU: 2 UID: 0 PID: 16789 Comm: syz.4.2731 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  633.827206][T16789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  633.831491][T16789] Call Trace:
[  633.832853][T16789]  <TASK>
[  633.834059][T16789]  dump_stack_lvl+0x16c/0x1f0
[  633.835995][T16789]  should_fail_ex+0x497/0x5b0
[  633.837935][T16789]  _copy_from_user+0x2e/0xd0
[  633.839833][T16789]  move_addr_to_kernel+0x68/0x160
[  633.841881][T16789]  __sys_connect+0xb0/0x170
[  633.843759][T16789]  ? __pfx___sys_connect+0x10/0x10
[  633.845836][T16789]  ? __pfx_ksys_write+0x10/0x10
[  633.847815][T16789]  __ia32_sys_connect+0x71/0xb0
[  633.849824][T16789]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  633.852467][T16789]  __do_fast_syscall_32+0x73/0x120
[  633.854554][T16789]  do_fast_syscall_32+0x32/0x80
[  633.856535][T16789]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  633.859077][T16789] RIP: 0023:0xf709e579
[  633.860739][T16789] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  633.868326][T16789] RSP: 002b:00000000f506f55c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  633.871660][T16789] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020772000
[  633.874814][T16789] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  633.877887][T16789] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  633.881036][T16789] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  633.884180][T16789] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  633.887343][T16789]  </TASK>
[  634.340272][T16792] trusted_key: encrypted_key: keylen parameter is missing
[  634.402207][T16796] Illegal XDP return value 4294967294 on prog  (id 330) dev N/A, expect packet loss!
[  634.512866][T16792] /dev/sr0: Can't open blockdev
[  634.577947][T16799] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  634.643292][T16812] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2739'.
[  634.650791][ T1454] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  634.820757][ T1454] usb 5-1: Using ep0 maxpacket: 16
[  634.823385][ T1454] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  634.825987][ T1454] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  634.828508][ T1454] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  634.831838][ T1454] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  634.834522][ T1454] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.837457][ T1454] usb 5-1: config 0 descriptor??
[  635.329385][T16837] FAULT_INJECTION: forcing a failure.
[  635.329385][T16837] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  635.333467][T16837] CPU: 2 UID: 0 PID: 16837 Comm: syz.0.2747 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  635.336658][T16837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  635.339723][T16837] Call Trace:
[  635.340704][T16837]  <TASK>
[  635.341564][T16837]  dump_stack_lvl+0x16c/0x1f0
[  635.342920][T16837]  should_fail_ex+0x497/0x5b0
[  635.344323][T16837]  _copy_from_user+0x2e/0xd0
[  635.345663][T16837]  get_compat_msghdr+0xa8/0x170
[  635.347065][T16837]  ? __pfx_get_compat_msghdr+0x10/0x10
[  635.348630][T16837]  ___sys_sendmsg+0x1b0/0x1e0
[  635.350027][T16837]  ? __pfx____sys_sendmsg+0x10/0x10
[  635.351537][T16837]  ? __pfx_lock_release+0x10/0x10
[  635.352977][T16837]  ? trace_lock_acquire+0x14e/0x1f0
[  635.354497][T16837]  ? __fget_files+0x206/0x3a0
[  635.355850][T16837]  __sys_sendmsg+0x16e/0x220
[  635.357211][T16837]  ? __pfx___sys_sendmsg+0x10/0x10
[  635.358676][T16837]  __do_fast_syscall_32+0x73/0x120
[  635.360162][T16837]  do_fast_syscall_32+0x32/0x80
[  635.361584][T16837]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  635.363391][T16837] RIP: 0023:0xf70de579
[  635.364577][T16837] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  635.370260][T16837] RSP: 002b:00000000f50d055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  635.372649][T16837] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020006040
[  635.374915][T16837] RDX: 0000000000040080 RSI: 0000000000000000 RDI: 0000000000000000
[  635.377168][T16837] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  635.379486][T16837] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  635.381737][T16837] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  635.383982][T16837]  </TASK>
[  635.386312][ T1454] usbhid 5-1:0.0: can't add hid device: -71
[  635.388763][ T1454] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  635.398654][ T1454] usb 5-1: USB disconnect, device number 64
[  635.535387][T16839] FAULT_INJECTION: forcing a failure.
[  635.535387][T16839] name failslab, interval 1, probability 0, space 0, times 0
[  635.539590][T16839] CPU: 2 UID: 0 PID: 16839 Comm: syz.0.2748 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  635.542875][T16839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  635.546744][T16839] Call Trace:
[  635.547950][T16839]  <TASK>
[  635.548835][T16839]  dump_stack_lvl+0x16c/0x1f0
[  635.550234][T16839]  should_fail_ex+0x497/0x5b0
[  635.551658][T16839]  ? fs_reclaim_acquire+0xae/0x150
[  635.553316][T16839]  should_failslab+0xc2/0x120
[  635.554910][T16839]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  635.556518][T16839]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  635.558387][T16839]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  635.560215][T16839]  ? vmx_set_apic_access_page_addr+0x6a4/0x900
[  635.562115][T16839]  mmu_topup_memory_caches+0x22/0xd0
[  635.563797][T16839]  kvm_mmu_load+0xda/0x21f0
[  635.565714][T16839]  ? kvm_apic_has_interrupt+0xb6/0x190
[  635.567681][T16839]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  635.569502][T16839]  ? _raw_read_unlock+0x28/0x50
[  635.571034][T16839]  ? vmx_set_apic_access_page_addr+0x1a0/0x900
[  635.572978][T16839]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  635.574737][T16839]  ? __pfx_kvm_mmu_load+0x10/0x10
[  635.576287][T16839]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  635.578144][T16839]  ? kvm_check_and_inject_events+0x725/0x12e0
[  635.580011][T16839]  vcpu_run+0x2e2e/0x4c00
[  635.581377][T16839]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  635.583088][T16839]  ? __pfx_vcpu_run+0x10/0x10
[  635.584815][T16839]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  635.587122][T16839]  ? rcu_is_watching+0x12/0xc0
[  635.588679][T16839]  ? trace_lock_acquire+0x14e/0x1f0
[  635.590290][T16839]  ? __local_bh_enable_ip+0xa4/0x120
[  635.591926][T16839]  ? lockdep_hardirqs_on+0x7c/0x110
[  635.593567][T16839]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  635.595827][T16839]  ? lock_acquire+0x2f/0xb0
[  635.597257][T16839]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  635.599002][T16839]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  635.600683][T16839]  kvm_vcpu_ioctl+0x6ce/0x1520
[  635.602057][T16839]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  635.603874][T16839]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  635.606033][T16839]  ? tomoyo_path_number_perm+0x190/0x5b0
[  635.608009][T16839]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  635.609968][T16839]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  635.611814][T16839]  ? do_vfs_ioctl+0x513/0x1950
[  635.613431][T16839]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  635.615055][T16839]  ? __pfx_lock_release+0x10/0x10
[  635.616663][T16839]  ? trace_lock_acquire+0x14e/0x1f0
[  635.618324][T16839]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[  635.619984][T16839]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  635.621739][T16839]  ? __fget_files+0x206/0x3a0
[  635.623216][T16839]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  635.625514][T16839]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  635.627527][T16839]  __do_fast_syscall_32+0x73/0x120
[  635.629069][T16839]  do_fast_syscall_32+0x32/0x80
[  635.630644][T16839]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  635.632644][T16839] RIP: 0023:0xf70de579
[  635.633954][T16839] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  635.639748][T16839] RSP: 002b:00000000f50d055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  635.642416][T16839] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  635.645335][T16839] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  635.648128][T16839] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  635.650537][T16839] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  635.652947][T16839] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  635.655376][T16839]  </TASK>
[  635.856776][T16843] 9pnet_fd: Insufficient options for proto=fd
[  635.925780][T16848] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2752'.
[  635.941983][T16848] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2752'.
[  635.991326][T12678] Bluetooth: hci4: unexpected event 0x03 length: 17 > 11
[  636.523205][T16867] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2757'.
[  636.605996][T16875] futex_wake_op: syz.4.2762 tries to shift op by -1; fix this program
[  636.666378][T16875] binder: 16874:16875 ioctl c0306201 200002c0 returned -14
[  636.670401][T16875] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2762'.
[  636.760416][T16866] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2759'.
[  636.891580][T16873] netlink: 'syz.1.2757': attribute type 4 has an invalid length.
[  636.893984][T16873] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2757'.
[  636.913590][T16873] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2757'.
[  637.520041][T16892] xt_TPROXY: Can be used only with -p tcp or -p udp
[  637.580853][T12678] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  637.584858][T12678] Bluetooth: hci1: Injecting HCI hardware error event
[  637.587678][T12678] Bluetooth: hci1: hardware error 0x00
[  638.050851][ T5959] Bluetooth: hci4: command tx timeout
[  638.337849][T16928] bridge_slave_0: left allmulticast mode
[  638.339917][T16928] bridge_slave_0: left promiscuous mode
[  638.343912][T16928] bridge0: port 1(bridge_slave_0) entered disabled state
[  638.348941][T16928] bridge_slave_1: left allmulticast mode
[  638.351244][T16928] bridge_slave_1: left promiscuous mode
[  638.353367][T16928] bridge0: port 2(bridge_slave_1) entered disabled state
[  638.357910][T16928] bond0: (slave bond_slave_0): Releasing backup interface
[  638.360904][T16928] bond_slave_0: left promiscuous mode
[  638.379820][T16928] bond0: (slave bond_slave_1): Releasing backup interface
[  638.385278][T16928] bond_slave_1: left promiscuous mode
[  638.403483][T16928] team0: Port device team_slave_0 removed
[  638.408399][T16928] team0: Port device team_slave_1 removed
[  638.410961][T16928] batman_adv: batadv0: Removing interface: batadv_slave_0
[  638.414249][T16928] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  638.416975][T16928] batman_adv: batadv0: Removing interface: batadv_slave_1
[  638.439389][T16928] team0: Port device netdevsim0 removed
[  638.486742][T16929] vlan0: entered promiscuous mode
[  638.499369][T16929] team0: Port device vlan0 added
[  638.505062][T16928] tipc: Started in network mode
[  638.507045][T16928] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  638.509329][T16928] tipc: Enabled bearer <eth:team0>, priority 0
[  638.644633][T16932] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  638.767253][T16937] trusted_key: encrypted_key: insufficient parameters specified
[  638.836152][   T39] kauditd_printk_skb: 75 callbacks suppressed
[  638.836164][   T39] audit: type=1326 audit(2000000020.119:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16939 comm="syz.0.2779" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x0
[  639.134607][T16952] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2782'.
[  639.409816][T16957] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  639.535861][T16969] netlink: 'syz.3.2786': attribute type 10 has an invalid length.
[  639.538138][T16969] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2786'.
[  639.540755][T16969] team0: entered promiscuous mode
[  639.542230][T16969] team_slave_0: entered promiscuous mode
[  639.543993][T16969] team_slave_1: entered promiscuous mode
[  639.545757][T16969] bridge0: port 3(team0) entered blocking state
[  639.547632][T16969] bridge0: port 3(team0) entered disabled state
[  639.549543][T16969] team0: entered allmulticast mode
[  639.551228][T16969] team_slave_0: entered allmulticast mode
[  639.552878][T16969] team_slave_1: entered allmulticast mode
[  639.556473][T16969] bridge0: port 3(team0) entered blocking state
[  639.558333][T16969] bridge0: port 3(team0) entered forwarding state
[  639.630866][ T5987] tipc: Node number set to 11578026
[  639.651480][T12678] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  639.772872][T16997] loop9: detected capacity change from 0 to 8
[  639.777915][T16997]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  639.779492][T16997] loop9: partition table partially beyond EOD, truncated
[  639.787288][T16997] loop9: p1 size 81768186 extends beyond EOD, truncated
[  639.882582][T17007] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2794'.
[  639.887457][T17007] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2794'.
[  639.954904][ T5987] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  640.152161][T17021] binder: 17020:17021 ioctl c0306201 200002c0 returned -14
[  641.223438][T17072] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2815'.
[  641.439643][T17086] [U] ��M٭��Q&�� K�4
[  641.443089][T17086] [U] [�)�U�}��ǔ��JϬ}N�SEF*�	�����NZ��F[F_H��'��W"�X�~����;VA�)^�`�1C':Z�������FOB�	*?۟C�Z�S��<8ZNѷ���ј��EY�	T�T<$C�R�Ɩ�/VG���{Y�~Y5\�
;ƃZ��DX���Y�A��"XI�F�{��`A$í�55?�
��S�A�M��O����ͻ*K��
[  641.450991][T17085] [U] �
[  641.609222][T17093] can0: slcan on ptm0.
[  641.614567][T17093] batman_adv: batadv0: Adding interface: dummy0
[  641.616848][T17093] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  641.626029][T17093] batman_adv: batadv0: Interface activated: dummy0
[  641.631358][T17093] batadv0: mtu less than device minimum
[  641.634202][T17093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  641.639055][T17093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  641.643619][T17093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  641.648117][T17093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  641.652888][T17093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  641.657484][T17093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  641.662025][T17093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  641.666539][T17093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  641.671088][T17093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  641.761585][T17092] can0 (unregistered): slcan off ptm0.
[  641.919008][T17111] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2825'.
[  641.925104][T17111] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2825'.
[  642.077244][T17118] loop9: detected capacity change from 0 to 7
[  642.081900][T17118] Dev loop9: unable to read RDB block 7
[  642.083624][T17118]  loop9: unable to read partition table
[  642.085611][T17118] loop9: partition table beyond EOD, truncated
[  642.087460][T17118] loop_reread_partitions: partition scan of loop9 (�被x󟣑� ) failed (rc=-5)
[  642.360895][T17134] overlayfs: workdir and upperdir must reside under the same mount
[  642.414216][T17135] overlayfs: workdir and upperdir must reside under the same mount
[  642.571393][T17147] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2835'.
[  642.890610][T17158] ksmbd: Unknown IPC event: 0, ignore.
[  643.941460][T17212] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2845'.
[  643.944129][T17212] batadv_slave_1: entered promiscuous mode
[  643.955532][T17212] batadv_slave_1: left promiscuous mode
[  643.967300][T17221] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  644.720483][T17256] overlay: ./file0 is not a directory
[  645.089726][T17264] FAULT_INJECTION: forcing a failure.
[  645.089726][T17264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  645.093914][T17264] CPU: 3 UID: 0 PID: 17264 Comm: syz.3.2862 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  645.097013][T17264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  645.100053][T17264] Call Trace:
[  645.101033][T17264]  <TASK>
[  645.101896][T17264]  dump_stack_lvl+0x16c/0x1f0
[  645.103262][T17264]  should_fail_ex+0x497/0x5b0
[  645.104629][T17264]  _copy_from_iter+0x29b/0x1400
[  645.106052][T17264]  ? _copy_from_iter+0x159/0x1400
[  645.107496][T17264]  ? __pfx__copy_from_iter+0x10/0x10
[  645.109011][T17264]  ? __pfx__copy_from_iter+0x10/0x10
[  645.110514][T17264]  ? __virt_addr_valid+0x1a4/0x590
[  645.111982][T17264]  copy_page_from_iter+0xa5/0x120
[  645.113436][T17264]  skb_copy_datagram_from_iter+0x29b/0x710
[  645.114940][T17264]  tun_get_user+0x197f/0x3e40
[  645.116229][T17264]  ? __pfx_tun_get_user+0x10/0x10
[  645.117670][T17264]  ? find_held_lock+0x2d/0x110
[  645.119046][T17264]  ? __pfx_lock_release+0x10/0x10
[  645.120495][T17264]  tun_chr_write_iter+0xdc/0x210
[  645.121922][T17264]  vfs_write+0x5ae/0x1150
[  645.123174][T17264]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  645.124759][T17264]  ? __pfx_vfs_write+0x10/0x10
[  645.126147][T17264]  ? __fget_files+0x40/0x3a0
[  645.127481][T17264]  ksys_write+0x12b/0x250
[  645.128730][T17264]  ? __pfx_ksys_write+0x10/0x10
[  645.130153][T17264]  __do_fast_syscall_32+0x73/0x120
[  645.131626][T17264]  do_fast_syscall_32+0x32/0x80
[  645.133034][T17264]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  645.134893][T17264] RIP: 0023:0xf7fc5579
[  645.136087][T17264] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  645.141531][T17264] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  645.143883][T17264] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  645.146487][T17264] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[  645.149647][T17264] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  645.152049][T17264] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  645.154321][T17264] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  645.156611][T17264]  </TASK>
[  645.707169][T17291] FAULT_INJECTION: forcing a failure.
[  645.707169][T17291] name failslab, interval 1, probability 0, space 0, times 0
[  645.711652][T17291] CPU: 1 UID: 0 PID: 17291 Comm: syz.1.2871 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  645.714732][T17291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  645.717797][T17291] Call Trace:
[  645.718771][T17291]  <TASK>
[  645.719662][T17291]  dump_stack_lvl+0x16c/0x1f0
[  645.721598][T17291]  should_fail_ex+0x497/0x5b0
[  645.723254][T17291]  ? fs_reclaim_acquire+0xae/0x150
[  645.724770][T17291]  should_failslab+0xc2/0x120
[  645.726612][T17291]  __kmalloc_cache_noprof+0x68/0x420
[  645.728323][T17291]  ? snd_pcm_hw_param_first+0x301/0x6b0
[  645.730160][T17291]  ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0
[  645.732882][T17291]  ? snd_pcm_format_linear+0x8b/0xc0
[  645.734927][T17291]  snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0
[  645.737061][T17291]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  645.739003][T17291]  ? kfree+0x14f/0x4b0
[  645.740432][T17291]  ? calc_src_frames.isra.0+0x187/0x1d0
[  645.742646][T17291]  snd_pcm_oss_change_params_locked+0x1376/0x3a50
[  645.745230][T17291]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  645.747427][T17291]  ? find_held_lock+0x2d/0x110
[  645.748823][T17291]  ? snd_pcm_oss_read+0x374/0x750
[  645.750312][T17291]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  645.752009][T17291]  snd_pcm_oss_read+0x396/0x750
[  645.753437][T17291]  ? bpf_lsm_file_permission+0x9/0x10
[  645.754975][T17291]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  645.756522][T17291]  vfs_read+0x1df/0xbe0
[  645.757721][T17291]  ? __fget_files+0x1fc/0x3a0
[  645.759075][T17291]  ? __pfx_lock_release+0x10/0x10
[  645.761058][T17291]  ? __pfx_vfs_read+0x10/0x10
[  645.762983][T17291]  ? lock_acquire+0x2f/0xb0
[  645.764852][T17291]  ? __fget_files+0x40/0x3a0
[  645.766753][T17291]  ? __fget_files+0x206/0x3a0
[  645.768694][T17291]  ksys_read+0x12b/0x250
[  645.770407][T17291]  ? __pfx_ksys_read+0x10/0x10
[  645.772369][T17291]  __do_fast_syscall_32+0x73/0x120
[  645.773935][T17291]  do_fast_syscall_32+0x32/0x80
[  645.775335][T17291]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  645.777199][T17291] RIP: 0023:0xf7fc2579
[  645.778371][T17291] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  645.785230][T17291] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  645.788552][T17291] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000180
[  645.791720][T17291] RDX: 00000000000000de RSI: 0000000000000000 RDI: 0000000000000000
[  645.794869][T17291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  645.798027][T17291] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  645.801193][T17291] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  645.803871][T17291]  </TASK>
[  646.311043][T17308] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  647.087168][T17331] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2880'.
[  647.922094][T17345] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2884'.
[  648.438931][T17347] FAULT_INJECTION: forcing a failure.
[  648.438931][T17347] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  648.442914][T17347] CPU: 3 UID: 0 PID: 17347 Comm: syz.3.2885 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  648.446446][T17347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  648.449362][T17347] Call Trace:
[  648.450297][T17347]  <TASK>
[  648.451166][T17347]  dump_stack_lvl+0x16c/0x1f0
[  648.452491][T17347]  should_fail_ex+0x497/0x5b0
[  648.453861][T17347]  _copy_from_iter+0x29b/0x1400
[  648.455193][T17347]  ? _copy_from_iter+0x159/0x1400
[  648.456616][T17347]  ? __pfx__copy_from_iter+0x10/0x10
[  648.458114][T17347]  ? __pfx__copy_from_iter+0x10/0x10
[  648.458779][T17349] netlink: 'syz.4.2886': attribute type 1 has an invalid length.
[  648.459578][T17347]  ? __virt_addr_valid+0x1a4/0x590
[  648.459598][T17347]  copy_page_from_iter+0xa5/0x120
[  648.459615][T17347]  skb_copy_datagram_from_iter+0x29b/0x710
[  648.461915][T17349] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2886'.
[  648.463206][T17347]  tun_get_user+0x197f/0x3e40
[  648.463232][T17347]  ? __pfx_tun_get_user+0x10/0x10
[  648.471511][T17347]  ? find_held_lock+0x2d/0x110
[  648.472857][T17347]  ? __pfx_lock_release+0x10/0x10
[  648.474297][T17347]  tun_chr_write_iter+0xdc/0x210
[  648.475667][T17347]  vfs_write+0x5ae/0x1150
[  648.476884][T17347]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  648.478449][T17347]  ? __pfx_vfs_write+0x10/0x10
[  648.479811][T17347]  ? __fget_files+0x40/0x3a0
[  648.481123][T17347]  ksys_write+0x12b/0x250
[  648.482325][T17347]  ? __pfx_ksys_write+0x10/0x10
[  648.483706][T17347]  __do_fast_syscall_32+0x73/0x120
[  648.485137][T17347]  do_fast_syscall_32+0x32/0x80
[  648.486501][T17347]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  648.488246][T17347] RIP: 0023:0xf7fc5579
[  648.489368][T17347] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  648.495108][T17347] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  648.497664][T17347] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  648.500421][T17347] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[  648.503159][T17347] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  648.505448][T17347] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  648.507724][T17347] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  648.510004][T17347]  </TASK>
[  648.670073][T17350] team0 (unregistering): Port device team_slave_0 removed
[  648.677826][T17350] team0 (unregistering): Port device team_slave_1 removed
[  649.375806][T17369] IPVS: length: 46 != 8
[  649.770791][T14092] usb 8-1: new high-speed USB device number 73 using dummy_hcd
[  649.928423][T17394] FAULT_INJECTION: forcing a failure.
[  649.928423][T17394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  649.932009][T14092] usb 8-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  649.932424][T17394] CPU: 1 UID: 0 PID: 17394 Comm: syz.4.2898 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  649.935073][T14092] usb 8-1: config 0 interface 0 has no altsetting 0
[  649.938197][T17394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  649.940083][T14092] usb 8-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  649.943152][T17394] Call Trace:
[  649.943160][T17394]  <TASK>
[  649.943165][T17394]  dump_stack_lvl+0x16c/0x1f0
[  649.943185][T17394]  should_fail_ex+0x497/0x5b0
[  649.943201][T17394]  _copy_from_iter+0x29b/0x1400
[  649.943217][T17394]  ? trace_lock_acquire+0x14e/0x1f0
[  649.950777][T14092] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.951812][T17394]  ? __alloc_skb+0x200/0x380
[  649.951831][T17394]  ? __pfx__copy_from_iter+0x10/0x10
[  649.951846][T17394]  ? __virt_addr_valid+0x1a4/0x590
[  649.951862][T17394]  ? __virt_addr_valid+0x5e/0x590
[  649.951875][T17394]  ? __phys_addr_symbol+0x30/0x80
[  649.951888][T17394]  ? __check_object_size+0x488/0x710
[  649.951905][T17394]  netlink_sendmsg+0x813/0xd70
[  649.951919][T17394]  ? __pfx_netlink_sendmsg+0x10/0x10
[  649.951941][T17394]  ____sys_sendmsg+0x9ae/0xb40
[  649.951954][T17394]  ? __pfx_____sys_sendmsg+0x10/0x10
[  649.951966][T17394]  ? get_compat_msghdr+0x11b/0x170
[  649.951982][T17394]  ___sys_sendmsg+0x135/0x1e0
[  649.951998][T17394]  ? __pfx____sys_sendmsg+0x10/0x10
[  649.952018][T17394]  ? __pfx_lock_release+0x10/0x10
[  649.952028][T17394]  ? trace_lock_acquire+0x14e/0x1f0
[  649.952046][T17394]  ? __fget_files+0x206/0x3a0
[  649.952063][T17394]  __sys_sendmsg+0x16e/0x220
[  649.952078][T17394]  ? __pfx___sys_sendmsg+0x10/0x10
[  649.952100][T17394]  __do_fast_syscall_32+0x73/0x120
[  649.952116][T17394]  do_fast_syscall_32+0x32/0x80
[  649.952129][T17394]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  649.952145][T17394] RIP: 0023:0xf709e579
[  649.952155][T17394] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  649.952166][T17394] RSP: 002b:00000000f509055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  649.952179][T17394] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  649.952187][T17394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  649.952193][T17394] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  649.954538][T14092] usb 8-1: config 0 descriptor??
[  649.955971][T17394] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  650.008029][T17394] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  650.010384][T17394]  </TASK>
[  650.181495][T17396] nbd4: detected capacity change from 0 to 22
[  650.193492][T17401] block nbd4: shutting down sockets
[  650.222963][T14523] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.225987][T14523] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.231923][T15454] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.236950][T15454] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.239173][T17396] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  650.244429][T15454] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.248144][T15454] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.253028][T14092] usbhid 8-1:0.0: can't add hid device: -71
[  650.253379][T15454] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.255541][T14092] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  650.257480][T15454] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.260923][T14092] usb 8-1: USB disconnect, device number 73
[  650.262716][T15454] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.266517][T15454] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.268927][T15454] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.271838][T15454] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.274257][T15454] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.276981][T15454] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.279578][T15454] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.284064][T15454] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.286482][T15454] ldm_validate_partition_table(): Disk read failed.
[  650.288467][T15454] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.293020][T15454] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.295430][T15454] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  650.298194][T15454] Buffer I/O error on dev nbd4, logical block 0, async page read
[  650.302043][T15454] Dev nbd4: unable to read RDB block 0
[  650.304202][T15454]  nbd4: unable to read partition table
[  650.307371][T15454] nbd4: partition table beyond EOD, truncated
[  650.317296][T15454] ldm_validate_partition_table(): Disk read failed.
[  650.319513][T15454] Dev nbd4: unable to read RDB block 0
[  650.323870][T15454]  nbd4: unable to read partition table
[  650.325715][T15454] nbd4: partition table beyond EOD, truncated
[  651.680824][   T68] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  651.680918][  T831] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  651.850812][   T68] usb 5-1: Using ep0 maxpacket: 8
[  651.854761][   T68] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  651.857668][   T68] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  651.858608][T17448] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2910'.
[  651.860540][   T68] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  651.860567][   T68] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  651.861489][   T68] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  651.863241][T17448] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2910'.
[  651.866311][   T68] usb 5-1: New USB device strings: Mfr=0, Product=7, SerialNumber=0
[  651.866325][   T68] usb 5-1: Product: syz
[  651.931761][  T831] usb 9-1: not running at top speed; connect to a high speed hub
[  651.955929][  T831] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  651.963761][  T831] usb 9-1: New USB device found, idVendor=056a, idProduct=00de, bcdDevice= 0.40
[  651.966606][  T831] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  651.969639][  T831] usb 9-1: Product: Ф
[  651.971534][  T831] usb 9-1: Manufacturer: 轧ꥊ榬ṁ丞጗ῼ뗶耲⏵ꗓ脥穄蕗샵ﵿꑵ逗练蕱ዱ釬믌䜝픺≼앸䉀Ͳ㚑ﴂ鋪溙煯⦂鐖忰鐢쥏鸡洣㜅ਗ਼珫庤빟튃걨뾐
[  651.976753][  T831] usb 9-1: SerialNumber: ࠔ
[  651.987566][T17438] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  652.080050][   T68] usb 5-1: GET_CAPABILITIES returned 0
[  652.082161][   T68] usbtmc 5-1:16.0: can't read capabilities
[  652.283537][T17437] usbtmc 5-1:16.0: usbtmc488_ioctl_trigger returned -90
[  652.286981][   T68] usb 5-1: USB disconnect, device number 65
[  652.555746][  T831] usbhid 9-1:1.0: can't add hid device: -71
[  652.557966][  T831] usbhid 9-1:1.0: probe with driver usbhid failed with error -71
[  652.567621][  T831] usb 9-1: USB disconnect, device number 2
[  652.881313][ T5991] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[  653.041047][ T5991] usb 6-1: Using ep0 maxpacket: 8
[  653.043814][ T5991] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  653.046732][ T5991] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  653.050333][ T5991] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  653.054758][ T5991] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  653.059797][ T5991] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  653.062653][ T5991] usb 6-1: New USB device strings: Mfr=0, Product=7, SerialNumber=0
[  653.065122][ T5991] usb 6-1: Product: syz
[  653.090944][   T68] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  653.230042][T17486] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2918'.
[  653.261896][   T68] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  653.264770][   T68] usb 5-1: config 0 interface 0 has no altsetting 0
[  653.266662][   T68] usb 5-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  653.269324][   T68] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  653.272629][   T68] usb 5-1: config 0 descriptor??
[  653.277553][T17474] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  653.280480][T17474] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  653.478071][   T68] usbhid 5-1:0.0: can't add hid device: -71
[  653.479910][   T68] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  653.491649][   T68] usb 5-1: USB disconnect, device number 66
[  653.524805][T17490] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  653.526989][T17490] UDF-fs: Scanning with blocksize 2048 failed
[  653.529764][T17490] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  653.532016][T17490] UDF-fs: Scanning with blocksize 4096 failed
[  653.539835][T17490] xt_socket: unknown flags 0x46
[  653.566879][ T5991] usb 6-1: GET_CAPABILITIES returned 0
[  653.568590][ T5991] usbtmc 6-1:16.0: can't read capabilities
[  653.673986][T17492] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2919'.
[  654.304572][T17513] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2924'.
[  654.307285][T17513] nbd: must specify at least one socket
[  655.280400][T17529] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  655.282345][T17529] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  655.285238][T17529] vhci_hcd vhci_hcd.0: Device attached
[  655.593251][  T831] vhci_hcd: vhci_device speed not set
[  655.661127][ T5987] usb 6-1: USB disconnect, device number 65
[  655.681410][  T831] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[  656.031921][T17546] FAULT_INJECTION: forcing a failure.
[  656.031921][T17546] name failslab, interval 1, probability 0, space 0, times 0
[  656.036282][T17546] CPU: 1 UID: 0 PID: 17546 Comm: syz.3.2933 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  656.039367][T17546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  656.042509][T17546] Call Trace:
[  656.043507][T17546]  <TASK>
[  656.044377][T17546]  dump_stack_lvl+0x16c/0x1f0
[  656.045743][T17546]  should_fail_ex+0x497/0x5b0
[  656.047105][T17546]  ? fs_reclaim_acquire+0xae/0x150
[  656.048581][T17546]  should_failslab+0xc2/0x120
[  656.049942][T17546]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  656.051504][T17546]  ? alloc_vfsmnt+0x23/0x710
[  656.052856][T17546]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  656.054494][T17546]  alloc_vfsmnt+0x23/0x710
[  656.055782][T17546]  clone_mnt+0x6d/0xf90
[  656.056987][T17546]  ? lock_acquire+0x2f/0xb0
[  656.058296][T17546]  ? copy_mnt_ns+0x14d/0xa80
[  656.059589][T17546]  copy_tree+0xeb/0x9c0
[  656.060809][T17546]  ? __pfx_down_write+0x10/0x10
[  656.062208][T17546]  ? alloc_mnt_ns+0x2d3/0x4b0
[  656.063586][T17546]  copy_mnt_ns+0x1b5/0xa80
[  656.064894][T17546]  ? kmem_cache_alloc_noprof+0x21b/0x3b0
[  656.066498][T17546]  ? create_new_namespaces+0x30/0xad0
[  656.068028][T17546]  ? apparmor_capable+0x10a/0x1d0
[  656.069488][T17546]  create_new_namespaces+0xd3/0xad0
[  656.070986][T17546]  ? bpf_lsm_capable+0x9/0x10
[  656.072348][T17546]  ? security_capable+0x7e/0x260
[  656.073799][T17546]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  656.075407][T17546]  ksys_unshare+0x45d/0xa40
[  656.076723][T17546]  ? __pfx_ksys_unshare+0x10/0x10
[  656.078183][T17546]  __ia32_sys_unshare+0x30/0x40
[  656.079583][T17546]  __do_fast_syscall_32+0x73/0x120
[  656.081066][T17546]  do_fast_syscall_32+0x32/0x80
[  656.082474][T17546]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  656.084324][T17546] RIP: 0023:0xf7fc5579
[  656.085502][T17546] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  656.091048][T17546] RSP: 002b:00000000f50d455c EFLAGS: 00000296 ORIG_RAX: 0000000000000136
[  656.093421][T17546] RAX: ffffffffffffffda RBX: 0000000068060200 RCX: 0000000000000000
[  656.095668][T17546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  656.097916][T17546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  656.100165][T17546] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  656.102424][T17546] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  656.104681][T17546]  </TASK>
[  656.105662][T14092] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  656.262186][T14092] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  656.265854][T14092] usb 5-1: config 0 interface 0 has no altsetting 0
[  656.268321][T14092] usb 5-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  656.271125][T14092] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.274281][T14092] usb 5-1: config 0 descriptor??
[  656.476794][T17542] FAULT_INJECTION: forcing a failure.
[  656.476794][T17542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  656.480742][T17542] CPU: 0 UID: 0 PID: 17542 Comm: syz.0.2934 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  656.484828][T17542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  656.489050][T17542] Call Trace:
[  656.490397][T17542]  <TASK>
[  656.491621][T17542]  dump_stack_lvl+0x16c/0x1f0
[  656.493522][T17542]  should_fail_ex+0x497/0x5b0
[  656.495411][T17542]  _copy_from_iter+0x29b/0x1400
[  656.497374][T17542]  ? _copy_from_iter+0x159/0x1400
[  656.499352][T17542]  ? __pfx__copy_from_iter+0x10/0x10
[  656.501131][T17542]  ? __pfx__copy_from_iter+0x10/0x10
[  656.503285][T17542]  ? __virt_addr_valid+0x1a4/0x590
[  656.505283][T17542]  copy_page_from_iter+0xa5/0x120
[  656.507290][T17542]  skb_copy_datagram_from_iter+0x29b/0x710
[  656.509658][T17542]  tun_get_user+0x197f/0x3e40
[  656.511581][T17542]  ? __pfx_tun_get_user+0x10/0x10
[  656.513623][T17542]  ? find_held_lock+0x2d/0x110
[  656.515506][T17542]  ? __pfx_lock_release+0x10/0x10
[  656.517470][T17542]  tun_chr_write_iter+0xdc/0x210
[  656.519465][T17542]  vfs_write+0x5ae/0x1150
[  656.521234][T17542]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  656.522909][T17542]  ? __pfx_vfs_write+0x10/0x10
[  656.524316][T17542]  ? __fget_files+0x40/0x3a0
[  656.525676][T17542]  ksys_write+0x12b/0x250
[  656.526926][T17542]  ? __pfx_ksys_write+0x10/0x10
[  656.528370][T17542]  __do_fast_syscall_32+0x73/0x120
[  656.529828][T17542]  do_fast_syscall_32+0x32/0x80
[  656.531234][T17542]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  656.533026][T17542] RIP: 0023:0xf70de579
[  656.534225][T17542] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  656.539632][T17542] RSP: 002b:00000000f50d055c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  656.541990][T17542] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  656.544251][T17542] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[  656.547024][T17542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  656.549920][T17542] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  656.553050][T17542] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  656.556161][T17542]  </TASK>
[  656.561726][T14092] usbhid 5-1:0.0: can't add hid device: -71
[  656.563904][T14092] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  656.570967][T14092] usb 5-1: USB disconnect, device number 67
[  656.722820][T17530] vhci_hcd: connection reset by peer
[  656.729543][T13113] vhci_hcd: stop threads
[  656.731141][T13113] vhci_hcd: release socket
[  656.732942][T13113] vhci_hcd: disconnect device
[  657.051417][T17561] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2935'.
[  657.054124][T17561] nbd: must specify at least one socket
[  657.397019][T17569] loop9: detected capacity change from 0 to 7
[  657.400086][T17569] Dev loop9: unable to read RDB block 7
[  657.401886][T17569]  loop9: unable to read partition table
[  657.403852][T17569] loop9: partition table beyond EOD, truncated
[  657.405772][T17569] loop_reread_partitions: partition scan of loop9 (�被x󟣑� ) failed (rc=-5)
[  657.890799][ T5959] Bluetooth: hci2: command 0x0405 tx timeout
[  658.290435][T17582] netlink: 'syz.0.2943': attribute type 4 has an invalid length.
[  658.293993][T17582] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2943'.
[  658.398469][T17585] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2944'.
[  658.472438][T17589] netlink: 'syz.0.2944': attribute type 4 has an invalid length.
[  658.474691][T17589] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2944'.
[  658.759733][T17599] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2948'.
[  659.485590][T17616] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2954'.
[  659.622493][T17623] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2950'.
[  659.625780][T17623] nbd: must specify at least one socket
[  660.018438][T17634] siw: device registration error -23
[  660.770999][  T831] vhci_hcd: vhci_device speed not set
[  661.349460][T17655] can0: slcan on ttyS3.
[  661.499522][ T5959] Bluetooth: hci2: unexpected event 0x03 length: 17 > 11
[  661.976511][T17670] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2965'.
[  662.006130][T17670] loop6: detected capacity change from 0 to 524287999
[  662.061786][T17648] can0 (unregistered): slcan off ttyS3.
[  662.124031][T17687] vlan2: entered promiscuous mode
[  662.125565][T17687] mac80211_hwsim hwsim15 wlan0: entered promiscuous mode
[  662.127659][T17687] vlan2: entered allmulticast mode
[  662.129169][T17687] mac80211_hwsim hwsim15 wlan0: entered allmulticast mode
[  662.132806][T17687] team0: Device vlan2 is up. Set it down before adding it as a team port
[  662.137118][T17687] mac80211_hwsim hwsim15 wlan0: left allmulticast mode
[  662.139118][T17687] mac80211_hwsim hwsim15 wlan0: left promiscuous mode
[  662.233255][T17680] FAULT_INJECTION: forcing a failure.
[  662.233255][T17680] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  662.238089][T17680] CPU: 0 UID: 0 PID: 17680 Comm: syz.3.2967 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  662.241993][T17680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  662.245841][T17680] Call Trace:
[  662.247101][T17680]  <TASK>
[  662.248230][T17680]  dump_stack_lvl+0x16c/0x1f0
[  662.250011][T17680]  should_fail_ex+0x497/0x5b0
[  662.251775][T17680]  __fpu_restore_sig+0xf5/0x1430
[  662.253662][T17680]  ? __lock_acquire+0xcc5/0x3c40
[  662.255509][T17680]  ? __pfx___fpu_restore_sig+0x10/0x10
[  662.257552][T17680]  ? lock_acquire+0x2f/0xb0
[  662.259262][T17680]  ? __might_fault+0xe3/0x190
[  662.261030][T17680]  fpu__restore_sig+0x113/0x190
[  662.262861][T17680]  ia32_restore_sigcontext+0x40f/0x5d0
[  662.264946][T17680]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  662.267168][T17680]  ? __pfx_lock_release+0x10/0x10
[  662.268826][T17680]  ? _raw_spin_unlock_irq+0x23/0x50
[  662.270318][T17680]  ? lockdep_hardirqs_on+0x7c/0x110
[  662.271821][T17680]  __do_compat_sys_sigreturn+0x14b/0x200
[  662.273467][T17680]  ? __pfx___do_compat_sys_sigreturn+0x10/0x10
[  662.275229][T17680]  do_int80_emulation+0x104/0x200
[  662.276697][T17680]  asm_int80_emulation+0x1a/0x20
[  662.278121][T17680] RIP: 0023:0xf7fc5579
[  662.279301][T17680] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  662.284946][T17680] RSP: 002b:00000000f511655c EFLAGS: 00000296
[  662.286711][T17680] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 00000000000001ae
[  662.288988][T17680] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
[  662.291334][T17680] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  662.293615][T17680] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  662.295877][T17680] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  662.298141][T17680]  </TASK>
[  663.348741][T17720] netlink: 'syz.4.2978': attribute type 10 has an invalid length.
[  663.351150][T17720] netlink: 1268 bytes leftover after parsing attributes in process `syz.4.2978'.
[  663.353809][T17720] net_ratelimit: 10 callbacks suppressed
[  663.353818][T17720] openvswitch: netlink: Message has 7 unknown bytes.
[  663.365570][T17723] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 0, id = 0
[  663.490792][ T5959] Bluetooth: hci2: command 0x0405 tx timeout
[  663.554008][  T113] 
[  663.554894][  T113] ======================================================
[  663.557392][  T113] WARNING: possible circular locking dependency detected
[  663.559738][  T113] 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0 Not tainted
[  663.559747][  T113] ------------------------------------------------------
[  663.559750][  T113] kswapd1/113 is trying to acquire lock:
[  663.559760][  T113] ffffe8ffac438ff0 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600
[  663.570061][  T113] 
[  663.570061][  T113] but task is already holding lock:
[  663.572149][  T113] ffffffff8df4f160 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0x16e/0x18f0
[  663.574619][  T113] 
[  663.574619][  T113] which lock already depends on the new lock.
[  663.574619][  T113] 
[  663.577959][  T113] 
[  663.577959][  T113] the existing dependency chain (in reverse order) is:
[  663.580570][  T113] 
[  663.580570][  T113] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  663.582622][  T113]        fs_reclaim_acquire+0x102/0x150
[  663.584211][  T113]        __kmalloc_cache_node_noprof+0x55/0x3f0
[  663.586032][  T113]        zswap_cpu_comp_prepare+0xc9/0x470
[  663.587736][  T113]        cpuhp_invoke_callback+0x20c/0xa10
[  663.589401][  T113]        cpuhp_issue_call+0x1c0/0x980
[  663.590984][  T113]        __cpuhp_state_add_instance_cpuslocked+0x1a4/0x3c0
[  663.593075][  T113]        __cpuhp_state_add_instance+0xd7/0x2e0
[  663.594881][  T113]        zswap_pool_create+0x41c/0x710
[  663.596447][  T113]        zswap_setup+0x402/0x810
[  663.597917][  T113]        zswap_init+0x2c/0x40
[  663.599245][  T113]        do_one_initcall+0x128/0x630
[  663.600763][  T113]        kernel_init_freeable+0x58f/0x8b0
[  663.602386][  T113]        kernel_init+0x1c/0x2b0
[  663.603818][  T113]        ret_from_fork+0x45/0x80
[  663.605280][  T113]        ret_from_fork_asm+0x1a/0x30
[  663.606792][  T113] 
[  663.606792][  T113] -> #0 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}:
[  663.610133][  T113]        __lock_acquire+0x249e/0x3c40
[  663.612012][  T113]        lock_acquire.part.0+0x11b/0x380
[  663.613733][  T113]        __mutex_lock+0x19b/0xa60
[  663.615292][  T113]        zswap_store+0x910/0x2600
[  663.616831][  T113]        swap_writepage+0x3b6/0x1120
[  663.618459][  T113]        shmem_writepage+0xf7b/0x1490
[  663.620080][  T113]        pageout+0x3b2/0xaa0
[  663.621477][  T113]        shrink_folio_list+0x3025/0x42d0
[  663.623196][  T113]        evict_folios+0x6e7/0x1a50
[  663.624922][  T113]        try_to_shrink_lruvec+0x61e/0xa80
[  663.626885][  T113]        shrink_one+0x3e3/0x7b0
[  663.628850][  T113]        shrink_node+0xbf0/0x3f20
[  663.630863][  T113]        balance_pgdat+0xc1f/0x18f0
[  663.632953][  T113]        kswapd+0x605/0xc00
[  663.634738][  T113]        kthread+0x2c1/0x3a0
[  663.636098][  T113]        ret_from_fork+0x45/0x80
[  663.637617][  T113]        ret_from_fork_asm+0x1a/0x30
[  663.639156][  T113] 
[  663.639156][  T113] other info that might help us debug this:
[  663.639156][  T113] 
[  663.642157][  T113]  Possible unsafe locking scenario:
[  663.642157][  T113] 
[  663.644349][  T113]        CPU0                    CPU1
[  663.645918][  T113]        ----                    ----
[  663.647568][  T113]   lock(fs_reclaim);
[  663.648810][  T113]                                lock(&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex);
[  663.651495][  T113]                                lock(fs_reclaim);
[  663.653463][  T113]   lock(&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex);
[  663.655465][  T113] 
[  663.655465][  T113]  *** DEADLOCK ***
[  663.655465][  T113] 
[  663.657900][  T113] 1 lock held by kswapd1/113:
[  663.659276][  T113]  #0: ffffffff8df4f160 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0x16e/0x18f0
[  663.661958][  T113] 
[  663.661958][  T113] stack backtrace:
[  663.663670][  T113] CPU: 2 UID: 0 PID: 113 Comm: kswapd1 Not tainted 6.13.0-rc7-syzkaller-00149-g9bffa1ad25b8 #0
[  663.666702][  T113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  663.669851][  T113] Call Trace:
[  663.670813][  T113]  <TASK>
[  663.671717][  T113]  dump_stack_lvl+0x116/0x1f0
[  663.673149][  T113]  print_circular_bug+0x41c/0x610
[  663.674651][  T113]  check_noncircular+0x31a/0x400
[  663.676343][  T113]  ? __pfx_check_noncircular+0x10/0x10
[  663.678520][  T113]  ? lock_acquire.part.0+0x11b/0x380
[  663.680560][  T113]  ? lockdep_lock+0xc6/0x200
[  663.681871][  T113]  ? __pfx_lockdep_lock+0x10/0x10
[  663.683288][  T113]  __lock_acquire+0x249e/0x3c40
[  663.684699][  T113]  ? __pfx___lock_acquire+0x10/0x10
[  663.686167][  T113]  ? kasan_save_stack+0x42/0x60
[  663.687983][  T113]  ? kasan_save_stack+0x33/0x60
[  663.689913][  T113]  ? kasan_save_track+0x14/0x30
[  663.691789][  T113]  ? __kasan_slab_alloc+0x89/0x90
[  663.693607][  T113]  lock_acquire.part.0+0x11b/0x380
[  663.695488][  T113]  ? zswap_store+0x910/0x2600
[  663.697232][  T113]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  663.699284][  T113]  ? rcu_is_watching+0x12/0xc0
[  663.701054][  T113]  ? trace_lock_acquire+0x14e/0x1f0
[  663.702991][  T113]  ? zswap_store+0x910/0x2600
[  663.704741][  T113]  ? lock_acquire+0x2f/0xb0
[  663.706421][  T113]  ? zswap_store+0x910/0x2600
[  663.708169][  T113]  __mutex_lock+0x19b/0xa60
[  663.709840][  T113]  ? zswap_store+0x910/0x2600
[  663.711589][  T113]  ? zswap_store+0x910/0x2600
[  663.713337][  T113]  ? __pfx___mutex_lock+0x10/0x10
[  663.715184][  T113]  ? trace_kmem_cache_alloc+0x2d/0xd0
[  663.717164][  T113]  ? kmem_cache_alloc_node_noprof+0x219/0x3b0
[  663.719377][  T113]  ? zswap_store+0x862/0x2600
[  663.721052][  T113]  ? zswap_store+0x910/0x2600
[  663.722436][  T113]  zswap_store+0x910/0x2600
[  663.723839][  T113]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  663.725598][  T113]  ? swap_swapcount+0x18e/0x220
[  663.727034][  T113]  ? __pfx_zswap_store+0x10/0x10
[  663.728510][  T113]  ? swap_swapcount+0x13c/0x220
[  663.729933][  T113]  ? __mutex_unlock_slowpath+0x164/0x690
[  663.731549][  T113]  ? __pfx_swp_swap_info+0x10/0x10
[  663.733052][  T113]  ? __pfx_lock_release+0x10/0x10
[  663.734502][  T113]  swap_writepage+0x3b6/0x1120
[  663.735879][  T113]  shmem_writepage+0xf7b/0x1490
[  663.737300][  T113]  ? __pfx_shmem_writepage+0x10/0x10
[  663.738808][  T113]  ? hlock_class+0x4e/0x130
[  663.740133][  T113]  ? inode_to_bdi+0x9e/0x160
[  663.741467][  T113]  ? folio_clear_dirty_for_io+0x112/0x800
[  663.743113][  T113]  pageout+0x3b2/0xaa0
[  663.744305][  T113]  ? __pfx_pageout+0x10/0x10
[  663.745649][  T113]  ? __pfx_folio_referenced_one+0x10/0x10
[  663.747298][  T113]  ? __pfx_folio_lock_anon_vma_read+0x10/0x10
[  663.749062][  T113]  ? __pfx_invalid_folio_referenced_vma+0x10/0x10
[  663.750919][  T113]  ? lock_acquire+0x2f/0xb0
[  663.752241][  T113]  ? folio_evictable+0x2e/0x270
[  663.753663][  T113]  shrink_folio_list+0x3025/0x42d0
[  663.755131][  T113]  ? rcu_is_watching+0x12/0xc0
[  663.756526][  T113]  ? __pfx_shrink_folio_list+0x10/0x10
[  663.758092][  T113]  ? isolate_folios+0x1c57/0x3830
[  663.759533][  T113]  ? hlock_class+0x4e/0x130
[  663.760849][  T113]  ? mark_lock+0xb5/0xc60
[  663.762105][  T113]  ? mark_held_locks+0x9f/0xe0
[  663.763495][  T113]  evict_folios+0x6e7/0x1a50
[  663.764836][  T113]  ? __pfx_evict_folios+0x10/0x10
[  663.766283][  T113]  ? hlock_class+0x4e/0x130
[  663.767603][  T113]  ? __lock_acquire+0x15a9/0x3c40
[  663.769064][  T113]  ? __pfx___might_resched+0x10/0x10
[  663.770575][  T113]  ? mem_cgroup_get_nr_swap_pages+0x20/0x120
[  663.772314][  T113]  ? sc_swappiness+0xd4/0x190
[  663.773678][  T113]  try_to_shrink_lruvec+0x61e/0xa80
[  663.775173][  T113]  ? find_held_lock+0x2d/0x110
[  663.776557][  T113]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[  663.778191][  T113]  ? shrink_node+0xbd0/0x3f20
[  663.779548][  T113]  shrink_one+0x3e3/0x7b0
[  663.780798][  T113]  ? shrink_node+0xbd0/0x3f20
[  663.782158][  T113]  shrink_node+0xbf0/0x3f20
[  663.783474][  T113]  ? shrink_node+0x93e/0x3f20
[  663.784835][  T113]  ? __pfx_shrink_node+0x10/0x10
[  663.786246][  T113]  ? __pfx_lock_release+0x10/0x10
[  663.787688][  T113]  ? percpu_ref_put_many.constprop.0+0x1b/0x150
[  663.789471][  T113]  ? balance_pgdat+0xc1f/0x18f0
[  663.790865][  T113]  balance_pgdat+0xc1f/0x18f0
[  663.792229][  T113]  ? __pfx_balance_pgdat+0x10/0x10
[  663.793693][  T113]  ? __pfx___lock_acquire+0x10/0x10
[  663.795181][  T113]  ? __pfx___lock_acquire+0x10/0x10
[  663.796682][  T113]  ? find_held_lock+0x2d/0x110
[  663.798081][  T113]  ? cgroup_freezing+0x155/0x3d0
[  663.799505][  T113]  kswapd+0x605/0xc00
[  663.800661][  T113]  ? __pfx_kswapd+0x10/0x10
[  663.801962][  T113]  ? __pfx_autoremove_wake_function+0x10/0x10
[  663.803706][  T113]  ? lockdep_hardirqs_on+0x7c/0x110
[  663.805202][  T113]  ? __kthread_parkme+0x148/0x220
[  663.806643][  T113]  ? __pfx_kswapd+0x10/0x10
[  663.807961][  T113]  kthread+0x2c1/0x3a0
[  663.809139][  T113]  ? _raw_spin_unlock_irq+0x23/0x50
[  663.810629][  T113]  ? __pfx_kthread+0x10/0x10
[  663.811958][  T113]  ret_from_fork+0x45/0x80
[  663.813257][  T113]  ? __pfx_kthread+0x10/0x10
[  663.814585][  T113]  ret_from_fork_asm+0x1a/0x30
[  663.815963][  T113]  </TASK>
[  663.893161][T17737] netlink: 'syz.3.2981': attribute type 1 has an invalid length.
[  665.580794][ T5959] Bluetooth: hci2: command 0x0405 tx timeout

VM DIAGNOSIS:
17:09:42  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000000 RBX=ffff888023444880 RCX=ffffffff817649e9 RDX=0000000000000000
RSI=ffff888021c02440 RDI=ffff888023444894 RBP=ffffc9000345fb40 RSP=ffffc9000345f948
R8 =0000000000000000 R9 =fffffbfff2039efa R10=ffffffff901cf7d7 R11=00000000000a201e
R12=ffff888021c02440 R13=0000000000000000 R14=0000000000000001 R15=ffff88802b43ed00
RIP=ffffffff817467fa RFL=00000096 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f01fffc CR3=000000005c8ea000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff8145bd26 RDX=0000000000000000
RSI=ffffffff8bb17280 RDI=ffffffff8d830ce8 RBP=0000000000000001 RSP=ffffc900033d7588
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff817f1db3 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020d08000 CR3=000000005c8ea000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=000000000000000b DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=000000000000000d RCX=ffffffff817947a1 RDX=ffff88802037a440
RSI=ffffffff8179478d RDI=0000000000000001 RBP=1ffff92000217cb1 RSP=ffffc900010be578
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=00000000000c42c8
R12=0000000000000001 R13=0000000000000000 R14=ffff8880250d4880 R15=0000000000000001
RIP=ffffffff8179478f RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000621c0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 912b632e60d91e94 3f4783b0863008dc
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cb876f59e1aa0a1e f73a4cab692d5ce8
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cfb16f557e2430f5 9e02fd6918a04891
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cee4d899b3dbd7bd 0cf6591813471ec1
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000005a00
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c42bcc7acd312804 0000019200000192
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c4e150bed3734eee d40e74b20ff0d8a8
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c50484f000000192 0000019200000192
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000019200000000 d40de1b200800100
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 40c774b2bdbef053 ac7704341b14f760
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b524c35fa7900253 3d666f2dee137373
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
EAX=81fc4f3b EBX=00000006 ECX=ffffffff EDX=00000f3b
ESI=00000000 EDI=f7472000 EBP=f7470000 ESP=ffd39cd8
EIP=f713b64f EFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 5732d440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5115ffc CR3=0000000055ce6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a800000000 0000000700000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000